doc/codecon04.mgp

   1 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
   2 %%deffont "standard" xfont "comic sans ms-medium-r"
   3 %%deffont "thick" xfont "arial black-medium-r"
   4 %%deffont "typewriter" xfont "courier new-bold-r"
   5 %%deffont "type2writer" xfont "arial narrow-bold-r"
   6 %%deffont "standard"   tfont "standard.ttf",   tmfont "kochi-mincho.ttf"
   7 %%deffont "thick"      tfont "thick.ttf",      tmfont "goth.ttf"
   8 %%deffont "typewriter" tfont "typewriter.ttf", tmfont "goth.ttf"
   9 %deffont "standard" xfont "helvetica-medium-r", tfont "arial.ttf", tmfont "times.ttf"
  10 %deffont "thick" xfont "helvetica-bold-r", tfont "arialbd.ttf", tmfont "hoso6.ttf"
  11 %deffont "italic" xfont "helvetica-italic-r", tfont "ariali.ttf", tmfont "hoso6.ttf"
  12 %deffont "typewriter" xfont "courier-medium-r", tfont "typewriter.ttf", tmfont "hoso6.ttf"
  13 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
  14 %%
  15 %% Default settings per each line numbers.
  16 %%
  17 %default 1 leftfill, size 8, fore "black", back "white", font "thick", hgap 1
  18 %default 2 size 8, vgap 10, prefix " ", ccolor "black"
  19 %default 3 size 6, bar "gray70", vgap 0
  20 %default 4 size 6, fore "black", vgap 0, prefix " ", font "standard"
  21 %%
  22 %%default 1 area 90 90, leftfill, size 9, fore "yellow", back "blue", font "thick"
  23 %%default 2 size 9, vgap 10, prefix " "
  24 %%default 3 size 7, bar "gray70", vgap 10
  25 %%default 4 size 7, vgap 30, prefix " ", font "standard"
  26 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
  27 %%
  28 %% Default settings that are applied to TAB-indented lines.
  29 %%
  30 %tab 1 size 5, vgap 40, prefix "     ", icon arc "red" 50
  31 %tab 2 size 4, vgap 35, prefix "            ", icon delta3 "blue" 40
  32 %tab 3 size 3, vgap 35, prefix "                        ", icon dia "DarkViolet" 40
  33 %%
  34 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
  35 %page
  36 %nodefault
  37 %center, size 9, font "thick", back "white", fore "black"
  38
  39 Tor:
  40 %size 8
  41 Next-generation Onion Routing
  42
  43
  44 %size 7
  45 Roger Dingledine
  46 Nick Mathewson
  47 Paul Syverson
  48
  49 The Free Haven Project
  50 %font "typewriter", fore "blue"
  51 http://freehaven.net/
  52
  53 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
  54 %page
  55
  56 Low-latency anonymity system
  57
  58 %leftfill
  59 Deployed: 20 nodes, hundreds (?) of users
  60
  61 Many improvements on earlier design
  62
  63 Free software -- modified BSD license
  64
  65 Design is not covered by earlier onion routing
  66 patent
  67
  68 Uses SOCKS to interface with client apps
  69
  70 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
  71 %page
  72
  73 We have working code
  74
  75 (14 kloc of C)
  76
  77 and a design document,
  78 and a byte-level specification,
  79 and a Debian package (in Unstable)
  80
  81 Works on Linux, BSD, OSX, Cygwin, ...
  82 User-space, doesn't need kernel mods or root
  83
  84 %size 9
  85 http://freehaven.net/tor/
  86
  87 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
  88 %%page
  89 %%
  90 %%Talk Overview
  91 %%
  92 %%A bit about Onion Routing
  93 %%
  94 %%Improvements we've made
  95 %%
  96 %%Some related work
  97 %%
  98 %%Ask me questions
  99 %%
 100 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 101 %page
 102
 103 Anonymity: Who needs it?
 104
 105 Private citizens
 106         advocacy, counseling, whistleblowing, reporting, ...
 107 %size 6
 108 Higher-level protocols
 109         voting, e-cash, auctions
 110 %size 6
 111 Government applications
 112         research, law enforcement
 113 %size 6
 114 Business applications
 115 %size 5
 116 (hide relationships and volumes of communication)
 117         Who is visiting job sites?
 118         Which groups are talking to patent lawyers?
 119         Who are your suppliers and customers?
 120         Is the CEO talking to a buyout partner?
 121
 122 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 123 %page
 124
 125 Anonymity is a network effect
 126
 127         Systems need traffic (many low-sensitivity users) to attract the high-sensitivity users
 128         Most users do not value anonymity much
 129         Weak security (fast system) can mean more users
 130                 which can mean
 131 %cont, font "italic"
 132 stronger
 133 %cont, font "standard"
