HP researchers reveal details of browser based darknet

A day before its official presentation at the Blackhat security conference, HP researchers Billy Hoffman and Matt Wood allowed heise Security, The H's associated publication in Germany, a first peek at their browser-based darknet software called Veiled. A darknet is a virtual private network that can be used for communicating and sharing data without the risk of being spied on.

Unlike other darknets, such as Freenet or Gnutella TOR, Veiled works without needing to install client software and only consists of HTML and JavaScript code that can be fully processed by the browser. The only prerequisite is for the browser to be fully HTML5 compatible. According to Hoffman, the software works seamlessly under Firefox and Safari (iPhones included), and with certain restrictions, even under Internet Explorer 8. When used with IE, however, features like controlling the allocation of the local hard disk space to be used for the darknet are unavailable. HTML5 compatibility for Google's Chrome is planned from the forthcoming version 3.0.

When asked why they developed another darknet variety, Hoffman and Wood jointly replied: "Because we wanted to demonstrate that a browser can do more than display stupid web pages. We're also convinced that darknets would be much more widely used without the initial hurdles of having to download, install and configure client software."

Hoffman does point out that darknets are mainly used for illegal data sharing. However, the researcher thinks that the browser darknet will make the widespread use of legal applications more viable. For instance, Hoffman could imagine a darknet-based version of the Wikileaks whistle-blower site, whose configuration would be less likely to incur legal consequences than the traditional web server-based darknets.

Users start Veiled by requesting a specific PHP file, created by the darknet operator, from a web server. The file serves as a quasi router between all the darknet clients. Communication between the clients is RSA encrypted. For added security, the PHP file can be distributed across several web servers. When first requested, the original server notifies the clients of the other addresses, enabling the browser to access one of the backup supernodes in case of a connection failure.

As with other darknets there is no central storage location for the files shared by the darknet users. Every users allocates a freely configurable amount of hard disk space, and the darknet software distributes the shared files across the available disk space in pieces. Opera plans to implement a similar concept called Opera Unite in the forthcoming version of its browser.

In the case of Veiled, however, the disk space is only available for the duration of the browser session. To prevent potential data loss caused by bottlenecks, Veiled will automatically only allocate a fraction of the total storage space.

In addition to data sharing, Veiled also offers a group and a private chat feature (both AES encoded), a Web-in-Web feature (HTML files that point to files stored within the darknet) and a distributed computing feature (all the clients jointly process a task like computing a hash value). All the features have been implemented exclusively in JavaScript.

However, Hoffman and Wood have no intention of ever releasing their browser darknet prototype. According to the researchers, there will be neither a commercial nor an open source version. In the interview with heise Security, Hoffman said the latter is prevented by drawn-out internal HP processes. He said that after all, a number of intellectual property issues need to be clarified in detail first. However, it is planned that the HP researchers' presentation, which will be available to download from the conference website soon, will offer enough details of the researchers' specific solutions to allow other programmers to create Veiled clones.

See also: