# Threat Model This document describes the threats KayakNet is designed to protect against and its limitations. ## Adversary Types ### Local Passive Adversary **Description**: Can observe traffic on your local network (ISP, network admin) **Capabilities**: * See encrypted traffic to KayakNet peers * Log connection times and durations * Measure traffic volumes **KayakNet Protection**: * ✅ TLS hides packet contents * ✅ Onion routing hides destinations * ✅ Traffic padding obscures patterns * ⚠️ Can see you're using KayakNet ### Network Adversary **Description**: Controls some nodes in the network **Capabilities**: * Observe traffic through their nodes * Attempt correlation attacks * Try to manipulate routing **KayakNet Protection**: * ✅ E2E encryption (content protected) * ✅ 3-hop routing (partial view only) * ✅ Peer scoring limits malicious nodes * ⚠️ May see timing if on circuit ### Global Passive Adversary **Description**: Nation-state level, can observe most internet traffic **Capabilities**: * Monitor traffic at multiple points * Perform traffic correlation * Long-term analysis **KayakNet Protection**: * ✅ Traffic padding and mixing * ✅ Timing obfuscation * ⚠️ Statistical correlation possible * ❌ Cannot fully prevent with enough observation ### Active Adversary **Description**: Can inject, modify, or drop traffic **Capabilities**: * Attempt man-in-the-middle * Block connections * Inject fake messages **KayakNet Protection**: * ✅ Signatures prevent forgery * ✅ Authentication detects tampering * ✅ Multiple paths for redundancy * ⚠️ Can block (but not decrypt) ## Specific Attacks ### Sybil Attack **Attack**: Create many fake nodes to dominate the network **Protection**: * Proof-of-Work required for new nodes * Peer scoring deprioritizes suspicious behavior * Diverse peer selection limits impact **Residual Risk**: Well-resourced attacker could still create many nodes ### Eclipse Attack **Attack**: Surround a target with malicious nodes **Protection**: * Diverse peer selection (by subnet, geography) * Minimum connections from different sources * Bootstrap node diversity **Residual Risk**: Possible if attacker controls network infrastructure ### Timing Attack **Attack**: Correlate message timing to identify sender/receiver **Protection**: * Random delays on forwarding * Traffic mixing * Dummy traffic generation **Residual Risk**: Statistical correlation with enough observations ### Traffic Analysis **Attack**: Analyze patterns to infer activity **Protection**: * Constant packet size * Traffic padding * Mixing pools * Dummy traffic **Residual Risk**: Long-term patterns may emerge ### Replay Attack **Attack**: Replay captured messages **Protection**: * Nonce tracking * Timestamp validation * Sequence numbers **Residual Risk**: None (fully mitigated) ### Denial of Service **Attack**: Flood network to prevent legitimate use **Protection**: * Rate limiting * Proof-of-Work * Peer scoring and banning * Distributed architecture **Residual Risk**: Localized disruption possible ## Trust Model ### What You Trust | Component | Trust Level | Justification | | -------------- | ------------ | ---------------------------- | | Your device | Full | If compromised, all bets off | | KayakNet code | Verify | Open source, auditable | | Bootstrap node | Initial only | Only for discovery | | Peers | None | Assumed adversarial | | Network | None | Assumed monitored | ### What You Don't Trust * Any single node * Any network path * Any external service * Any other user's identity (unless verified) ## Security Assumptions 1. **Cryptography is sound** - Ed25519, X25519, ChaCha20 are secure 2. **Random numbers are random** - crypto/rand is properly seeded 3. **Your device isn't compromised** - No malware, keyloggers 4. **Implementation is correct** - No critical bugs ## Known Limitations ### Cannot Protect Against 1. **Compromised endpoints** - If your device is hacked 2. **Physical coercion** - "Rubber hose" cryptanalysis 3. **User error** - Revealing identity through behavior 4. **Quantum computers** - (Future: PQ upgrade planned) 5. **Infinite resources** - Global adversary with unlimited budget ### Metadata Leaks Even with protection, some metadata exists: * You're using KayakNet (connection to peers) * Approximate activity level (traffic volume) * General online times (connection presence) ### Operational Security KayakNet protects network traffic, not: * What you type (screen capture) * What you view (shoulder surfing) * What you save (disk forensics) * What you share (if recipient reveals) ## Recommendations ### High Security Needs 1. Use dedicated device 2. Boot from USB (Tails-like) 3. Use VPN or Tor as additional layer 4. Never reveal real identity 5. Assume everything is monitored ### Standard Use 1. Keep software updated 2. Use strong device security 3. Don't mix anonymous/real identities 4. Clear history when done 5. Use private browsing mode ## Reporting Vulnerabilities Found a security issue? 1. **Do NOT** disclose publicly 2. Email: 3. PGP key available on keyserver 4. We respond within 48 hours 5. 90-day disclosure timeline --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.kayaknet.io/security/threat-model.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.