Anonymity or evidence on Gnutella Network.

In most countries evidence is required before an action can be brought before a person or organisation. Your ISP reporting xxGB of transfer on port x is simply not enough an analysis of the protocols and data is required. Bearing this in mind it does not matter if an allegation of ‘you downloaded a 3mb files and allowed x amount of people to share it’ they have to show what the file contained as it could have been your latest song, audio message to you friends, family photo album or a holiday video.

Enter Encryption. As an example I will use PGP but feel free to replace with your chosen method. When you generate your key pair you can also generate and register a KEY ID, as part of the Gnutella protocol a user can request that the file be encrypted using their KEY ID. The acting server can the lookup the public key and send the encrypted data to the client who upon receipt decrypts it using their private key and pass phase.

Who to trust? That is a difficult issue, but if you decide that the person is trustworthy you can add their KEY ID to your client, which automatically allows them to download files from you. I knock-on effect of this is you can remove people who just leach from you by banning their KEY ID. By storing the KEY ID as a text file in their shared files directory if their client is not configured to allow you to download from them, then you will not be able to send them the file that they have requested.