[tor-dev] [tor-assistants] Researching Tor for Master's Thesis

[Florian Rüchel]

Hi everyone,

I am attaching the conversation from the assistants list over.

Here is the TL;DR: I want to write my master's thesis on Tor,
preferrably on a topic that has to do with Hidden Services and/or
Cryptography in Tor.

I have followed George's recommendations and read through some of the
sources provided. In the end, several topics seem appealing to me, but
before moving on I'd like to get some feedback from you guys on whether
you'd consider the topics worth researching or even have some additional
ideas.

HSDir tracking: I have taken a look at the idea of PIR (
https://en.wikipedia.org/wiki/Private_information_retrieval) and the
problem associated with getting HS descriptiors. I have only looked at
the theory of PIR so far and not yet an idea of how this can be
accomplished (and to what extend) in practice.

Certificates for HS: I find this topic particularly interesting and have
followed the discussion. The general concept seems like a great thing to
achieve and it could actually outperform the regular SSL/CA
infrastructure stuff as it could remove the need for CAs. Unfortunately,
this seems something that is not extensive enough to warrant a whole
thesis. If you guys think otherwise, please let me know.

Tor with mix features: Tor has the explicit goal of being a low-latency
network. However, there are several protocols where high-latency would
be acceptable. I liked the idea of high latency HSes
(https://lists.torproject.org/pipermail/tor-dev/2014-November/007818.html).
I'd like to know what you think about this idea being viable. It would
have the advantage of being very flexible from just a theoretic
evaluation down to a real implementation so I could adjust this to my
time. But only if this is actually desired so it does not need to stay
theoretic. I think it would be very interesting to evaluate whether this
can improve or hurt anonymity of low-latency users, as well.

Traffic confirmation attacks: This is here more or less for
completeness. I know this topic is open for several years and would be
one of the most powerful countermeasures to deploy but unless someone
has started on something that I could build upon, I don't see myself
coming up with something useful here.

Guard discovery attacks: I have only read roughly what these attacks
are. I'd like to know if it would make sense to take a deeper look here,
i.e. you think extensive research is needed on that topic.

Improving crypto for HSes: The blog entry on HS
(https://blog.torproject.org/blog/hidden-services-need-some-love)
vaguely states that crypto for HSes could be improved. However, the
article is over a year old and I know the new rend-spec-ng exists, so
I'd like to know whether there's anything here to work on. I have a
fairly good background on cryptography, so I'd like to help here if help
is needed.

Cryptography: There's two proposal ideas, one from 2010
(https://gitweb.torproject.org/torspec.git/blob/HEAD:/proposals/ideas/xxx-crypto-migration.txt)
and one from 2011
(https://gitweb.torproject.org/torspec.git/blob/HEAD:/proposals/ideas/xxx-new-crypto-sketch.txt)
which builds on that. Has some of this been addressed? Is this still
being worked on or just leftover that has already been integrated to the
desired level? Would an analysis of the cryptography used in Tor make
sense to you, i.e. building on those documents reviewing where and how
Tor uses cryptography to secure its operations and evaluating the
methods used?

Onion addresses: I took a look at several approaches around
censorship-resistant lookups, e.g. the GNS (see George's recommendation
below) and Aarown Swartz's proposal on squaring Zooko's triangle by
achieving all three properties. I think it would be a cool thing if it
were actually possible to improve onion addresses to be human-readable,
especially when they get longer by using bigger keys in the future
(since 80 bit won't suffice). I don't know if this is actually possible
(I see some issues on Aaron's proposal and Dan Kaminsky confirmed them)
but working out a scheme that makes handling the names easier for users
while not sacrificing the security would help a lot, I think.

This would be the bigger topics I have found on which I could see myself
building a thesis. I also stumbled upon smaller research questions (e.g.
whether running a bridge/relay is good, bad or doesn't make a difference
for anonymity) but none of those warrant a full 6 month thesis so I
discarded them for the moment.

If you could take the time to evaluate my ideas and let me know what you
think, I'd greatly appreciate that. The hardest thing here as an
outsider is to assess the current situation and figure out where work is
actually needed and where problems/issues have already been addressed so
any help from you guys would really help me.

