You are here

Talk @ Oxford: A Public Key Infrastructure for Social Movements in the Age of Universal Surveillance

On March 3rd 2014 Christian Grothoff gave a talk on "A Public Key Infrastructure for Social Movements in the Age of Universal Surveillance" at Oxford. You can now find the video below.

Read more Tuesday, July 29, 2014 - 12:08 Christian Grothoff

Talk @ TUM: Peter Schaar on "Gibt es einen Schutz vor Totalüberwachung?"

On July 7th 2014 Peter Schaar (Head of the European Academy for Freedom of Information and Data Protection, former Bundesdatenschutzbeauftrager) gave a talk about technology, law and surveillance in German. You can find the video below.

Read more Friday, July 11, 2014 - 11:21 Christian Grothoff

Testing your NAT boxes for compatibility with Knock

With reference to Knock, we would like to move to the next stage towards having fully-authenticated TCP connections over the Internet. However, we need your help in order to get an estimation of how well the average home gateways are able to handle the data which is sent out by Knock. We thus provide code which performs the needed measurements for GNU/Linux, OSX, Windows and Android as well as their compiled equivalents, which can be downloaded at the end of this article.

What data do we collect?

We collect the MAC address of your NAT box, ISN and TCP timestamp values as generated by your device and received by our server, a timestamp, a boolean if the received data was valid (simple checksum) and an identifier of the country to which the IP address you were running the test from is assigned to. We believe that none of this information (including the combination) is really sensitive. For why we need exactly this data, please refer to the technical details below.

Running the Client

For those who just want to help us collect the data we need, we quickly outline how to run the precompiled client on each platform.

Linux, Mac OS X

All you need to do is to download the file for your operating system at the end of this page, unpack and run it with root permissions. If you are not familiar with the command line, follow the instructions below.

  1. Open a terminal. The following commands determine the operating system, then download and unpack the client:
    $ os=$(echo $OSTYPE | sed 's/darwin/osx/;s/[0-9].//;s/-gnu//')
    $ curl "$os.tar_0.gz" -o "client_$os.tar.gz"
    $ tar -xzf client_$os.tar.gz

    Optional: Verify the signature of the binary using GnuPG. Download the public key from this website to the same directory where you saved the client, execute
    $ gpg --import 6D451038.asc
    $ gpg --verify client_$os.sig

    and look for a line stating Good signature from "Julian Kirsch" or similar. It should be followed by the following primary key fingerprint: F949 CFBD 140A 6DD0 71E9 0B8C DC24 396B 6D45 1038.

  2. Execute the client with root permissions to collect the data (If you do not want the client to transmit the Ethernet address of your NAT router, add --disable-mac to the end of the command line):
    $ sudo ./client_$os
  3. Optional: If your Linux distribution does not use sudo you need to execute the client with su -c "./client_linux"

  4. Done.


  1. Download the Windows version of the client to a directory of your choice.
  2. Download & install winpcap. (Optional: A great opportunity to learn more about the network stack is Wireshark, which also needs winpcap installed on your machine.)
    Optional: If you want to check the authenticity of the provided signature, download and install GnuPG for Windows. (Use a separate guide when needed. Especially make sure that GnuPG is included in your %PATH% variable) Then, fire up a command line and enter:
    $ gpg --import 6D451038.asc
    $ gpg --verify client_windows.sig
  3. Navigate to the location where you stored the client (client_windows.exe) and double click it to start the execution. (Optional: If you do not want the client to transmit the Ethernet address of your NAT router, create a shortcut to the client_windows.exe program by dragging it while holding down the right button of your mouse. Right click the newly created shortcut and choose "Properties". Add --disable-mac to the end of the path name displayed in the "Target" field.)
  4. Done.

Compiling the Client

We give brief instructions on how to compile the client which collects the data for each platform. If you do not want to or are unable to compile the code on your own, then you can also download the precompiled binary for the operating system of your choice. (instructions, see above)


Download the client.c file from the attached list. Make sure that the development files (headers and libraries) of libpcap are installed. (Most likely called libpcap-dev or libpcap-devel in your favorite distribution.) Afterwards compile the code and explicitly link with libpcap and libpthread:

$ gcc -lpcap -lpthread client.c -o client_linux

Then, type as root:

# ./client_linux

You can use --disable-mac to explicitly keep the program from sending out the ethernet address of your NAT box. However, this would prevent us from detecting double-submissions.

