Threat Model
This document describes the threats KayakNet is designed to protect against and its limitations.
Adversary Types
Local Passive Adversary
Description: Can observe traffic on your local network (ISP, network admin)
Capabilities:
See encrypted traffic to KayakNet peers
Log connection times and durations
Measure traffic volumes
KayakNet Protection:
✅ TLS hides packet contents
✅ Onion routing hides destinations
✅ Traffic padding obscures patterns
⚠️ Can see you're using KayakNet
Network Adversary
Description: Controls some nodes in the network
Capabilities:
Observe traffic through their nodes
Attempt correlation attacks
Try to manipulate routing
KayakNet Protection:
✅ E2E encryption (content protected)
✅ 3-hop routing (partial view only)
✅ Peer scoring limits malicious nodes
⚠️ May see timing if on circuit
Global Passive Adversary
Description: Nation-state level, can observe most internet traffic
Capabilities:
Monitor traffic at multiple points
Perform traffic correlation
Long-term analysis
KayakNet Protection:
✅ Traffic padding and mixing
✅ Timing obfuscation
⚠️ Statistical correlation possible
❌ Cannot fully prevent with enough observation
Active Adversary
Description: Can inject, modify, or drop traffic
Capabilities:
Attempt man-in-the-middle
Block connections
Inject fake messages
KayakNet Protection:
✅ Signatures prevent forgery
✅ Authentication detects tampering
✅ Multiple paths for redundancy
⚠️ Can block (but not decrypt)
Specific Attacks
Sybil Attack
Attack: Create many fake nodes to dominate the network
Protection:
Proof-of-Work required for new nodes
Peer scoring deprioritizes suspicious behavior
Diverse peer selection limits impact
Residual Risk: Well-resourced attacker could still create many nodes
Eclipse Attack
Attack: Surround a target with malicious nodes
Protection:
Diverse peer selection (by subnet, geography)
Minimum connections from different sources
Bootstrap node diversity
Residual Risk: Possible if attacker controls network infrastructure
Timing Attack
Attack: Correlate message timing to identify sender/receiver
Protection:
Random delays on forwarding
Traffic mixing
Dummy traffic generation
Residual Risk: Statistical correlation with enough observations
Traffic Analysis
Attack: Analyze patterns to infer activity
Protection:
Constant packet size
Traffic padding
Mixing pools
Dummy traffic
Residual Risk: Long-term patterns may emerge
Replay Attack
Attack: Replay captured messages
Protection:
Nonce tracking
Timestamp validation
Sequence numbers
Residual Risk: None (fully mitigated)
Denial of Service
Attack: Flood network to prevent legitimate use
Protection:
Rate limiting
Proof-of-Work
Peer scoring and banning
Distributed architecture
Residual Risk: Localized disruption possible
Trust Model
What You Trust
Your device
Full
If compromised, all bets off
KayakNet code
Verify
Open source, auditable
Bootstrap node
Initial only
Only for discovery
Peers
None
Assumed adversarial
Network
None
Assumed monitored
What You Don't Trust
Any single node
Any network path
Any external service
Any other user's identity (unless verified)
Security Assumptions
Cryptography is sound - Ed25519, X25519, ChaCha20 are secure
Random numbers are random - crypto/rand is properly seeded
Your device isn't compromised - No malware, keyloggers
Implementation is correct - No critical bugs
Known Limitations
Cannot Protect Against
Compromised endpoints - If your device is hacked
Physical coercion - "Rubber hose" cryptanalysis
User error - Revealing identity through behavior
Quantum computers - (Future: PQ upgrade planned)
Infinite resources - Global adversary with unlimited budget
Metadata Leaks
Even with protection, some metadata exists:
You're using KayakNet (connection to peers)
Approximate activity level (traffic volume)
General online times (connection presence)
Operational Security
KayakNet protects network traffic, not:
What you type (screen capture)
What you view (shoulder surfing)
What you save (disk forensics)
What you share (if recipient reveals)
Recommendations
High Security Needs
Use dedicated device
Boot from USB (Tails-like)
Use VPN or Tor as additional layer
Never reveal real identity
Assume everything is monitored
Standard Use
Keep software updated
Use strong device security
Don't mix anonymous/real identities
Clear history when done
Use private browsing mode
Reporting Vulnerabilities
Found a security issue?
Do NOT disclose publicly
Email: [email protected]
PGP key available on keyserver
We respond within 48 hours
90-day disclosure timeline
Last updated