Thanks in advance & Regards,
Florian Rüchel

P.S.: George:
> I'm about to relocate, so my reply will be short! Come and find us in
> CCC for more.
Unfortuantely, I don't know what you mean by CCC :(
> Ah, I'm also a fan of the FluxFingers team :)
Great! Have played some CTFs for yourselves, then? Are you member of a team?

Thanks for your quick reply, it has helped me a great deal moving
forward on this project.

On 12.11.2014 23:15, George Kadianakis wrote:
> Florian Rüchel <florian.ruechel.tor at inexplicity.de> writes:
>
>> Hello everyone,
>>
>> I am about to write my master's thesis and am evaluating Tor as my
>> research topic. I have read through several documents (including the
>> Ideas page of the research page and the Research page on the Volunteer's
>> page). I also read "Hidden Services need some love"
>> (https://blog.torproject.org/blog/hidden-services-need-some-love) and
>> especially followed the section on cryptography (reading both proposals)
>> with great interest.
>>
>> Before diving into more of those documents that are available, I noticed
>> you encourage people to contact you through this list should they wish
>> to conduct research. Right now I am in a very early state as I have not
>> chosen a topic yet. In my choice I want to do something that benefits
>> the Tor network, satisfies my professor and involves topics I generally
>> care for.
>>
>> As noted above, I took particular interest in Hidden Services and
>> general cryptography used by Tor. So if possible, I would like to have
>> those two (or one of those topics) to focus my thesis on. Of course, I
>> need to define my topic in such a way that it fits my time schedule
>> (half a year, full-time) and that my professor accepts it.
>>
>> Now, before moving any further I'd like to know if there are any further
>> documents I should read that are more up to date than the documents
>> indicated above (especially the crypto specs are from 2010/2011 so I
>> don't know how far the network has moved here). It would also be
>> interesting to know whether some of the issues described for Hidden
>> Services are already addressed and whether my research would be better
>> directed somewhere else.
>>
>> I would be glad if you could take the time to respond to my request so
>> as to help me define my topic better.
>>
> Greetings,
>
> I'm about to relocate, so my reply will be short! Come and find us in
> CCC for more.
>
> I'd first suggest you to join and skim over the [tor-dev] mailing list:
> https://lists.torproject.org/pipermail/tor-dev/
> Especially this month there has been an increase of threads about
> hidden services, so I'd suggest you to check it out.
>
> I'd also suggest you to read the recent blog post about the attacks
> against HSes:
> https://blog.torproject.org/blog/thoughts-and-concerns-about-operation-onymous
>
> The blog post offers plenty of material for research, since it lists
> various attacks and issues with the security of HSes that we need to
> fix and would definitely benefit from further thinking. Check the
> guard discovery [tor-dev] thread for example.
>
> Also check this recent thread:
> https://lists.torproject.org/pipermail/tor-dev/2014-October/007642.html
> which is part of figuring out work for a funded project. Most of those
> tasks are not very interesting for you, but you can find deeper
> research questions in some of them.
>
> Another guy recently did his thesis on HS scaling:
> https://lists.torproject.org/pipermail/tor-dev/2014-April/006788.html
>
> There is also this stuff:
> https://lists.torproject.org/pipermail/tor-dev/2013-November/005878.html
> related to the HSDir hashring in rend-spec-ng.txt.
>
> And check out the "Trawling Hidden Services" paper by Ralf et al.
>
> For example, on a more key management tone, petname systems for HSes
> would be very interesting, which is related to the recent work of
> GNUNet with GNS:
> https://gnunet.org/gns
>
> BTW, keep in mind that some of these projects will be moving during
> the next year.
>
> Also, if you have public questions which would benefit more people, it
> would be great if you could post in [tor-dev] instead of here. It's
> good to answer obscure HS questions in public so that more people can
> understand the protocol.
>
> Ah, I'm also a fan of the FluxFingers team :)
>
> Thanks for the interest and hope this was useful.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20141126/fa45b15e/attachment-0001.html>