 134 anonymity
 135         High-sensitivity agents have incentive to run nodes
 136                 so they can be certain first node in their path is good
 137                 to attract traffic for their messages
 138         There can be an optimal level of free-riding
 139
 140 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 141 %page
 142
 143 Onion Routing is...
 144
 145 An overlay network
 146
 147 Users build virtual circuits through the network
 148
 149 One layer of encryption at each hop
 150
 151 Fixed-size cells
 152
 153 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 154 %page
 155
 156 Tor's goals
 157
 158 Conservative design
 159         minimize new design work needed
 160
 161 %size 6
 162 Support testing of future research
 163
 164 Design for deployment; deploy for use
 165
 166 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 167 %page
 168
 169 Threat model -- what we aim for
 170
 171 Protect against somebody watching Alice
 172
 173 Protect against curious Bob
 174
 175 Protect against `some' curious nodes in the middle
 176
 177 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 178 %page
 179
 180 Differences / limitations
 181
 182
 183 We're TCP-only, not all IP (but we're user-space and very portable)
 184
 185 Not as strong as high-latency systems (Mixmaster, Mixminion)
 186
 187 Not peer-to-peer
 188
 189 No protocol normalization
 190
 191 Not unobservable (no steg, etc)
 192
 193 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 194 %page
 195
 196 Perfect forward secrecy
 197
 198
 199 Telescoping circuit
 200
 201         negotiates keys at each hop
 202         no more need for replay detection
 203
 204 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 205 %page
 206
 207 No mixing, padding, traffic shaping (yet)
 208
 209
 210 Please show us they're worth the usability tradeoff
 211
 212 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 213 %%page
 214 %%
 215 %%Many TCP streams can share one circuit
 216 %%
 217
 218 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 219 %page
 220
 221 Many TCP streams share a circuit
 222
 223 Previous designs built a new circuit for each stream
 224
 225         lots of public key ops per request
 226         plus anonymity dangers from making so many circuits
 227
 228 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 229 %page
 230
 231 Leaky-pipe circuit topology
 232
 233 Alice can direct cells to any node in her circuit
 234
 235         So we can support long-range padding,
 236         have multiple streams exiting at different places in the circuit
 237         etc
 238
 239 %size 6
 240 Unclear whether this is dangerous or useful
 241
 242 More research needed
 243
 244 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 245 %page
 246
 247 Congestion control
 248
 249
 250 Simple rate limiting
 251
 252 Plus have to keep internal nodes from overflowing
 253
 254 (Can't use global state or inter-node control)
 255
 256 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 257 %page
 258
 259 Directory servers
 260
 261 To solve the `introduction' problem
 262
 263 Approve new servers
 264
 265 Tell clients who's up right now
 266
 267         plus their keys, location, etc
 268
 269 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 270 %page
 271
 272 Variable exit policies
 273
 274
 275 Each server allows different outgoing connections
 276
 277 E.g. no servers allow outgoing mail currently
 278
 279 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 280 %page
 281
 282 End-to-end integrity checking
 283
 284
 285 In previous onion routing, an insider could change
 286 the text being transmitted:
 287
 288 "dir" => "rm *"
 289
 290 Even an external adversary could do this!
 291
 292 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 293 %page
 294
 295 Rendezvous points
 296
 297 allow hidden services
 298
 299 don't need (brittle) reply onions
 300
 301         Access-controlled: Bob can control who he talks to
 302         Robust: Bob's service is available even when some Tor nodes go down
 303         Smear-resistant: Evil service can't frame a rendezvous router
 304         Application-transparent: Don't need to modify Bob's apache
 305
 306 %size 6
 307 (Not implemented yet)
 308
 309 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 310 %page
 311
 312 How do we compare security?
 313
 314 Assume adversary owns c of n nodes
 315         can choose which
 316 %size 6
 317 What's the chance for a random Alice and Bob that he wins?
 318
 319 Freedom, Tor: (c/n)^2
 320 Peekabooty, six-four, etc: c/n
 321 Jap (if no padding): 1 if c>1
 322 Anonymizer: 1 if c>0
 323
 324 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 325 %page
 326
 327 Future work
 328
 329 Threshold directory agreement
 330
 331 Scalability: Morphmix/p2p extensions?
 332 Restricted-route (non-clique topology)
 333
 334 Non-TCP transport
 335
 336 Implement rendezvous points
 337
 338 Make it work better
 339
 340 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 341 %page
 342
 343 We have working code
 344
 345 Plus a design document,
 346 and a byte-level specification
 347 and a Debian package (in Unstable)
 348
 349 %size 9
 350 http://freehaven.net/tor/
 351
 352 %size 6
 353 Privacy Enhancing Technologies workshop
 354
 355 %size 9
 356 http://petworkshop.org/
 357