Hi everyone,
I am attaching the conversation from the assistants list over.
Here is the TL;DR: I want to write my master's thesis on Tor, preferrably on a topic that has to do with Hidden Services and/or Cryptography in Tor.
I have followed George's recommendations and read through some of the sources provided. In the end, several topics seem appealing to me, but before moving on I'd like to get some feedback from you guys on whether you'd consider the topics worth researching or even have some additional ideas.
HSDir tracking: I have taken a look at the idea of PIR ( https://en.wikipedia.org/wiki/Private_information_retrieval) and the problem associated with getting HS descriptiors. I have only looked at the theory of PIR so far and not yet an idea of how this can be accomplished (and to what extend) in practice.
Certificates for HS: I find this topic particularly interesting and have followed the discussion. The general concept seems like a great thing to achieve and it could actually outperform the regular SSL/CA infrastructure stuff as it could remove the need for CAs. Unfortunately, this seems something that is not extensive enough to warrant a whole thesis. If you guys think otherwise, please let me know.
Tor with mix features: Tor has the explicit goal of being a low-latency network. However, there are several protocols where high-latency would be acceptable. I liked the idea of high latency HSes (https://lists.torproject.org/pipermail/tor-dev/2014-November/007818.html). I'd like to know what you think about this idea being viable. It would have the advantage of being very flexible from just a theoretic evaluation down to a real implementation so I could adjust this to my time. But only if this is actually desired so it does not need to stay theoretic. I think it would be very interesting to evaluate whether this can improve or hurt anonymity of low-latency users, as well.
Traffic confirmation attacks: This is here more or less for completeness. I know this topic is open for several years and would be one of the most powerful countermeasures to deploy but unless someone has started on something that I could build upon, I don't see myself coming up with something useful here.
Guard discovery attacks: I have only read roughly what these attacks are. I'd like to know if it would make sense to take a deeper look here, i.e. you think extensive research is needed on that topic.
Improving crypto for HSes: The blog entry on HS (https://blog.torproject.org/blog/hidden-services-need-some-love) vaguely states that crypto for HSes could be improved. However, the article is over a year old and I know the new rend-spec-ng exists, so I'd like to know whether there's anything here to work on. I have a fairly good background on cryptography, so I'd like to help here if help is needed.
Cryptography: There's two proposal ideas, one from 2010 (https://gitweb.torproject.org/torspec.git/blob/HEAD:/proposals/ideas/xxx-cry...) and one from 2011 (https://gitweb.torproject.org/torspec.git/blob/HEAD:/proposals/ideas/xxx-new...) which builds on that. Has some of this been addressed? Is this still being worked on or just leftover that has already been integrated to the desired level? Would an analysis of the cryptography used in Tor make sense to you, i.e. building on those documents reviewing where and how Tor uses cryptography to secure its operations and evaluating the methods used?
Onion addresses: I took a look at several approaches around censorship-resistant lookups, e.g. the GNS (see George's recommendation below) and Aarown Swartz's proposal on squaring Zooko's triangle by achieving all three properties. I think it would be a cool thing if it were actually possible to improve onion addresses to be human-readable, especially when they get longer by using bigger keys in the future (since 80 bit won't suffice). I don't know if this is actually possible (I see some issues on Aaron's proposal and Dan Kaminsky confirmed them) but working out a scheme that makes handling the names easier for users while not sacrificing the security would help a lot, I think.
This would be the bigger topics I have found on which I could see myself building a thesis. I also stumbled upon smaller research questions (e.g. whether running a bridge/relay is good, bad or doesn't make a difference for anonymity) but none of those warrant a full 6 month thesis so I discarded them for the moment.
If you could take the time to evaluate my ideas and let me know what you think, I'd greatly appreciate that. The hardest thing here as an outsider is to assess the current situation and figure out where work is actually needed and where problems/issues have already been addressed so any help from you guys would really help me.
