[tor-dev] [tor-assistants] Researching Tor for Master's Thesis

Tom Ritter tom at ritter.vg
Wed Nov 26 17:15:28 UTC 2014

On 26 November 2014 at 06:58, Florian Rüchel
<florian.ruechel.tor at inexplicity.de> wrote:
> Certificates for HS: I find this topic particularly interesting and have
> followed the discussion. The general concept seems like a great thing to
> achieve and it could actually outperform the regular SSL/CA infrastructure
> stuff as it could remove the need for CAs. Unfortunately, this seems
> something that is not extensive enough to warrant a whole thesis. If you
> guys think otherwise, please let me know.

I think there are some things here that might be large enough.  Specifically:
What is the best way to present an Extended Validation badge in Tor
Browser without requiring a CA signature.  Some ideas that have been
thrown around:
 - Have a .com leaf cert sign a .onion cert, change the green to
orange, and show the original domain name
 - Have some sort of Namecoin/Sovereign-Keys like structure (also
applicable to petnames)
 - User-configurable and managed favorites system in an extension that
petnames a Hidden Service to a name, for that user only

> Tor with mix features: Tor has the explicit goal of being a low-latency
> network. However, there are several protocols where high-latency would be
> acceptable. I liked the idea of high latency HSes
> (https://lists.torproject.org/pipermail/tor-dev/2014-November/007818.html).
> I'd like to know what you think about this idea being viable. It would have
> the advantage of being very flexible from just a theoretic evaluation down
> to a real implementation so I could adjust this to my time. But only if this
> is actually desired so it does not need to stay theoretic. I think it would
> be very interesting to evaluate whether this can improve or hurt anonymity
> of low-latency users, as well.

Lots of people love the idea of getting High-Latency inlaid in the Tor
network.  There is definitely interest here.  This sounds like more
than a 6 month thesis, but maybe if you bit off a chunk of it.

> This would be the bigger topics I have found on which I could see myself
> building a thesis. I also stumbled upon smaller research questions (e.g.
> whether running a bridge/relay is good, bad or doesn't make a difference for
> anonymity) but none of those warrant a full 6 month thesis so I discarded
> them for the moment.

Hm, maybe "Can an attacker distinguish traffic leaving an exit node
from the following three profiles:"
 - User on that machine doing interactive web browsing
 - User SSH-ed into that machine doing interactive web browsing
 - Person using Tor exiting through that relay

I suspect the answer is "Yes, easily." but AFAIK it's never been
demonstrated, and there's an unofficial recommendation you see
repeated places that say "Oh, run an exit relay so your traffic mixes
with it."


More information about the tor-dev mailing list