Author
I have a basic knowledge of winsock, and a moderate knowledge of Win32, and I was thinking of learning a bit about P2P, leading into what might become a P2P instant messenger. Could anyone reccomend any good articles? Also, I have a question -- how do P2P apps get an initial IP address? How can they figure out WHAT to connect to? Doesn't there HAVE to be a central server that, at the very least, get's a P2P user started with the IP's of some of his peers?
Edit: I probably shouldn't be trying to do this with my level of knowledge, should I...
[Edited by - Pirate33 on March 8, 2005 4:45:53 PM]
For some of the less advanced P2P apps, indeed, a list of servers are needed first off, and then those servers have a list of files, and who has them. The servers then connect the two computers together. I think some of the more advanced apps actually search the network, and form a mesh of clients, essentially. I don't think they rely on any list. :)
For an instant messenger program, you'll need a central server. Otherwise you'll have to ask the user for the IP address of the other person. Which would mean they'd probably have to use MSN or something to ask their friend what their IP is :P
MSN has a central server (actually lots of them). When you log in, it sends you a list of your contacts, and what state they're in (online, offline, busy, away, etc). When you start a conversation with someone, MSN connects the two users to a switchboard session, and they talk to each other through the switchboard. This way the two users don't have a direct connection to each other, so you don't need to worry about disclosing peoples IP addresses (although it's not such a big problem as you might think) and you don't need to worry about firewalls / NATs (since neither user has to accept a connection).
MSN has a central server (actually lots of them). When you log in, it sends you a list of your contacts, and what state they're in (online, offline, busy, away, etc). When you start a conversation with someone, MSN connects the two users to a switchboard session, and they talk to each other through the switchboard. This way the two users don't have a direct connection to each other, so you don't need to worry about disclosing peoples IP addresses (although it's not such a big problem as you might think) and you don't need to worry about firewalls / NATs (since neither user has to accept a connection).
Quote:Original post by ryanmfwThat's true. Actually, a P2P messenger might not be too bad. If you can find a way of getting around the asking for an IP problem, and don't want huge networks of people (one status change needs to be sent through the whole network). I still wouldn't want to write one though [smile]
Yeah, but then the man could track you down..
:p
If you don't want the man to track you down, set your P2P system up such that you have to route queries through at least three other nodes before getting to the destination. Something like FreeNet, perhaps. Although they seem to have significant performance problems in their design.
Idea.
You go and you have "uer management servers". These basically hand out usernames, with basekeys.
For eg. username:NC@server.
basekey:Somemd5Hashhere.
Now, only you know both your username and your basekey, so when your loging on, you go and you send your username, and a hash of the basekey, with an iv (that you give them), which forms your hashkey.
This way any user can autherise any other user. As well as check authentisity (if you trust the servers. But thats a given. Only allow you to talk to people who are authed by serers you trust.)
Naturally this can be extended, with basekey1, basekey2, basekey3, for a range of different base keys. (each one with different iv's tho).
This way, you would have to attack many many different servers, in order to appear to be someone who your not. (becuse you'd have to hack them to make sure that they would auth you).
You can also use pkc and sign the keys.
From,
Nice ocder
You go and you have "uer management servers". These basically hand out usernames, with basekeys.
For eg. username:NC@server.
basekey:Somemd5Hashhere.
Now, only you know both your username and your basekey, so when your loging on, you go and you send your username, and a hash of the basekey, with an iv (that you give them), which forms your hashkey.
This way any user can autherise any other user. As well as check authentisity (if you trust the servers. But thats a given. Only allow you to talk to people who are authed by serers you trust.)
Naturally this can be extended, with basekey1, basekey2, basekey3, for a range of different base keys. (each one with different iv's tho).
This way, you would have to attack many many different servers, in order to appear to be someone who your not. (becuse you'd have to hack them to make sure that they would auth you).
You can also use pkc and sign the keys.
From,
Nice ocder
Also don't forget:
Query random ip adresses to see if they are actual comps.