Thanks in advance & Regards, Florian Rüchel
P.S.: George:
I'm about to relocate, so my reply will be short! Come and find us in CCC for more.
Unfortuantely, I don't know what you mean by CCC :(
Ah, I'm also a fan of the FluxFingers team :)
Great! Have played some CTFs for yourselves, then? Are you member of a team?
Thanks for your quick reply, it has helped me a great deal moving forward on this project.
On 12.11.2014 23:15, George Kadianakis wrote:
Florian Rüchel florian.ruechel.tor@inexplicity.de writes:
Hello everyone,
I am about to write my master's thesis and am evaluating Tor as my research topic. I have read through several documents (including the Ideas page of the research page and the Research page on the Volunteer's page). I also read "Hidden Services need some love" (https://blog.torproject.org/blog/hidden-services-need-some-love) and especially followed the section on cryptography (reading both proposals) with great interest.
Before diving into more of those documents that are available, I noticed you encourage people to contact you through this list should they wish to conduct research. Right now I am in a very early state as I have not chosen a topic yet. In my choice I want to do something that benefits the Tor network, satisfies my professor and involves topics I generally care for.
As noted above, I took particular interest in Hidden Services and general cryptography used by Tor. So if possible, I would like to have those two (or one of those topics) to focus my thesis on. Of course, I need to define my topic in such a way that it fits my time schedule (half a year, full-time) and that my professor accepts it.
Now, before moving any further I'd like to know if there are any further documents I should read that are more up to date than the documents indicated above (especially the crypto specs are from 2010/2011 so I don't know how far the network has moved here). It would also be interesting to know whether some of the issues described for Hidden Services are already addressed and whether my research would be better directed somewhere else.
I would be glad if you could take the time to respond to my request so as to help me define my topic better.
Greetings,
I'm about to relocate, so my reply will be short! Come and find us in CCC for more.
I'd first suggest you to join and skim over the [tor-dev] mailing list: https://lists.torproject.org/pipermail/tor-dev/ Especially this month there has been an increase of threads about hidden services, so I'd suggest you to check it out.
I'd also suggest you to read the recent blog post about the attacks against HSes: https://blog.torproject.org/blog/thoughts-and-concerns-about-operation-onymo...
The blog post offers plenty of material for research, since it lists various attacks and issues with the security of HSes that we need to fix and would definitely benefit from further thinking. Check the guard discovery [tor-dev] thread for example.
Also check this recent thread: https://lists.torproject.org/pipermail/tor-dev/2014-October/007642.html which is part of figuring out work for a funded project. Most of those tasks are not very interesting for you, but you can find deeper research questions in some of them.
Another guy recently did his thesis on HS scaling: https://lists.torproject.org/pipermail/tor-dev/2014-April/006788.html
There is also this stuff: https://lists.torproject.org/pipermail/tor-dev/2013-November/005878.html related to the HSDir hashring in rend-spec-ng.txt.
And check out the "Trawling Hidden Services" paper by Ralf et al.
For example, on a more key management tone, petname systems for HSes would be very interesting, which is related to the recent work of GNUNet with GNS: https://gnunet.org/gns
BTW, keep in mind that some of these projects will be moving during the next year.
Also, if you have public questions which would benefit more people, it would be great if you could post in [tor-dev] instead of here. It's good to answer obscure HS questions in public so that more people can understand the protocol.
Ah, I'm also a fan of the FluxFingers team :)
Thanks for the interest and hope this was useful.
On 26 November 2014 at 06:58, Florian Rüchel florian.ruechel.tor@inexplicity.de wrote:
Certificates for HS: I find this topic particularly interesting and have followed the discussion. The general concept seems like a great thing to achieve and it could actually outperform the regular SSL/CA infrastructure stuff as it could remove the need for CAs. Unfortunately, this seems something that is not extensive enough to warrant a whole thesis. If you guys think otherwise, please let me know.
