Hi everyone,
I am attaching the conversation from the assistants list over.
Here is the TL;DR: I want to write my master's thesis on Tor,
preferrably on a topic that has to do with Hidden Services and/or
Cryptography in Tor.
I have followed George's recommendations and read through some of
the sources provided. In the end, several topics seem appealing to
me, but before moving on I'd like to get some feedback from you
guys on whether you'd consider the topics worth researching or
even have some additional ideas.
HSDir tracking: I have taken a look at the idea of PIR (
https://en.wikipedia.org/wiki/Private_information_retrieval)
and the problem associated with getting HS descriptiors. I have
only looked at the theory of PIR so far and not yet an idea of how
this can be accomplished (and to what extend) in practice.
Certificates for HS: I find this topic particularly interesting
and have followed the discussion. The general concept seems like a
great thing to achieve and it could actually outperform the
regular SSL/CA infrastructure stuff as it could remove the need
for CAs. Unfortunately, this seems something that is not extensive
enough to warrant a whole thesis. If you guys think otherwise,
please let me know.
Tor with mix features: Tor has the explicit goal of being a
low-latency network. However, there are several protocols where
high-latency would be acceptable. I liked the idea of high latency
HSes
(
https://lists.torproject.org/pipermail/tor-dev/2014-November/007818.html).
I'd like to know what you think about this idea being viable. It
would have the advantage of being very flexible from just a
theoretic evaluation down to a real implementation so I could
adjust this to my time. But only if this is actually desired so it
does not need to stay theoretic. I think it would be very
interesting to evaluate whether this can improve or hurt anonymity
of low-latency users, as well.
Traffic confirmation attacks: This is here more or less for
completeness. I know this topic is open for several years and
would be one of the most powerful countermeasures to deploy but
unless someone has started on something that I could build upon, I
don't see myself coming up with something useful here.
Guard discovery attacks: I have only read roughly what these
attacks are. I'd like to know if it would make sense to take a
deeper look here, i.e. you think extensive research is needed on
that topic.
Improving crypto for HSes: The blog entry on HS
(
https://blog.torproject.org/blog/hidden-services-need-some-love)
vaguely states that crypto for HSes could be improved. However,
the article is over a year old and I know the new rend-spec-ng
exists, so I'd like to know whether there's anything here to work
on. I have a fairly good background on cryptography, so I'd like
to help here if help is needed.
Cryptography: There's two proposal ideas, one from 2010
(
https://gitweb.torproject.org/torspec.git/blob/HEAD:/proposals/ideas/xxx-crypto-migration.txt)
and one from 2011
(
https://gitweb.torproject.org/torspec.git/blob/HEAD:/proposals/ideas/xxx-new-crypto-sketch.txt)
which builds on that. Has some of this been addressed? Is this
still being worked on or just leftover that has already been
integrated to the desired level? Would an analysis of the
cryptography used in Tor make sense to you, i.e. building on those
documents reviewing where and how Tor uses cryptography to secure
its operations and evaluating the methods used?
Onion addresses: I took a look at several approaches around
censorship-resistant lookups, e.g. the GNS (see George's
recommendation below) and Aarown Swartz's proposal on squaring
Zooko's triangle by achieving all three properties. I think it
would be a cool thing if it were actually possible to improve
onion addresses to be human-readable, especially when they get
longer by using bigger keys in the future (since 80 bit won't
suffice). I don't know if this is actually possible (I see some
issues on Aaron's proposal and Dan Kaminsky confirmed them) but
working out a scheme that makes handling the names easier for
users while not sacrificing the security would help a lot, I
think.
This would be the bigger topics I have found on which I could see
myself building a thesis. I also stumbled upon smaller research
questions (e.g. whether running a bridge/relay is good, bad or
doesn't make a difference for anonymity) but none of those warrant
a full 6 month thesis so I discarded them for the moment.
If you could take the time to evaluate my ideas and let me know
what you think, I'd greatly appreciate that. The hardest thing
here as an outsider is to assess the current situation and figure
out where work is actually needed and where problems/issues have
already been addressed so any help from you guys would really help
me.
Thanks in advance & Regards,
Florian Rüchel
P.S.: George:
I'm about to relocate, so my reply will be short! Come and find us in
CCC for more.
Unfortuantely, I don't know what you mean by CCC :(
Ah, I'm also a fan of the FluxFingers team :)
Great! Have played some CTFs for yourselves, then? Are you member
of a team?
Thanks for your quick reply, it has helped me a great deal moving
forward on this project.
On 12.11.2014 23:15, George Kadianakis wrote:
Florian Rüchel <florian.ruechel.tor@inexplicity.de> writes:
Hello everyone,
I am about to write my master's thesis and am evaluating Tor as my
research topic. I have read through several documents (including the
Ideas page of the research page and the Research page on the Volunteer's
page). I also read "Hidden Services need some love"
(https://blog.torproject.org/blog/hidden-services-need-some-love) and
especially followed the section on cryptography (reading both proposals)
with great interest.
Before diving into more of those documents that are available, I noticed
you encourage people to contact you through this list should they wish
to conduct research. Right now I am in a very early state as I have not
chosen a topic yet. In my choice I want to do something that benefits
the Tor network, satisfies my professor and involves topics I generally
care for.
As noted above, I took particular interest in Hidden Services and
general cryptography used by Tor. So if possible, I would like to have
those two (or one of those topics) to focus my thesis on. Of course, I
need to define my topic in such a way that it fits my time schedule
(half a year, full-time) and that my professor accepts it.
Now, before moving any further I'd like to know if there are any further
documents I should read that are more up to date than the documents
indicated above (especially the crypto specs are from 2010/2011 so I
don't know how far the network has moved here). It would also be
interesting to know whether some of the issues described for Hidden
Services are already addressed and whether my research would be better
directed somewhere else.
I would be glad if you could take the time to respond to my request so
as to help me define my topic better.
Greetings,
I'm about to relocate, so my reply will be short! Come and find us in
CCC for more.
I'd first suggest you to join and skim over the [tor-dev] mailing list:
https://lists.torproject.org/pipermail/tor-dev/
Especially this month there has been an increase of threads about
hidden services, so I'd suggest you to check it out.
I'd also suggest you to read the recent blog post about the attacks
against HSes:
https://blog.torproject.org/blog/thoughts-and-concerns-about-operation-onymous
The blog post offers plenty of material for research, since it lists
various attacks and issues with the security of HSes that we need to
fix and would definitely benefit from further thinking. Check the
guard discovery [tor-dev] thread for example.
Also check this recent thread:
https://lists.torproject.org/pipermail/tor-dev/2014-October/007642.html
which is part of figuring out work for a funded project. Most of those
tasks are not very interesting for you, but you can find deeper
research questions in some of them.
Another guy recently did his thesis on HS scaling:
https://lists.torproject.org/pipermail/tor-dev/2014-April/006788.html
There is also this stuff:
https://lists.torproject.org/pipermail/tor-dev/2013-November/005878.html
related to the HSDir hashring in rend-spec-ng.txt.
And check out the "Trawling Hidden Services" paper by Ralf et al.
For example, on a more key management tone, petname systems for HSes
would be very interesting, which is related to the recent work of
GNUNet with GNS:
https://gnunet.org/gns
BTW, keep in mind that some of these projects will be moving during
the next year.
Also, if you have public questions which would benefit more people, it
would be great if you could post in [tor-dev] instead of here. It's
good to answer obscure HS questions in public so that more people can
understand the protocol.
Ah, I'm also a fan of the FluxFingers team :)
Thanks for the interest and hope this was useful.