search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
history | raw | HEAD
Fix unit tests.
[tor/rransom.git] / doc / codecon04.mgp
blobe9815fcb370e1dcef9991269cada2331f3a0f850
1 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
2 %%deffont "standard" xfont "comic sans ms-medium-r"
3 %%deffont "thick" xfont "arial black-medium-r"
4 %%deffont "typewriter" xfont "courier new-bold-r"
5 %%deffont "type2writer" xfont "arial narrow-bold-r"
6 %%deffont "standard"   tfont "standard.ttf",   tmfont "kochi-mincho.ttf"
7 %%deffont "thick"      tfont "thick.ttf",      tmfont "goth.ttf"
8 %%deffont "typewriter" tfont "typewriter.ttf", tmfont "goth.ttf"
9 %deffont "standard" xfont "helvetica-medium-r", tfont "arial.ttf", tmfont "times.ttf"
10 %deffont "thick" xfont "helvetica-bold-r", tfont "arialbd.ttf", tmfont "hoso6.ttf"
11 %deffont "italic" xfont "helvetica-italic-r", tfont "ariali.ttf", tmfont "hoso6.ttf"
12 %deffont "typewriter" xfont "courier-medium-r", tfont "typewriter.ttf", tmfont "hoso6.ttf"
13 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
14 %%
15 %% Default settings per each line numbers.
16 %%
17 %default 1 leftfill, size 8, fore "black", back "white", font "thick", hgap 1
18 %default 2 size 8, vgap 10, prefix " ", ccolor "black"
19 %default 3 size 6, bar "gray70", vgap 0
20 %default 4 size 6, fore "black", vgap 0, prefix " ", font "standard"
21 %%
22 %%default 1 area 90 90, leftfill, size 9, fore "yellow", back "blue", font "thick"
23 %%default 2 size 9, vgap 10, prefix " "
24 %%default 3 size 7, bar "gray70", vgap 10
25 %%default 4 size 7, vgap 30, prefix " ", font "standard"
26 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
27 %%
28 %% Default settings that are applied to TAB-indented lines.
29 %%
30 %tab 1 size 5, vgap 40, prefix "     ", icon arc "red" 50
31 %tab 2 size 4, vgap 35, prefix "            ", icon delta3 "blue" 40
32 %tab 3 size 3, vgap 35, prefix "                        ", icon dia "DarkViolet" 40
33 %%
34 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
35 %page
36 %nodefault
37 %center, size 9, font "thick", back "white", fore "black"
38
39 Tor: 
40 %size 8
41 Next-generation Onion Routing
42
43
44 %size 7
45 Roger Dingledine
46 Nick Mathewson
47 Paul Syverson
48
49 The Free Haven Project
50 %font "typewriter", fore "blue"
51 http://freehaven.net/
52
53 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
54 %page
55
56 Low-latency anonymity system
57
58 %leftfill
59 Deployed: 20 nodes, hundreds (?) of users
60
61 Many improvements on earlier design
62
63 Free software -- modified BSD license
64
65 Design is not covered by earlier onion routing
66 patent
67
68 Uses SOCKS to interface with client apps
69
70 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
71 %page
72
73 We have working code
74
75 (14 kloc of C)
76
77 and a design document,
78 and a byte-level specification,
79 and a Debian package (in Unstable)
80
81 Works on Linux, BSD, OSX, Cygwin, ...
82 User-space, doesn't need kernel mods or root
83
84 %size 9
85 http://freehaven.net/tor/
86
87 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
88 %%page
89 %%
90 %%Talk Overview
91 %%
92 %%A bit about Onion Routing
93 %%
94 %%Improvements we've made
95 %%
96 %%Some related work
97 %%
98 %%Ask me questions
99 %%
100 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
101 %page
102
103 Anonymity: Who needs it?
104
105 Private citizens
106         advocacy, counseling, whistleblowing, reporting, ...