I think there are some things here that might be large enough. Specifically: What is the best way to present an Extended Validation badge in Tor Browser without requiring a CA signature. Some ideas that have been thrown around: - Have a .com leaf cert sign a .onion cert, change the green to orange, and show the original domain name - Have some sort of Namecoin/Sovereign-Keys like structure (also applicable to petnames) - User-configurable and managed favorites system in an extension that petnames a Hidden Service to a name, for that user only
Tor with mix features: Tor has the explicit goal of being a low-latency network. However, there are several protocols where high-latency would be acceptable. I liked the idea of high latency HSes (https://lists.torproject.org/pipermail/tor-dev/2014-November/007818.html). I'd like to know what you think about this idea being viable. It would have the advantage of being very flexible from just a theoretic evaluation down to a real implementation so I could adjust this to my time. But only if this is actually desired so it does not need to stay theoretic. I think it would be very interesting to evaluate whether this can improve or hurt anonymity of low-latency users, as well.
Lots of people love the idea of getting High-Latency inlaid in the Tor network. There is definitely interest here. This sounds like more than a 6 month thesis, but maybe if you bit off a chunk of it.
This would be the bigger topics I have found on which I could see myself building a thesis. I also stumbled upon smaller research questions (e.g. whether running a bridge/relay is good, bad or doesn't make a difference for anonymity) but none of those warrant a full 6 month thesis so I discarded them for the moment.
Hm, maybe "Can an attacker distinguish traffic leaving an exit node from the following three profiles:" - User on that machine doing interactive web browsing - User SSH-ed into that machine doing interactive web browsing - Person using Tor exiting through that relay
I suspect the answer is "Yes, easily." but AFAIK it's never been demonstrated, and there's an unofficial recommendation you see repeated places that say "Oh, run an exit relay so your traffic mixes with it."
-tom
Florian Rüchel florian.ruechel.tor@inexplicity.de writes:
Hi everyone,
I am attaching the conversation from the assistants list over.
Here is the TL;DR: I want to write my master's thesis on Tor, preferrably on a topic that has to do with Hidden Services and/or Cryptography in Tor.
I have followed George's recommendations and read through some of the sources provided. In the end, several topics seem appealing to me, but before moving on I'd like to get some feedback from you guys on whether you'd consider the topics worth researching or even have some additional ideas.
Some comments follow:
HSDir tracking: I have taken a look at the idea of PIR ( https://en.wikipedia.org/wiki/Private_information_retrieval) and the problem associated with getting HS descriptiors. I have only looked at the theory of PIR so far and not yet an idea of how this can be accomplished (and to what extend) in practice.
This is worth researching and even implementing a PoC of. There are various places in the Tor protocols that PIR could be applied.
However I don't know how feasible it is for an MSc thesis. I remember that Ian Goldberg had a nice survey paper of PIR schemes. There are even some implementations of some PIR schemes floating the internet, but they are probably research quality implementations.
Certificates for HS: I find this topic particularly interesting and have followed the discussion. The general concept seems like a great thing to achieve and it could actually outperform the regular SSL/CA infrastructure stuff as it could remove the need for CAs. Unfortunately, this seems something that is not extensive enough to warrant a whole thesis. If you guys think otherwise, please let me know.
Tor with mix features: Tor has the explicit goal of being a low-latency network. However, there are several protocols where high-latency would be acceptable. I liked the idea of high latency HSes (https://lists.torproject.org/pipermail/tor-dev/2014-November/007818.html). I'd like to know what you think about this idea being viable. It would have the advantage of being very flexible from just a theoretic evaluation down to a real implementation so I could adjust this to my time. But only if this is actually desired so it does not need to stay theoretic. I think it would be very interesting to evaluate whether this can improve or hurt anonymity of low-latency users, as well.
I agree. Very interesting area. I'm hoping for Tor to move the area forward during the next one year. We will see.
Parallel research would be good. Some ideas to move forward: https://lists.torproject.org/pipermail/tor-dev/2014-November/007859.html
Traffic confirmation attacks: This is here more or less for completeness. I know this topic is open for several years and would be one of the most powerful countermeasures to deploy but unless someone has started on something that I could build upon, I don't see myself coming up with something useful here.
