{"id":17594753,"url":"https://github.com/dedis/prifi","last_synced_at":"2025-03-08T15:30:43.093Z","repository":{"id":46732310,"uuid":"52909510","full_name":"dedis/prifi","owner":"dedis","description":"PriFi, a low-latency, local-area anonymous communication network.","archived":true,"fork":false,"pushed_at":"2024-01-09T13:24:19.000Z","size":151989,"stargazers_count":48,"open_issues_count":28,"forks_count":11,"subscribers_count":22,"default_branch":"master","last_synced_at":"2024-10-23T03:03:13.806Z","etag":null,"topics":["anonymity","network","protocol"],"latest_commit_sha":null,"homepage":"https://prifi.net","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"agpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/dedis.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2016-03-01T20:57:39.000Z","updated_at":"2024-05-07T12:15:09.000Z","dependencies_parsed_at":"2024-06-18T23:59:21.929Z","dependency_job_id":"4c5dac20-102a-4d59-9df4-aa246c24cbf2","html_url":"https://github.com/dedis/prifi","commit_stats":null,"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dedis%2Fprifi","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dedis%2Fprifi/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dedis%2Fprifi/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dedis%2Fprifi/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/dedis","download_url":"https://codeload.github.com/dedis/prifi/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":242571081,"owners_count":20151417,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["anonymity","network","protocol"],"created_at":"2024-10-22T07:08:18.882Z","updated_at":"2025-03-08T15:30:41.050Z","avatar_url":"https://github.com/dedis.png","language":"Go","funding_links":[],"categories":["Problems"],"sub_categories":["3. DC (dining cryptographers problem)"],"readme":"# PriFi: A Low-Latency, Tracking-Resistant Protocol for Local-Area Anonymity [![Build Status](https://travis-ci.org/dedis/prifi.svg?branch=master)](https://travis-ci.org/dedis/prifi) [![Go Report Card](https://goreportcard.com/badge/github.com/dedis/prifi)](https://goreportcard.com/report/github.com/dedis/prifi) [![Coverage Status](https://coveralls.io/repos/github/dedis/prifi/badge.svg?branch=master)](https://coveralls.io/github/dedis/prifi?branch=master)\r\n\r\n\r\n\u003e [!WARNING]  \r\n\u003e This software is archived and of experimental quality. Do not use it yet for security-critical purposes. Use at your own risk!\r\n\r\n\r\n## Introduction\r\n\r\nThis repository implements PriFi, an anonymous communication protocol with provable traffic-analysis resistance and small latency suitable for wireless networks. PriFi provides a network access mechanism for protecting members of an organization who access the Internet while on-site (via privacy-preserving WiFi networking) and while off-site (via privacy-preserving virtual private networking or VPN). The small latency cost is achieved by leveraging the client-relay-server topology common in WiFi networks. The main entities of PriFi are: relay, trustee server (or Trustees), and clients. These collaborate to implement a Dining Cryptographer's network ([DC-nets](https://en.wikipedia.org/wiki/Dining_cryptographers_problem)) that can anonymize the client upstream traffic. The relay is a WiFi router that can process normal TCP/IP traffic in addition to running our protocol.\r\n\r\nFor an extended introduction, please check our [website](https://prifi.net/).\r\n\r\nFor more details about PriFi, please check our [paper](https://petsymposium.org/2020/files/papers/issue4/popets-2020-0059.pdf).\r\n\r\n## Getting PriFi\r\n\r\nFirst, [get the Go language](https://golang.org/dl/), \u003e= 1.13\r\n\r\nThen, get PriFi by doing:\r\n\r\n```\r\ngo get github.com/dedis/prifi/sda/app\r\ncd $GOPATH/src/github.com/dedis/prifi\r\nmake install\r\n```\r\n\r\n## Running PriFi\r\n\r\n### Configuration\r\n\r\nPriFi uses [ONet](https://github.com/dedis/onet) as a network framework. It is easy to run all components (trustees, relay, clients) on one machine for testing purposes, or on different machines for the real setup.\r\n\r\nEach component (relay/client/trustee) has an *ONet configuration* : an identity (`identity.toml`, containing a private and public key), and some knowledge of the others participants via `group.toml`. For your convenience, we pre-generated some identities in `config/identities_default`.