Mac OS X

Download the client.c file from the attached list. As OSX comes with libpcap preinstalled, you can directly compile the code either using clang or gcc as desired:

$ clang -lpcap -lpthread client.c -o client_osx
$ gcc -lpcap -lpthread client.c -o client_osx

Running the code requires either to be root or to be member of the access_bpf group.

# ./client_osx


In order to be able to compile the code for windows you need to download two files from the list below: client.c and windows_helpers.h. Place them together in one directory. Get the newest winpcap dev's package from and install it on your machine. Download the latest version of the POSIX thread library and unzip the directory tree. Then, using gcc, open a command prompt and enter

$ gcc -I<path_to_pcap_include_dir> -I<path_to_winpthread_include_dir> ^
-L<path_to_pcap_lib_dir> -L<path_to_winpthread_lib_dir> ^
-lwpcap -lpthread -lws2_32 -liphlpapi client.c -o client_windows

replacing the names in brackets with the correct locations within your file system. If you are using Visual Studio instead, create a new empty console application and add the client.c and windows_helpers.h files to the newly created project. Then, open the project properties (Alt+F7) and add the paths to the "include" and "lib" directories of winpcap and winpthread under Configuration PropertiesVC++ DirectoriesInclude Directories and Configuration PropertiesVC++ DirectoriesLibrary Directories. Then compile and run the code using the designated buttons in VS.

Technical Background

In this section we explain what we are trying to measure and why.

Knock and TCP headers

We are interested in how your NAT box at home treats two special TCP header fields:

  • The initial sequence number (ISN), see rfc793 (Pages 16, 27ff.)
  • The TSval field of the optional TCP timestamp header, see rfc1323 (Pages 12ff.)

Knock uses these two field in order to authenticate TCP connections. It embeds data derived from a pre-shared key in the outgoing ISN of a connection that should be secured and also takes the TCP timestamp (if present) into account in
order to establish replay awareness. Please refer to the research paper or the implementation of Knock for further details how this is done.

NAT boxes could be hazardous

This is where Network Address Translation (NAT) comes into play. In a typical home network, NAT boxes replace the source IP address and the source TCP/UDP port of a packet with the public IP address that was assigned to the network gateway by your Internet service provider (ISP) and a port chosen according to some rules. Knock was designed to be aware of this and therefore does not rely on the source IP or the source TCP port. However, as stated above, Knock does rely on other information contained in the TCP header. If this information gets corrupted by the NAT box, Knock cannot operate as intended. We thus need to find out to what extent the NAT implementations "in the wild" perform changes to the relevant TCP header fields.

Measuring your NAT box

The code we would like you to run does one very simple thing: It sends out a TCP SYN packet (a probe) to one of our testing machines on the internet and extracts the following information from the packet as it is put onto the wire using libpcap:

  • The source address of the IP header. We need this to determine if the packet as it is received by the server has been NATed at all.
  • The ISN field of the TCP header (see above)
  • The TSval field of the (optional) TCP timestamp header (see above)
  • The ethernet address of your NAT box. We would like to be able to group the results by the manufacturer of the NAT box and detect duplicate submissions. Note that you can use the --disable-mac switch in order to only transmit the OUI (wiki) part of the ethernet address. However, the full ethernet address helps us to not double-count your probes.

This 4-tuple gets transmitted after the successful TCP handshake to the server. The server does the following:

  1. Listening for SYN packets sent to the designated port
  2. Extraction of the received source IP, ISN and TSval fields
  3. Extraction of the sent source IP, ISN, TSval and the gateway's ethernet address from the first packet carrying the payload sent by the client
  4. Checking if the probe is valid (just a simple fletcher checksum to keep out random port scans / potential exploits carrying data for a different network service)
  5. Checking if the source IP in the payload does not match the source IP observed by the server (i.e. that the probe has been NATed). If the source IP didn't change, the probe and all data is discarded.
  6. Performing a Geo IP lookup to get the originating country of the probe
  7. Storing of the tuple (hwaddr_sent, isn_sent, isn_recv, tsval_sent, tsval_recv, UNIX_tstamp, checksum_valid, geo_string)

Afterwards the connection is closed as all relevant data has been collected.