Guard discovery attacks: I have only read roughly what these attacks are. I'd like to know if it would make sense to take a deeper look here, i.e. you think extensive research is needed on that topic.
A few people are thinking about this actively, and I'm hoping that this topic will also move forward over the next months.
I believe that there is research to be done here. See the relevant thread for some directions.
Improving crypto for HSes: The blog entry on HS (https://blog.torproject.org/blog/hidden-services-need-some-love) vaguely states that crypto for HSes could be improved. However, the article is over a year old and I know the new rend-spec-ng exists, so I'd like to know whether there's anything here to work on. I have a fairly good background on cryptography, so I'd like to help here if help is needed.
Maybe check the part about the HSDir hashring? https://trac.torproject.org/projects/tor/ticket/8244 https://lists.torproject.org/pipermail/tor-dev/2013-November/005878.html
Cryptography: There's two proposal ideas, one from 2010 (https://gitweb.torproject.org/torspec.git/blob/HEAD:/proposals/ideas/xxx-cry...) and one from 2011 (https://gitweb.torproject.org/torspec.git/blob/HEAD:/proposals/ideas/xxx-new...) which builds on that. Has some of this been addressed? Is this still being worked on or just leftover that has already been integrated to the desired level? Would an analysis of the cryptography used in Tor make sense to you, i.e. building on those documents reviewing where and how Tor uses cryptography to secure its operations and evaluating the methods used?
Yes, a crypto/code audit would indeed be very useful.
Onion addresses: I took a look at several approaches around censorship-resistant lookups, e.g. the GNS (see George's recommendation below) and Aarown Swartz's proposal on squaring Zooko's triangle by achieving all three properties. I think it would be a cool thing if it were actually possible to improve onion addresses to be human-readable, especially when they get longer by using bigger keys in the future (since 80 bit won't suffice). I don't know if this is actually possible (I see some issues on Aaron's proposal and Dan Kaminsky confirmed them) but working out a scheme that makes handling the names easier for users while not sacrificing the security would help a lot, I think.
Yes, definitely interesting and worth doing. Many possible directions and ideas too.
See this thread http://archives.seul.org/or/dev/May-2013/msg00115.html for some ideas.
Another interesting idea is the anonymous blacklisting protocols, like Nymble. Making a practical (implementable) such protocol, would give us a very good push in the "block all Tor users from accesing our website" fight.
Also, feel free to drop by IRC. It's #tor-dev at OFTC. Most Tor developers are active there and would be glad to answer any questions.
This would be the bigger topics I have found on which I could see myself building a thesis. I also stumbled upon smaller research questions (e.g. whether running a bridge/relay is good, bad or doesn't make a difference for anonymity) but none of those warrant a full 6 month thesis so I discarded them for the moment.
If you could take the time to evaluate my ideas and let me know what you think, I'd greatly appreciate that. The hardest thing here as an outsider is to assess the current situation and figure out where work is actually needed and where problems/issues have already been addressed so any help from you guys would really help me.
Thanks in advance & Regards, Florian Rüchel
P.S.: George:
I'm about to relocate, so my reply will be short! Come and find us in CCC for more.
Unfortuantely, I don't know what you mean by CCC :(
Ah, I'm also a fan of the FluxFingers team :)
Great! Have played some CTFs for yourselves, then? Are you member of a team?
Thanks for your quick reply, it has helped me a great deal moving forward on this project.
On 12.11.2014 23:15, George Kadianakis wrote:
Florian Rüchel florian.ruechel.tor@inexplicity.de writes:
Hello everyone,
I am about to write my master's thesis and am evaluating Tor as my research topic. I have read through several documents (including the Ideas page of the research page and the Research page on the Volunteer's page). I also read "Hidden Services need some love" (https://blog.torproject.org/blog/hidden-services-need-some-love) and especially followed the section on cryptography (reading both proposals) with great interest.