Once you find one, he can then tell you a few comps that he is connected to. You can then check them to find which ones there connected to, ect. (you jsut grab a few ips to connect to, so you have, maybe 1K connections).
Form,
Nice coder
Query random ip adresses to see if they are actual comps.
Once you find one, he can then tell you a few comps that he is connected to. You can then check them to find which ones there connected to, ect. (you jsut grab a few ips to connect to, so you have, maybe 1K connections).
Form,
Nice coder
Quote:Original post by Evil SteveQuote:Original post by ryanmfwThat's true. Actually, a P2P messenger might not be too bad. If you can find a way of getting around the asking for an IP problem, and don't want huge networks of people (one status change needs to be sent through the whole network). I still wouldn't want to write one though [smile]
Yeah, but then the man could track you down..
:p
Eh, just ping everyone on the internet. You'll eventually find whomever you desire to speak with. :p
EDIT: Upon reading this, I didn't solve the first problem, and I just dodged the second one. I need sleep, ok! :P I'll post with a better reply later. :)
OK, in all seriousness, searching for other nodes by pinging nearby computers I think is already done by a lot of the newer P2P programs, and it works pretty well. That's certainly something that *could* be done, but, the scheme only works if you don't care about who you talk to. To find a certain node, you must first connect to a node, and then conduct a search of all of the nodes it's connected to. Only once you've done an exhaustive search of all of the nodes it's connected to, you can be sure it's not on that chain. Then you have to move to another node, seperate from the previous list, which you must then exhaustively search. With the millions of people using IM programs, it would become *incredibly* cumbersome. Nice Coder's idea of having a central server to hand out the IP's of friends could work though.
Essentially, just have a central server that maintains IP addresses with usernames. To add a friend to your friend list or just chat with them, you would ask the server to mediate between you and your friend. You would have already established a secure connection with the server. The server would contact the friend's client, which would inform the user that you would wish to chat, or add them to your friend list. If the client accepts, keys are exchanged securely between you, and the server sends the IP of the friend to you. For just a chat, that would be that, except, maybe a temporary key would be used, instead of the normal one, but for adding to a friend list, another bit of information should be stored by you, to verify to the server that you have previously chatted, and have been accepted by your friend to become a buddy. This, I think, was what Nice Coder was talking about, or at least, it's similar.
This is really off of the top of my head here, but this might work. Let's say someone contacts you to be a friend of theirs, well, if you accept, you take your private key, encrypt their username, or whatever, if you want, encrypt that as well, and then send that off to your new friend. Upon resuming of the chat, the server passes the token that your friend stored back to you, where your client verifies that the token is correct(i.e. matches the username, and is someone on your friend list as well), and tells the server to connect you directly. The advantages would be that it would be P2P. the conversations could(should) be encrypted, and, your IP address is only given to people you know.
I can't really think up anything more right now, but it's an interesting problem. I will be programming, however, a program to test how networks mesh, to see what the chances are of having to connect to different nodes.
Cheers,
Ryanmfw
Quote:
Original post by ryanmfw
To find a certain node, you must first connect to a node, and then conduct a search of all of the nodes it's connected to. Only once you've done an exhaustive search of all of the nodes it's connected to, you can be sure it's not on that chain. Then you have to move to another node, seperate from the previous list, which you must then exhaustively search. With the millions of people using IM programs, it would become *incredibly* cumbersome.
If you're still desperate to make a p2p I think you could do this, but make it less cumbersome by keeping these connections open to the first few nodes you checked, up to a max of (some max number you think is appropriate) That way you know that even though "Bob" might only be talking to "John", he had to search 5 other node chains first so you can still get to those chains through him. This would create a much larger group and you could search further. However, it wouldn't necessarily be any faster if you're searching a more extensive node when they are still in another node.
Also, you could get connected nodes to also join a multicast group. Then to search the chain of people would only require one packet sent to the group.
This topic is closed to new replies.
Advertisement
Popular Topics
Advertisement