107 %size 6
108 Higher-level protocols
109         voting, e-cash, auctions
110 %size 6
111 Government applications
112         research, law enforcement
113 %size 6
114 Business applications
115 %size 5
116 (hide relationships and volumes of communication)
117         Who is visiting job sites?
118         Which groups are talking to patent lawyers?
119         Who are your suppliers and customers?
120         Is the CEO talking to a buyout partner?
121
122 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
123 %page
124
125 Anonymity is a network effect
126
127         Systems need traffic (many low-sensitivity users) to attract the high-sensitivity users
128         Most users do not value anonymity much
129         Weak security (fast system) can mean more users
130                 which can mean 
131 %cont, font "italic"
132 stronger 
133 %cont, font "standard"
134 anonymity
135         High-sensitivity agents have incentive to run nodes
136                 so they can be certain first node in their path is good
137                 to attract traffic for their messages
138         There can be an optimal level of free-riding
139
140 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
141 %page
142
143 Onion Routing is...
144
145 An overlay network
146
147 Users build virtual circuits through the network
148
149 One layer of encryption at each hop
150
151 Fixed-size cells
152
153 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
154 %page
155
156 Tor's goals
157
158 Conservative design
159         minimize new design work needed
160
161 %size 6
162 Support testing of future research
163
164 Design for deployment; deploy for use
165
166 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
167 %page
168
169 Threat model -- what we aim for
170
171 Protect against somebody watching Alice
172
173 Protect against curious Bob
174
175 Protect against `some' curious nodes in the middle
176
177 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
178 %page
179
180 Differences / limitations
181
182
183 We're TCP-only, not all IP (but we're user-space and very portable)
184
185 Not as strong as high-latency systems (Mixmaster, Mixminion)
186
187 Not peer-to-peer
188
189 No protocol normalization
190
191 Not unobservable (no steg, etc)
192
193 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
194 %page
195
196 Perfect forward secrecy
197
198
199 Telescoping circuit
200
201         negotiates keys at each hop
202         no more need for replay detection
203
204 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
205 %page
206
207 No mixing, padding, traffic shaping (yet)
208
209
210 Please show us they're worth the usability tradeoff
211
212 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
213 %%page
214 %%
215 %%Many TCP streams can share one circuit
216 %%
217
218 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
219 %page
220
221 Many TCP streams share a circuit
222
223 Previous designs built a new circuit for each stream
224
225         lots of public key ops per request
226         plus anonymity dangers from making so many circuits
227
228 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
229 %page
230
231 Leaky-pipe circuit topology
232
233 Alice can direct cells to any node in her circuit
234
235         So we can support long-range padding,
236         have multiple streams exiting at different places in the circuit
237         etc
238
239 %size 6
240 Unclear whether this is dangerous or useful
241
242 More research needed
243
244 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
245 %page
246
247 Congestion control
248
249
250 Simple rate limiting
251
252 Plus have to keep internal nodes from overflowing
253
254 (Can't use global state or inter-node control)
255
256 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
257 %page
258
259 Directory servers
260
261 To solve the `introduction' problem
262
263 Approve new servers
264
265 Tell clients who's up right now
266
267         plus their keys, location, etc
268
269 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
270 %page
271
272 Variable exit policies
273
274
275 Each server allows different outgoing connections
276
277 E.g. no servers allow outgoing mail currently
278
279 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
280 %page
281
282 End-to-end integrity checking
283
284
285 In previous onion routing, an insider could change
286 the text being transmitted:
287
288 "dir" => "rm *"
289
290 Even an external adversary could do this!
291
292 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
293 %page
294
295 Rendezvous points
296
297 allow hidden services
298
299 don't need (brittle) reply onions
300
301         Access-controlled: Bob can control who he talks to
302         Robust: Bob's service is available even when some Tor nodes go down
303         Smear-resistant: Evil service can't frame a rendezvous router
304         Application-transparent: Don't need to modify Bob's apache
305
306 %size 6
307 (Not implemented yet)
308
309 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
310 %page
311
312 How do we compare security?
313
314 Assume adversary owns c of n nodes
315         can choose which
316 %size 6
317 What's the chance for a random Alice and Bob that he wins?
318
319 Freedom, Tor: (c/n)^2
320 Peekabooty, six-four, etc: c/n
321 Jap (if no padding): 1 if c>1
322 Anonymizer: 1 if c>0
323
324 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
325 %page
326
327 Future work
328
329 Threshold directory agreement
330
331 Scalability: Morphmix/p2p extensions?
332 Restricted-route (non-clique topology)
333
334 Non-TCP transport
335
336 Implement rendezvous points
337
338 Make it work better
339
340 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
341 %page
342
343 We have working code
344
345 Plus a design document,
346 and a byte-level specification
347 and a Debian package (in Unstable)
348
349 %size 9
350 http://freehaven.net/tor/
351
352 %size 6
353 Privacy Enhancing Technologies workshop
354
355 %size 9
356 http://petworkshop.org/
357