Before diving into more of those documents that are available, I noticed you encourage people to contact you through this list should they wish to conduct research. Right now I am in a very early state as I have not chosen a topic yet. In my choice I want to do something that benefits the Tor network, satisfies my professor and involves topics I generally care for.
As noted above, I took particular interest in Hidden Services and general cryptography used by Tor. So if possible, I would like to have those two (or one of those topics) to focus my thesis on. Of course, I need to define my topic in such a way that it fits my time schedule (half a year, full-time) and that my professor accepts it.
Now, before moving any further I'd like to know if there are any further documents I should read that are more up to date than the documents indicated above (especially the crypto specs are from 2010/2011 so I don't know how far the network has moved here). It would also be interesting to know whether some of the issues described for Hidden Services are already addressed and whether my research would be better directed somewhere else.
I would be glad if you could take the time to respond to my request so as to help me define my topic better.
Greetings,
I'm about to relocate, so my reply will be short! Come and find us in CCC for more.
I'd first suggest you to join and skim over the [tor-dev] mailing list: https://lists.torproject.org/pipermail/tor-dev/ Especially this month there has been an increase of threads about hidden services, so I'd suggest you to check it out.
I'd also suggest you to read the recent blog post about the attacks against HSes: https://blog.torproject.org/blog/thoughts-and-concerns-about-operation-onymo...
The blog post offers plenty of material for research, since it lists various attacks and issues with the security of HSes that we need to fix and would definitely benefit from further thinking. Check the guard discovery [tor-dev] thread for example.
Also check this recent thread: https://lists.torproject.org/pipermail/tor-dev/2014-October/007642.html which is part of figuring out work for a funded project. Most of those tasks are not very interesting for you, but you can find deeper research questions in some of them.
Another guy recently did his thesis on HS scaling: https://lists.torproject.org/pipermail/tor-dev/2014-April/006788.html
There is also this stuff: https://lists.torproject.org/pipermail/tor-dev/2013-November/005878.html related to the HSDir hashring in rend-spec-ng.txt.
And check out the "Trawling Hidden Services" paper by Ralf et al.
For example, on a more key management tone, petname systems for HSes would be very interesting, which is related to the recent work of GNUNet with GNS: https://gnunet.org/gns
BTW, keep in mind that some of these projects will be moving during the next year.
Also, if you have public questions which would benefit more people, it would be great if you could post in [tor-dev] instead of here. It's good to answer obscure HS questions in public so that more people can understand the protocol.
Ah, I'm also a fan of the FluxFingers team :)
Thanks for the interest and hope this was useful.
tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
On Tue, Dec 02, 2014 at 08:57:09PM +0000, George Kadianakis wrote:
This is worth researching and even implementing a PoC of. There are various places in the Tor protocols that PIR could be applied.
However I don't know how feasible it is for an MSc thesis. I remember that Ian Goldberg had a nice survey paper of PIR schemes. There are even some implementations of some PIR schemes floating the internet, but they are probably research quality implementations.
Actually, I hope our Percy++ PIR library is better quality than that:
- Ian
Hi everyone,
I have taken some time and considered my topic for the Master's Thesis. I have finally decided to write it on integrating high-latency traffic with the Tor low-latency network (see also my initial mail and George's response[1]).
My primary research goal is to determine the impact of a mix network inside Tor, especially on low-latency users of the network. For this, I plan to use shadow [2] with scallion to simulate the Tor network. I then want to integrate Mix features into the network and see how the network reacts to certain attacks, attacking the mix users as well as the non-mix users. A crucial part in this evaluation will be to determine whether the anonymity of regular Tor users might be reduced (for example just by drawing away users from low- to high-latency traffic) or whether it might actually be improved (it could attract more users into the same network).
However, for this evaluation/simulation to work, I need to attack my simulation, i.e. become the adversary and measure the effectiveness of my attacks. And for this, I need the actual implementation. So if anyone has access or can direct me to implementations that I can use, I would be glad for your help.
