Robert Kaye, creatively-titled Mayhem & Chaos Coordinator of MusicBrainz, has an interesting article at OpenP2P.com titled 'Next-Generation File Sharing with Social Networks' in which he talks about social, legal, and technical issues of Darknets, private secure P2P network built around social networks.

He recommends SSH-based protocol with interesting techniques like Port Knocking (as in secret knocks) and media identifiers like Bitzi and MusicBrainz provides.  Port Knocking, in particular, got me chuckling.  The idea, described as a system for stealthy authentication across closed ports, is to use a series of secret pattern of connection attempts to a series of closed and logged ports.  Unless the right pattern is used, the server either refuses connection or act innocent by providing some bogus service.

Robert also analyzed the attack model using RIAA as the bad guys.

1. Server attack: The central server gets hacked, raided by legal attackers, or otherwise compromised. Since the server operates blindly with respect to what the clients are doing, the server contains no incriminating evidence. The attacker cannot tell a recipe-trading network from a movie-trading network. At worst, the IP addresses of the members can be exposed and those must be pursued with a John Doe lawsuit.
2. Client attack: A client gets hacked, raided by legal attackers, or otherwise compromised. The compromised client could potentially continue operating and collect the IP addresses of everyone in the network. Incriminating behavior could be observed.
3. Social client attack: An attacker gets invited to the network and starts participating in the network. Over time, the attacker can collect all of the IP addresses of the members and possibly observe incriminating behavior.

While the article was interesting, Darknets are doomed IMHO because of #3: social client attack.  All RIAA has to do is offer financial incentives to encourage people to infiltrate or betray Darknets.  His defense seems to be that Darknets are protected by being a more difficult or costly target to chase than easier targets like Kazaa.  I disagree because financial incentives are paid out only when results are delivered.