What’s wrong with the Internet? Nothing really, if you are prepared to put up with its inherent unreliability and intrinsic vulnerabilities.
The Internet cannot be relied on if you need continuous secure communication between two end-points at a distance. The greater the distance, the greater the vulnerability and unreliability. The more important the communication line, the more important it is to protect it from attack.
The conventional Internet, designed originally by DARPA to survive even a nuclear assault is strangely susceptible to deceptively simple attacks. Routers can go down, name servers can be commandeered and corrupted, intervening high-level pipes can be tapped and data duplicated and stolen, addresses can be DOS’ed.
The source of the Internet’s vulnerability is its reliance on centralisation and authority. “Centralisation” refers to the manner in which communication channels are centrally allocated, controlled, and aggregated upward, along major channels, and through routers. “Authority” refers to the notion that the network users must trust that the network is kept secure and integral by the power of authorities which manage and maintain it. These vulnerabilities turn out to be severe, and relatively easily exploited. The key to addressing these vulnerabilities lies in bypassing them and engineering them out of the system. This is done by introducing principled de-centralisation and redundancy.
One way to do this is through “Mesh Networking”. “Mesh Networking” is a type of network topology that enables highly reliable, highly secure communications outside of the normal Internet architecture. It is completely de-centralised, and does not rely on any governing authority.
Mesh networking works by creating a large set of highly redundant pathways in a “mesh”. Whereas in the Internet network, each device must connect with a delegated superior device, in a mesh network each device on the network can communicate with any other immediately accessible device. With only a few exceptions, an Internet device generally has only one path to its destination. A Mesh device however has multiple ways of connecting with other devices near to it. Because all devices in the mesh have multiple paths, with each additional device, the number of possible paths increases exponentially. In a rich, defuse network, it is nearly impossible to interpose a blockage or remove a critical link. The endpoints themselves must be completely surrounded and blocked, something that is ordinarily impossible.
Mesh devices are usually located in relatively close physical proximity. Communication may be by fixed line, but more often they are connected by radio communications protocols, such as WiFi. In a conventional setting, a single mesh device, such as a laptop, would sense what mesh-enabled devices were nearby, and open channels to all of them. When it wanted to communicate to a particular device, it would broadcast a message to all devices, asking if they knew where this device was. The broadcast request is then propogated throughout the entire mesh, like the vibrations on a spider’s web, till the target endpoint eventually received the communication packet. The path that packet took, from source to destination then becomes a potential path. All potential paths then find their way to the endpoints, which select the shortest operational path, and use that. Secure communication between endpoints would then be negotiated using a form of encrypted communications over TCP (without IP, the Internet Protocol). If at any time the path becomes blocked, the process is repeated, and a new path is found. Network flooding by broadcast messages is limited by relatively sophisticated algorithms which prevent echoing and reechoing of requests to infinity. Devices can cache paths or path segments used repeatedly. Objects which cannot be found within a certain number of “hops” are deemed to be unreachable. In a mobile context, additional complexities exist as devices move between radio towers, but these are solvable.
It will be readily apparent that such a network is highly secure. Because it does not use fixed, predictable paths, the most common types of surveillance, involving a “man in the middle” approach becomes extremely difficult and uncertain. For instance, the Great Firewall of China, relying on spying on ISP’s could not work, as quite simply, there would be no ISP’s or other central authorities. No communications takes place except between devices on the path as determined in real-time each time a new path is needed between two endpoints. With web-type traffic, every request to a new domain would require a new path.
Novel as they may seem, Mesh Networks have been studied with increasing interest for nearly a decade. When I first contemplated the problem of Internet Network centrality in 2004, my first-cut solution was a Line-of-sight Infrared Laser Mesh Network, which I abandoned because it seemed impractical. Soon after this however, WiFi networks became cheap enough and powerful enough to make them practical in meshes. However, it soon became obvious that WiFi would have to become vastly cheaper than it was even five years ago if Mesh Networks were to be useable. Given the fascinating problems involved, papers began to appear, discussing many aspects of mesh topology and network behavior.[1]
In the eight years since I first became interested in them, a lot of progress has been made. A major Open Source project, indeed, an entire community has sprung up around the notion of Mesh Networks. Perhaps the most well-known is “Project MeshNet”.
Project Meshnet provides a portal to a number of projects related to the provisioning of mesh networks. Besides a slick animation, the project has a number of deliverables in varying stages of completion, including;
- a Mesh-in-a-Box solution, based on Linux called BYZANTIUM
- a Routing Engine (analogous to DNS) called CJDNS
- a Non-Profit organisation called the “Free Network Foundation” to support the effort
- and numerous other tools and sub-projects.
Considering that this is being done mostly by volunteers in their spare time, this is a remarkable achievement.
For all the evident progress, many problems remain. One of the primary considerations in mesh networks is performance. The introduction of multiple radio systems have been proposed to alleviate this, but performance is a function of power, and as such, performance problems will dog mesh networks for a long while to come.[2] As we all know, performance is everything on the Internet. Meshnet performance issues are a deal breaker for ordinary netizens used to “Google speed” queries and terabytes of content no more than a click away. The Internet may be flawed, but it’s flaws are insignificant to most users. Our disenchantment with the Internet will only really come when we experience the first cataclysmic failure of our global communications infrastructure.
MeshNets may never be used for casual web surfing, but they are perfect for small information packet transfer, such as messaging systems. The primary utility of the MeshNet is as an unkillable failover system, perfect for the Post-Apocalyptic Road Warrior who has everything.
Linda Wright
Resources
Wireless Mesh Networks Wiki Article
[1] J. Jun, M.L. Sichitiu, “The nominal capacity of wireless mesh networks”, in IEEE Wireless Communications, vol 10, 5 pp 8-14. October 2003