It would also help me a lot if you can direct me to papers or articles that have shown specific attacks that are known to work on the current network.
Finally, I am currently considering using Mixminion as my basis for a mix network as it seems well designed and addresses a lot of known attacks. I currently do not plan to evaluate its security but instead only the effect its usage has on attacks that work on regular Tor users. However, if anyone can propose a better mix network to base my work on, please let me know.
Thanks to everyone for your support.
Regards, Florian Rüchel
[1] https://lists.torproject.org/pipermail/tor-dev/2014-December/007913.html
Certificates for HS: I find this topic particularly interesting and have followed the discussion. The general concept seems like a great thing to achieve and it could actually outperform the regular SSL/CA infrastructure stuff as it could remove the need for CAs. Unfortunately, this seems something that is not extensive enough to warrant a whole thesis. If you guys think otherwise, please let me know.
Tor with mix features: Tor has the explicit goal of being a low-latency network. However, there are several protocols where high-latency would be acceptable. I liked the idea of high latency HSes (https://lists.torproject.org/pipermail/tor-dev/2014-November/007818.html). I'd like to know what you think about this idea being viable. It would have the advantage of being very flexible from just a theoretic evaluation down to a real implementation so I could adjust this to my time. But only if this is actually desired so it does not need to stay theoretic. I think it would be very interesting to evaluate whether this can improve or hurt anonymity of low-latency users, as well.
I agree. Very interesting area. I'm hoping for Tor to move the area forward during the next one year. We will see.
Parallel research would be good. Some ideas to move forward: https://lists.torproject.org/pipermail/tor-dev/2014-November/007859.html
Florian Rüchel florian.ruechel.tor@inexplicity.de writes:
Hi everyone,
I have taken some time and considered my topic for the Master's Thesis. I have finally decided to write it on integrating high-latency traffic with the Tor low-latency network (see also my initial mail and George's response[1]).
Hello,
yes it does sound like an interesting research topic.
My primary research goal is to determine the impact of a mix network inside Tor, especially on low-latency users of the network. For this, I plan to use shadow [2] with scallion to simulate the Tor network. I then want to integrate Mix features into the network and see how the network reacts to certain attacks, attacking the mix users as well as the non-mix users. A crucial part in this evaluation will be to determine whether the anonymity of regular Tor users might be reduced (for example just by drawing away users from low- to high-latency traffic) or whether it might actually be improved (it could attract more users into the same network).
Yes, I'm also wondering whether the anonymity of low-latency Tor would increase if we plugged a high-latency network into it, and also the opposite. I'm curious on whether one network will act as cover traffic for the other, and what kind of adversaries that would fool.
On this topic you might also enjoy the paper "Sleeping dogs lie on a bed of onions but wake when mixed" by Paul Syverson: https://petsymposium.org/2011/papers/hotpets11-final10Syverson.pdf
However, for this evaluation/simulation to work, I need to attack my simulation, i.e. become the adversary and measure the effectiveness of my attacks. And for this, I need the actual implementation. So if anyone has access or can direct me to implementations that I can use, I would be glad for your help.
What implementations do you mean?
I'm curious to how you are going to use simulation here. I also imagine that actually integrating mixminion with Tor on a level that would allow simulation will be non-trivial engineering work.
In any case, if you have specific Shadow questions, you might want to speak with Rob Jansen who develops Shadow and who is also interested in hidden services research.
It would also help me a lot if you can direct me to papers or articles that have shown specific attacks that are known to work on the current network.
Finally, I am currently considering using Mixminion as my basis for a mix network as it seems well designed and addresses a lot of known attacks. I currently do not plan to evaluate its security but instead only the effect its usage has on attacks that work on regular Tor users. However, if anyone can propose a better mix network to base my work on, please let me know.