So, all in all, we would like you to run the attached code in order to find out how realistic it is to assume that Knock can be deployed on home devices. In order to find out, we collect data such as the TCP header fields before and after passing the NAT box as indicated above. We also try to fetch the ethernet address of the NAT box in order to prevent double-counting and to obtain the manufacturer of your NAT box. As uncomfortable you may feel with this decision, you may well have noticed that we do not store your remote IP address. This means that there is no connection between the ethernet address and the public IP address, and clearly without this information we can not track you (however, you need to trust us that we do not store your IP). Also, your ethernet address is transmitted in the clear over the Internet. The ethernet address effectively turns into a semi-random-ID which gives us some additional hints but does not harm your privacy too much. If you only want to share the OUI of your NAT box, then the option --disable-mac is for you. Lastly, we store the two letter country code of the originating IP and discard all information but the 8-tuple introduced above.

For those who are unwilling to install the libraries needed to compile the source, we provide statically linked binaries signed using PGP. Please note that the program needs root access to work on GNU/Linux and Windows users need to have winpcap installed on their machines (this might be a great opportunity to check out wireshark which also depends on winpcap and allows you to improve your networking-ninja-skills). We also are interested how carrier-grade NAT behaves and therefore provide a binary for ARM-based devices running Linux. We tested it on some popular Android devices and also found it working on the Raspberry Pi. Note that you need root access in order to run the code --- your favorite Android device thus needs to be rooted.

Last but not least we would like to thank all people who are willing to run our code on their devices. As we believe in the strength of open research, all results including the raw data will be published on this website (however, after deduplication MACs will be truncated to the OUI) .

Read more Wednesday, May 14, 2014 - 07:44 kirschju

Presenting CADET, GNUnet's routing and transport layer

In the upcoming Med-Hoc-Net 2014 we will present a paper describing GNUnet's CADET service (previously known as "mesh") which allows a GNUnet application to communicate securely with any peer on the network knowing only it's Peer Identity.

If you want to know exactly what it offers, how it works and how it performs, you can check out the paper now.

Read more Thursday, May 8, 2014 - 16:15 Bart Polot

Heartbleed's OpenSSL installation used to be vulnerable to Heartbleed. Naturally we updated the code on the server shortly after the vulnerability was disclosed, and we have now also updated the private key. Users with logins on are nevertheless urged to update their passwords.

Read more Thursday, April 10, 2014 - 17:03 Christian Grothoff

Installing GNUnet 0.10.1 on Ubuntu 14.04

Here is a brief summary how to install GNUnet 0.10.1 on Ubuntu 14.04 (at the moment based on 14.04 Beta, but should also work for 13.10).

Please check Generic Instructions for more information about groups etc.

Read more Tuesday, April 8, 2014 - 15:55 Matthias Wachs

Installing GNUnet from Git on Ubuntu 14.4

Here a brief summary how to install GNUnet from Subversion on Ubuntu 14.4 (atm based on 14.4 alpha and should also work for 13.10).

Please check Generic Instructions for more information about groups etc.

Read more Tuesday, April 8, 2014 - 15:44 Matthias Wachs

Verein zur Förderung von GNUnet e.V.

On December 27th 2013 a group of GNUnet hackers met at 30c3 to create the "Verein zur Förderung von GNUnet e.V.", an association under German law to support GNUnet development. The Amtsgericht München registered the association on the 7th of March under VR 205287.

The association is officially dedicated to supporting research, development and education in the area of secure decentralized networking in general, and GNUnet specifically. This is the official website for the association.


You can find our "Satzung", and the list of members under The current board consists of:

Christian Grothoff
stellvertretender Vorsitz
Matthias Wachs
Florian Dold
Sree Harsha Totakura, Lurchi

Becoming a Member of GNUnet e.V.

GNUnet developers with Subversion (write) access can become members to participate in the decision process and formally support GNUnet e.V. For this, all you have to do is update the members.txt file in the gnunet-ev repository. There are no membership dues; however, members are required to support GNUnet e.V. and in particularly contribute to the technical development within their means. For further details, we refer to the Satzung (currently only available in German).

Support Us!

Everybody is welcome to support us via donations. For financial contributions, Europeans are able to donate via SEPA. We hope to setup accounts in other major currency areas in the future. You can also donate via Bitcoin, routing details are given below. Please note that we are unable to provide receipts for your donations. If you are planning to donate a significant amount of money, please contact us first as it might be better to come to a custom arrangement.

DE67830654080004822650 (BIC/SWIFT: GENODEF1SLR)

Official Meeting Notes

Read more Tuesday, April 1, 2014 - 07:09 Christian Grothoff


Subscribe to Front page feed