[tor-commits] r25065: {} my talk at lookout (projects/presentations)
Runa Sandvik
runa.sandvik at gmail.com
Mon Sep 12 21:14:15 UTC 2011
Author: runa
Date: 2011-09-12 21:14:14 +0000 (Mon, 12 Sep 2011)
New Revision: 25065
Added:
projects/presentations/2011-tor-online-anonymity-privacy-security-Lookout.pdf
projects/presentations/2011-tor-online-anonymity-privacy-security-Lookout.tex
Log:
my talk at lookout
Added: projects/presentations/2011-tor-online-anonymity-privacy-security-Lookout.pdf
===================================================================
(Binary files differ)
Property changes on: projects/presentations/2011-tor-online-anonymity-privacy-security-Lookout.pdf
___________________________________________________________________
Added: svn:mime-type
+ application/octet-stream
Added: projects/presentations/2011-tor-online-anonymity-privacy-security-Lookout.tex
===================================================================
--- projects/presentations/2011-tor-online-anonymity-privacy-security-Lookout.tex (rev 0)
+++ projects/presentations/2011-tor-online-anonymity-privacy-security-Lookout.tex 2011-09-12 21:14:14 UTC (rev 25065)
@@ -0,0 +1,328 @@
+\documentclass{beamer}
+\mode<presentation>
+\usetheme{Boadilla}
+\title{Tor: Online anonymity, privacy, and security.}
+\author{Runa A. Sandvik \\ runa at torproject.org}
+\date{12 September 2011}
+\begin{document}
+
+\begin{frame}
+\maketitle
+\begin{center}
+\includegraphics[height=3cm]{../images/2009-tor-logo}
+\end{center}
+\end{frame}
+
+% Introduce myself, just to be nice
+\begin{frame}
+\frametitle{About Runa}
+\begin{itemize}
+\item Studied at the Norwegian University of Science and Technology
+\item Worked for the Tor Project during Google Summer of Code in 2009
+\item Developer, security researcher, translation coordinator
+\end{itemize}
+\end{frame}
+
+% And here's what we'll talk about
+\begin{frame}
+\frametitle{What are we talking about?}
+\begin{itemize}
+\item Crash course on anonymous communications
+\item Quick overview of Tor
+\item Tor and circumvention
+\item Future work
+\end{itemize}
+\end{frame}
+
+\begin{frame}
+\frametitle{The Tor Project, Inc.}
+501(c)(3) non-profit organization dedicated to the research and development of technologies for online anonymity and privacy
+\begin{center}
+\includegraphics[height=5cm]{../images/2009-oval_sticker_new}
+\end{center}
+\end{frame}
+
+% Crash course on anonymous communications
+\begin{frame}
+\frametitle{What is anonymity?}
+\includegraphics[width=10cm]{../images/2llg3ts}
+\end{frame}
+
+% What is the threat model here?
+\begin{frame}
+\frametitle{Threat model: what can the attacker do?}
+\begin{overlayarea}{9cm}{6cm}
+\only<1>{\includegraphics[height=7cm]{../images/single_hop_relay}}
+\only<2>{\includegraphics[height=7cm]{../images/evil_single_hop_relay}}
+\only<3>{\includegraphics[height=7cm]{../images/data_snooping_single_hop_relay}}
+\end{overlayarea}
+\end{frame}
+
+\begin{frame}
+\frametitle{Anonymity isn't cryptography}
+\begin{itemize}
+\item Cryptography protects the contents in transit
+\item You still know who is talking to whom, how often, and how much data is sent.
+\end{itemize}
+\begin{center}
+\includegraphics[width=5cm]{../images/encryption-cc-by-sa}
+\end{center}
+\end{frame}
+
+\begin{frame}
+\frametitle{Anonymity isn't steganography}
+Attacker can tell Alice is talking to someone, how often, and how much data is sent.
+\bigskip
+
+\begin{center}
+\includegraphics[width=5cm]{../images/steganography-cc-by-sa}
+\end{center}
+\end{frame}
+
+\begin{frame}
+\frametitle{Anonymity isn't just wishful thinking...}
+\begin{itemize}
+\item "You can't prove it was me!"
+\pause \item "Promise you won't look"
+\pause \item "Promise you won't remember"
+\pause \item "Promise you won't tell"
+\pause \item "I didn't write my name on it!"
+\pause \item "Isn't the Internet already anonymous?"