Hm, not sure how exactly the integration will work here, but mixminion sounds like a decent choice maybe. It's also developed by Nick, who is the Tor developer.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
On 2/8/2015 11:39 PM, George Kadianakis wrote:
Florian Rüchel florian.ruechel.tor@inexplicity.de writes:
Hi everyone,
I have taken some time and considered my topic for the Master's Thesis. I have finally decided to write it on integrating high-latency traffic with the Tor low-latency network (see also my initial mail and George's response[1]).
Hello,
yes it does sound like an interesting research topic.
My primary research goal is to determine the impact of a mix network inside Tor, especially on low-latency users of the network. For this, I plan to use shadow [2] with scallion to simulate the Tor network. I then want to integrate Mix features into the network and see how the network reacts to certain attacks, attacking the mix users as well as the non-mix users. A crucial part in this evaluation will be to determine whether the anonymity of regular Tor users might be reduced (for example just by drawing away users from low- to high-latency traffic) or whether it might actually be improved (it could attract more users into the same network).
Yes, I'm also wondering whether the anonymity of low-latency Tor would increase if we plugged a high-latency network into it, and also the opposite. I'm curious on whether one network will act as cover traffic for the other, and what kind of adversaries that would fool.
On this topic you might also enjoy the paper "Sleeping dogs lie on a bed of onions but wake when mixed" by Paul Syverson: https://petsymposium.org/2011/papers/hotpets11-final10Syverson.pdf
Nice paper. Wonder why it isn't in anonbib too. I am used to keep a bookmark on anonbib as a central repository of anonymity research papers, so there's my concern :-)
I will add a bibtext entry. If anyone else discovers missing papers please email me and I will add bibtext entries for them.
However, for this evaluation/simulation to work, I need to attack my simulation, i.e. become the adversary and measure the effectiveness of my attacks. And for this, I need the actual implementation. So if anyone has access or can direct me to implementations that I can use, I would be glad for your help.
What implementations do you mean?
I'm curious to how you are going to use simulation here. I also imagine that actually integrating mixminion with Tor on a level that would allow simulation will be non-trivial engineering work.
In any case, if you have specific Shadow questions, you might want to speak with Rob Jansen who develops Shadow and who is also interested in hidden services research.
It would also help me a lot if you can direct me to papers or articles that have shown specific attacks that are known to work on the current network.
Finally, I am currently considering using Mixminion as my basis for a mix network as it seems well designed and addresses a lot of known attacks. I currently do not plan to evaluate its security but instead only the effect its usage has on attacks that work on regular Tor users. However, if anyone can propose a better mix network to base my work on, please let me know.
Hm, not sure how exactly the integration will work here, but mixminion sounds like a decent choice maybe. It's also developed by Nick, who is the Tor developer.
_______________________________________________ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
On Sun, Feb 08, 2015 at 11:49:57PM +0200, s7r wrote: [snip]
On this topic you might also enjoy the paper "Sleeping dogs lie on a bed of onions but wake when mixed" by Paul Syverson: https://petsymposium.org/2011/papers/hotpets11-final10Syverson.pdf
Nice paper. Wonder why it isn't in anonbib too. I am used to keep a bookmark on anonbib as a central repository of anonymity research papers, so there's my concern :-)
I will add a bibtext entry. If anyone else discovers missing papers please email me and I will add bibtext entries for them.
Thanks for the pointer George. In fact many (most?) of the papers I've written about onion routing aren't in anonbib. Not sure why that is, nor why, given some of the other papers by myself and others that are highlighted as especially important, why arguably the most important papers I've ever written (the paper introducing onion routing, and the one where we more fully separated the network from the clients and destinations) aren't highlighted (or even included in the latter case). That's more huh than complaining on my part. If I want it fixed I should get access and do it myself I suppose (and update my personal webpage more than once every two years while I'm at it and other things I haven't put high on priority). In the meantime, you might look at http://www.onion-router.net/Publications.html for at least the earlier ones. Cf. also the bibliography of "A Peel of Onion" although that doesn't much discuss our mixed latency considerations, or even cite the alpha-mixing paper, etc. (The latter being in sore need of an deeper exploration and update along the lines many of us have discussed but not taken time to rigorously examine or write up. Time, time, gotta run.)
