Users can prevent information leakage by using private IPFS networks, content encryption, and gateways.
Original title: “IPFS Privacy Overview”
Author: Xiaoxi
In previous articles, I discussed the privacy of IPFS and mentioned the limitations of IPFS in terms of privacy. Today I will share with you in more detail about the privacy of IPFS.
Regarding IPFS, many readers have such a misunderstanding—when a user stores a file in the IPFS system, the system will generate a hash value for the stored file. If the hash value (also known as CID) is not disclosed , Then the stored content will not be made public.
In fact, this is a misunderstanding.
When a user stores a file on the IPFS network, the hash value generated by the system may be given to any node in the system, as long as a node wants to retrieve the file. Because if the hash value of this file is not shared with other nodes, no one knows that the file is stored in the system, and other nodes cannot retrieve the file.
This problem does not seem to be a big issue now. This is not because IPFS already has a privacy protection mechanism, but because IPFS is still a very young project, and its use is not wide enough. There are not many projects that people use it to do, and people have not. Seriously consider how to monitor IPFS.
So why is the hash value of IPFS public?
IPFS uses Distributed Hash Table (DHT) like many other distributed storage technologies. When IPFS stores a new file, it will broadcast it to all nodes in the system.
So that all nodes in the system can know where to find this file. The more nodes know, the easier it is to retrieve this file.
This broadcast behavior of the system occurs internally, and it is one of the working principles of IPFS. But in the field of commercial applications, this broadcast behavior becomes very sensitive.
For commercial interests, if a company knows that such a thing will happen, in order to collect information, the company will try its best to record all the content that is broadcast.
The recording method is also very simple, just add the log function to the IPFS node to record all the broadcasted hash values.
Not only is the hash value publicly traceable, but the user who retrieves the content can also be traced.
When a node needs to retrieve some content from the IPFS system, the node will send a retrieval request to all neighbor nodes it connects to. Therefore, it is perfectly possible to follow the method of recording the hash value and record the request for content retrieval in detail. In this way, it is clear which node has retrieved what content.
Is there a way to protect privacy in IPFS?
Yes, we share several common methods.
The first way is to build a private IPFS network
The private IPFS network can provide the highest level of privacy and protect the content from being seen by unrelated persons. The working principle of the private IPFS network is the same as that of the public IPFS network. The only difference is that it only allows nodes in the network to view information.
Nodes accessing the private IPFS network need a private key. Therefore, when building a private IPFS network, the most important thing is to protect the private key to prevent leakage.
The second method is content encryption
If you do not use a private IPFS network, but store files in a public IPFS network, it is recommended that users encrypt the content of the file before uploading the file. Although there is no way to prevent the hash value from being broadcasted, even if someone gets the hash value, they cannot see the original document.
The third way is to use a gateway
Gateways can also come in handy in protecting data privacy. When users retrieve content, they can use the gateway to hide their true identity.
Using the gateway to search in the public IPFS network, other nodes only see that the gateway is retrieving content and do not know the user who uses the gateway to search.
But there is also a hidden danger here, that is, the gateway may record the user’s retrieval behavior. Therefore, if you are not at ease about this, users have to think of other ways to protect their identity.
When we use IPFS, it is important to keep in mind that we are actually using a public network. Every behavior we do on the public network may be recorded and tracked.
Although we have given several ways to protect privacy, each has its strengths and weaknesses. Users should choose the appropriate method according to their actual situation.
Source link: mp.weixin.qq.com
