Autonomi has an interlocking set of features, each covering the others’ vulnerabilities. This means that data security on the Network is maximized. While 100 percent security is impossible, this strength-in-depth means that the sort of attacks common on the current web will be much harder to carry out on Autonomi.
Random address allocation: A new node joining the Network cannot set its own address and thus cannot decide which data it will be required to manage.
Nodes are added only as needed: Nodes that do not pull their weight or act as they should will be ignored, and will cease to earn.
Churn: Nodes are constantly joining or leaving. Membership is fluid.
Encryption: All data on the Network is protected by several layers of encryption.
Self-encryption: Content stored on the Network is broken into chunks with each chunk encrypted using its own hash and the hashes of the two previous chunks. These chunks are stored at geographically random locations (the XOR location being the hash of the encrypted chunk) with a number of copies retained for redundancy. Without a Data Map, the chunks cannot be retrieved and decrypted.
XOR Networking: Randomizes the geographical distribution of the chunks. Only someone in possession of the data map (i.e. the data owner) can find the chunks and piece them together again to recreate the content. An attacker trying to fake a chunk could not do so as its hash—and therefore its address on the Network—would be different. It could not be used to create a corrupted version of the file.
Self-Authentication: A user can create a store of data securely and anonymously without requiring any central server to mediate the login process or any trusted third party to store and manage users’ credentials.
: BLS cryptography allows secure authentication and multi-signature transactions.
Sybil attacks involve malicious actors generating multiple fake identities, known as Sybil nodes, in an attempt to control operations. With sufficient Sybil nodes controlling part of the address space, a malicious actor could block access to certain content, for example. Autonomi detects Sybil attacks by estimating the network size using a statistical method KL Divergence. This compares the real distribution of node IDs (i.e. their network addresses) with the theoretical one. A significant difference between the two could indicate a Sybil attack. At this point nodes looking for data at a certain address will broaden their search to include a wider range of peers than normal. Even if all nodes closest to a chunk of data are compromised, it may still be accessed via nodes that are further away.
MitM attacks rely on data being unencrypted or the victim’s browser accepting the attacker's certificate instead of the website’s certificate. They will not work on Autonomi.
Exceptionally difficult as there is no single point to attack. The Network will simply re-route around any nodes that are taken down.
Self-Encrypted data is considered 'quantum secure’, meaning that it cannot currently be defeated by a brute force attack, even with a quantum computer. On top of that, the volume of encrypted packets means that there could only be targeted attempts at decryption, and decentralization makes such targeting difficult.
While there is some feasibility to these attacks, as the Network cannot protect endpoints such as a device itself, such an attack would only compromise the user’s own data. Using such a compromise as a springboard for a wider attack on a database, or swaths of Network data, is just not possible, and would be of dubious value to an attacker outside of a highly targeted hack.
Files are stored in immutable data and cannot be changed, so ransomware cannot encrypt it, but it could potentially delete Data Maps or hide them, making data inaccessible.