\r\n\r\n### Automated Testing, all components in localhost\r\n\r\nTravis should have made these check for you; current status: [![Build Status](https://travis-ci.org/dedis/prifi.svg?branch=master)](https://travis-ci.org/dedis/prifi)\r\n\r\nWhat is tested:\r\n- `make test`: Go tests for all important modules + Go style (fmt/lint)\r\n- `make it`: Integration tests with multiple configurations, no data (simply tests that the PriFi network runs)\r\n- `make it2`: Integration tests with multiple configurations + GET request to google.com through PriFi\r\n\r\nAll-in-one test (tests all 16 configurations in `config/`, takes 5min):\r\n```bash\r\n$ make it2\r\n\r\nThis test check that PriFi's clients, trustees and relay connect and start performing communication rounds, and that a Ping request can go through (back and forth).\r\nGonna test with config/prifi-integration-dummydown-test.toml\r\nSocks proxy not running, starting it...[ok]\r\nStarting relay...                      [ok]\r\nStarting trustee 0...                  [ok]\r\nStarting client 0... (SOCKS on :8081)  [ok]\r\nStarting client 1... (SOCKS on :8082)  [ok]\r\nStarting client 2... (SOCKS on :8083)  [ok]\r\nWaiting 20 seconds...\r\nDoing SOCKS HTTP request via :8081...   [ok]\r\nDoing SOCKS HTTP request via :8082...   [ok]\r\nDoing SOCKS HTTP request via :8083...   [ok]\r\nTest succeeded\r\n...\r\n```\r\n\r\nRunning only the \"main\" configuration (takes 20 seconds):\r\n```\r\n$ ./test.sh integration2 config/prifi.toml\r\n\r\nThis test check that PriFi's clients, trustees and relay connect and start performing communication rounds, and that a Ping request can go through (back and forth).\r\nGonna test with config/prifi.toml\r\nSocks proxy not running, starting it...[ok]\r\nStarting relay...                      [ok]\r\nStarting trustee 0...                  [ok]\r\nStarting client 0... (SOCKS on :8081)  [ok]\r\nStarting client 1... (SOCKS on :8082)  [ok]\r\nStarting client 2... (SOCKS on :8083)  [ok]\r\nWaiting 20 seconds...\r\nDoing SOCKS HTTP request via :8081...   [ok]\r\nDoing SOCKS HTTP request via :8082...   [ok]\r\nDoing SOCKS HTTP request via :8083...   [ok]\r\nTest succeeded\r\nAll tests passed.\r\n```\r\n\r\n### Automated Testing, all components in localhost, with Docker\r\n\r\nSame thing as above, but via docker (and hence without the requirement for go):\r\n\r\n- `docker run lbarman/prifi`\r\n\r\n(docker might require `sudo` on some systems)\r\n\r\n### Manual Testing, all components in localhost\r\n\r\nYou can test PriFi by running `./prifi.sh all-localhost`. This will run a SOCKS server, a PriFi relay, a Trustee, and three clients on your machine. They will use the identities in `config/identities_default`.\r\n \r\nYou can check what is going on by doing `tail -f {clientX|relay|trusteeX|socks}.log`.\r\n\r\n![relay.log](screenshots/relay.png)\r\n\r\nYou can test browsing through PriFi by setting your browser to use a SOCKS proxy on `localhost:8081`, or with `curl`:\r\n\r\n```curl -w \"@curl_format.cnf\" --socks5 127.0.0.1:8080 --max-time 10 \"http://google.com/\"```\r\n\r\n### Running PriFi manually, entity by entity\r\n\r\nMove to `$GOPATH/src/github.com/dedis/prifi`, and open 5 terminals as follows:\r\n \r\n ![like this](screenshots/manual-run1.png)\r\n\r\nRun in order the following commands:\r\n- `./prifi.sh trustee 0`\r\n- `./prifi.sh relay`\r\n- `cd socks \u0026\u0026 ./run-socks-proxy.sh`\r\n- `./prifi.sh client 0`\r\n- and, after a while `curl -w \"@curl_format.cnf\" --socks5 127.0.0.1:8080 --max-time 10 \"http://google.com/\"`\r\n\r\nThe result should look like [this](screenshots/manual-run2.png).\r\n\r\n### Using PriFi in a real setup\r\n\r\nTo test a real PriFi deployement, first, re-generates your identity (so your private key is really private). The processed is detailed in the [README about ./prifi.sh startup script](README_prifi.sh.md).\r\n \r\n## Reproducing experiments\r\n\r\nYou need a [Deterlab](http://deterlab.net/) account, which needs to be setup in [the following config file](sda/simulation/deter.toml).\r\n\r\nIn Deterlab, deploy [the following topology](sda/simulation/deter.ns).\r\n\r\nThen, simply run `./simul.sh simul`; as you can see in `simul.sh`, there are dozen of commands to regenerate the various graphs, e.g., `simul-vary-nclients`, ` simul-skype`, etc.\r\n\r\n## Reproducing graphs\r\n\r\nExperiments produce raw log files; then, they are processed into graph using some scripts. This happens in [this other repo](https://github.com/lbarman/prifi-experiments), where all raw logs \u0026 resulting graphics have been preserved for reproducibility.\r\n\r\n## More documentation\r\n\r\n - [README about the Architecture and SOCKS Proxies](README_architecture.md)\r\n\r\n - [README about ./prifi.sh startup script](README_prifi.sh.md)\r\n\r\n - [README about contributing to this repository](README_contributing.md)\r\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdedis%2Fprifi","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdedis%2Fprifi","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdedis%2Fprifi/lists"}