+\end{itemize}
+\end{frame}
+
+\begin{frame}
+\frametitle{Anonymous communication}
+\begin{itemize}
+\item People have to hide in a crowd of other people ("anonymity loves company")
+\item The goal of the system is to make all users look as similar as possible, to give a bigger crowd
+\item Hide who is communicating with whom
+\item Layered encryption and random delays hide correlation between input traffic and output traffic
+\end{itemize}
+\end{frame}
+
+\begin{frame}
+\frametitle{Anonymity serves different interests for different user groups}
+\begin{itemize}
+\item Private citizens: it's privacy
+\item Businesses: it's network security
+\item Governments: it's traffic-analysis resistance
+\item Human rights activists: it's reachability
+\end{itemize}
+\end{frame}
+
+\begin{frame}
+\frametitle{What is Tor?}
+\begin{itemize}
+\item Online anonymity software and network
+\pause \item Open source, freely available (3-clause BSD license)
+\pause \item Active research environment: \\
+Rice, UMN, NSF, NRL, Drexel, Waterloo, Cambridge UK, Bamberg Germany, Boston Univ, Harvard, MIT, RPI, Georgia Tech
+\pause \item Funding from US DoD, EFF, Voice of America, Google, NLNet,
+Human Rights Watch \\
+\pause \item Increasingly diverse toolset: \\
+Tor, Torbutton, Tor Browser Bundle, TAILS Anonymous Operating System,
+Tor Weather, GetTor, Thandy, Orbot, Tor Check, Arm, Torouter, Tor Cloud
+and more
+\end{itemize}
+\end{frame}
+
+% And what makes Tor different?
+\begin{frame}
+\frametitle{How is Tor different from other systems?}
+\begin{overlayarea}{9cm}{6cm}
+\only<1>{\includegraphics[height=7cm]{../../website/images/htw1}}
+\only<2>{\includegraphics[height=7cm]{../../website/images/htw2}}
+\only<3>{\includegraphics[height=7cm]{../../website/images/htw3}}
+\end{overlayarea}
+\end{frame}
+
+\begin{frame}
+\frametitle{Tor uses a simple centralized directory protocol}
+\begin{itemize}
+\item Relays publish self-signed descriptors to directory authorities
+\item Authorities publish a consensus list of all relay descriptors
+\item Clients download latest consensus from a directory authority or a directory cache
+\end{itemize}
+\end{frame}
+
+\begin{frame}
+\frametitle{Bridges versus relays}
+\begin{itemize}
+\item A step forward in the blocking resistance race
+\item Bridge relays (or "bridges" for short) are Tor relays that aren't listed in the main Tor directory
+\item To use a bridge, you will need to locate one first (can be done using bridges.torproject.org, email, social media etc)
+\item A bridge will act as the first hop in the circuit
+\end{itemize}
+\end{frame}
+
+\begin{frame}
+\frametitle{Hidden services}
+\begin{itemize}
+\item Tor makes it possible for users to hide their locations while offering various kinds of services, such a website or an im server
+\item Using Tor "rendezvous points," other Tor users can connect to these hidden services, each without knowing the other's network identity
+\item A hidden service will have an address that ends in .onion, e.g. http://duskgytldkxiuqc6.onion/
+\end{itemize}
+\end{frame}
+
+\begin{frame}
+\frametitle{Encryption}
+\begin{itemize}
+\item Tor uses the 128-bit AES cipher in counter mode to generate a cipher stream
+\item And the signing keys are 1024-bit RSA
+\item We used to use a 1024-bit safe prime from RFC 2409, section 6.2 as the DH parameter...
+\end{itemize}
+\end{frame}
+
+\begin{frame}
+\frametitle{}
+\includegraphics[scale=0.5]{../images/direct-users-2010-12-01-off-300-2011-01-15-ir}
+\end{frame}
+
+\begin{frame}
+\frametitle{}
+\includegraphics[scale=0.5]{../images/bridge-users-2010-11-01-300-2011-01-14-ir}
+\end{frame}
+
+\begin{frame}
+\frametitle{Encryption}
+\begin{itemize}
+\item But then we made the DH parameter we use for TLS match the one from Apache's mod\_ssl...
+\end{itemize}
+\end{frame}
+
+\begin{frame}
+\frametitle{}
+\includegraphics[scale=0.5]{../images/direct-users-2011-01-01-off-300-2011-03-01-ir.png}
+\end{frame}
+
+\begin{frame}
+\frametitle{}
+\includegraphics[scale=0.5]{../images/bridge-users-2011-01-01-300-2011-03-01-ir.png}
+\end{frame}
+
+\begin{frame}
+\frametitle{Keys}
+\begin{itemize}
+\item Each relay maintains a long-term identity key and a short term onion key:
+\begin{itemize}
+\item The identity key is used to sign relay descriptors
+\item The directory authorities also use the identity key to sign the consensus
+\item The onion key is used to decrypt requests from clients to set up a circuit and negotiate ephemeral keys
+\item The TLS protocol also establishes a short-term link key when communicating between relays
+\end{itemize}
+\end{itemize}
+\end{frame}
+
+\begin{frame}
+\frametitle{Cells}
+\includegraphics[width=10cm]{../images/cell-struct.png}
+\begin{itemize}
+\item Traffic passes along circuits in the Tor network in fixed-size
+cells (512 bytes):
+\begin{itemize}
+\item The header includes a circuit identifier that specifies which
+circuit the cell refers to
+\item The command describes what to do with the cells payload
+\item The entire contents of the header and payload is
+encrypted/decrypted together as the relay cell moves along the circuit
+\end{itemize}
+\end{itemize}
+\end{frame}
+
+\begin{frame}
+\frametitle{Tor on the wire}
+\includegraphics[width=12cm]{../images/tor-keys3}
+\end{frame}
+
+\begin{frame}
+\frametitle{How many people use Tor daily?}
+\includegraphics[scale=0.5]{../images/direct-users-2010-09-11-off-300-2011-09-11-all}
+\end{frame}
+
+% Tor and circumvention
+\begin{frame}
+\frametitle{Attackers can block access to the network}
+\begin{itemize}
+\item By blocking access to the directory authorities
+\item By blocking access to all the relays in the network
+\item By blocking access to all known bridges in the network
+\item By preventing users from finding the software
+\end{itemize}
+\end{frame}
+
+% China
+\begin{frame}
+\frametitle{Tor and circumvention in China}
+\includegraphics[scale=0.5]{../images/direct-users-2010-09-11-off-300-2011-09-11-cn}
+\end{frame}
+
+\begin{frame}
+\frametitle{Tor and circumvention in China}
+\includegraphics[scale=0.5]{../images/bridge-users-2010-09-11-300-2011-09-11-cn}
+\end{frame}
+
+% Egypt
+\begin{frame}
+\frametitle{Tor and circumvention in Egypt}
+\includegraphics[scale=0.5]{../images/direct-users-2010-09-11-off-300-2011-09-11-eg}
+\end{frame}
+
+\begin{frame}
+\frametitle{Tor and circumvention in Egypt}
+\includegraphics[scale=0.5]{../images/bridge-users-2010-09-11-300-2011-09-11-eg}
+\end{frame}
+
+% Libya
+\begin{frame}
+\frametitle{Tor and circumvention in Libya}
+\includegraphics[scale=0.5]{../images/direct-users-2010-09-11-off-300-2011-09-11-ly}
+\end{frame}
+
+\begin{frame}
+\frametitle{Tor and circumvention in Libya}
+\includegraphics[scale=0.5]{../images/bridge-users-2010-09-11-300-2011-09-11-ly}
+\end{frame}
+
+% Future work
+\begin{frame}
+\frametitle{Future work, part 1}
+\begin{itemize}
+\item The Torouter project: hardware project to provide an easy to setup Tor bridge or relay
+\item The Tor Cloud project: provides bridge-by-default and relay-by-default images for Amazon EC2
+\end{itemize}
+\end{frame}
+
+\begin{frame}
+\frametitle{Future work, part 2}
+\begin{itemize}
+\item Pluggable transports: a plug-in system that can evade many censorship systems by disguising Tor traffic as, for example, standard HTTP traffic
+\item Obfuscated proxy: protocol obfuscation for TCP protocols prevent third party from identifying protocol based on message contents
+\end{itemize}
+\end{frame}
+
+\begin{frame}
+\frametitle{Future work, part 3}
+\begin{itemize}
+\item Censorship resistance research: reachability testing of the Tor network from within certain countries
+\item IPv6: goal for Tor 0.2.3.x is for bridges to handle IPv6-only clients and exits can handle IPv6 addresses
+\end{itemize}
+\end{frame}
+
+% Demonstration of TBB
+\begin{frame}
+\frametitle{Time for a demo}
+Demonstration of Tor Browser Bundle
+\end{frame}
+
+\begin{frame}
+\frametitle{}
+\begin{center}
+\large Questions? \\
+\vspace{10 mm}
+runa at torproject.org \\
+https://www.torproject.org/
+\end{center}
+\end{frame}
+
+\end{document}
More information about the tor-commits
mailing list