HTH, Paul
Hi,
Yes, I'm also wondering whether the anonymity of low-latency Tor would increase if we plugged a high-latency network into it, and also the opposite. I'm curious on whether one network will act as cover traffic for the other, and what kind of adversaries that would fool.
On this topic you might also enjoy the paper "Sleeping dogs lie on a bed of onions but wake when mixed" by Paul Syverson: https://petsymposium.org/2011/papers/hotpets11-final10Syverson.pdf
I'll take a look, thank you.
However, for this evaluation/simulation to work, I need to attack my simulation, i.e. become the adversary and measure the effectiveness of my attacks. And for this, I need the actual implementation. So if anyone has access or can direct me to implementations that I can use, I would be glad for your help.
What implementations do you mean?
Well the attacks I find exist in theory, such as traffic confirmation. However, when I run my simulation of the Tor network, I need to perform an attack and measure its effectiveness. That is, I want to find out whether the attacks I have can hurt the anonymity or improve it etc.
I'll use shadow here to simulate the network and want to have some passive (or even active) attacks that I can run against it. Having an attack that can simply perform a passive attack on packet dumps would also be great (this would be very easy to run with shadow).
I'm curious to how you are going to use simulation here. I also imagine that actually integrating mixminion with Tor on a level that would allow simulation will be non-trivial engineering work.
Yes, that will be a major question. My initial though was running integrating Mixminion into Tor and in the process adapting it to fit into Tor. Since the two have many similarities this should actually be possible.
However, I think this might be way too time-consuming, even if it was just a very basic implementation. The reason for this is that Tor never really poses the question of delaying traffic and "just does it" except for bandwidth limitation.
Thus, I'd need a completely new mechanism that will decide whether to delay or not and it seems hard to find out the layer at which that should happen.
So I currently have a slight tendency to just use the mixminion implementation and run it as a shadow plugin. Then I run both on the same relay nodes and just ignore the service port in my analysis (assuming in a real-world implementation it would integrate into Tor).
However, I am not sure whether this might hurt my simulation as it might turn out that scheduling or some other mechanism might split the two processes so much that they can still be identified.
In any case, if you have specific Shadow questions, you might want to speak with Rob Jansen who develops Shadow and who is also interested in hidden services research.
Thank you for the information. I will get in touch with him and see whether he can help on specific issues that I might encounter using Shadow.
It would also help me a lot if you can direct me to papers or articles that have shown specific attacks that are known to work on the current network.
Finally, I am currently considering using Mixminion as my basis for a mix network as it seems well designed and addresses a lot of known attacks. I currently do not plan to evaluate its security but instead only the effect its usage has on attacks that work on regular Tor users. However, if anyone can propose a better mix network to base my work on, please let me know.
Hm, not sure how exactly the integration will work here, but mixminion sounds like a decent choice maybe. It's also developed by Nick, who is the Tor developer.
Yes that is one of the reasons I chose it: If a potential goal would be to provide high-latency anonymity within Tor, a design that is already similar might be beneficial.
On Feb 16, 2015, at 5:43 AM, Florian Rüchel florian.ruechel.tor@inexplicity.de wrote:
It would also help me a lot if you can direct me to papers or articles that have shown specific attacks that are known to work on the current network.
You might want to look into the Sniper Attack as an example of how to evaluate attacks on Tor safely using Shadow: http://www.robgjansen.com/publications/sniper-ndss2014.pdf
For those wanting to follow the Shadow thread on this topic, that starts here: http://mailman.cs.umn.edu/archives/shadow-support/2015-February/000312.html
Best regards, Rob
-
Florian Rüchel -
George Kadianakis -
Ian Goldberg -
Paul Syverson -
Rob Jansen -
s7r -
Tom Ritter