Tor Weekly News — July, 31st 2013

dope457 dope457 at riseup.net
Wed Jul 31 12:01:07 UTC 2013 

========================================================================
Tor Weekly News                                          July 31st, 2013
========================================================================

Welcome to the 5th issue of Tor Weekly News, the weekly newsletter that
covers what is happening in the busy Tor community.

Summer Developer Meeting Wrap-up
--------------------------------
 
The 2013 summer Tor development meeting happened at the Technische
Universität München [1]. There were no formal talks during the meeting
itself, but slides were still involved! [2]

New minutes from sessions to add to those covered in the last
edition [3] have been posted to the wiki [4]. This includes a second
discussion on Pluggable Transports [5], the role of the Research
Director [6], a summary of discussions with cryptographers Tanja
Lange and djb about the cryptographic aspects of Tor [7],
timesheets for Tor contractors [8] and mailing-lists [9].

Christian Grothoff organized a talk with Roger Dingledine and Jacob
Appelbaum at the university. Their initial topic was the censorship
arms race, but given the up-to-date knowledge of the students and other
attendees, the talk got turned into a marathon 4-hour long Q&A 
session! Thanks to Christian, the video is available from the GNUnet 
website [10].

The following day was dedicated to more concrete hands-on discussions 
and coding. The public hackfest was well-attended, with more than 70 
people focusing on everything to do with Tor. Some attendees had even 
traveled several hundred kilometers to be there! Discussions popped up 
everywhere, code was written and some newcomers were introduced to the 
many elements that make up the Tor project. 
Thanks to everyone who showed up!

   [1] http://www.tum.de/
   [2] https://commons.wikimedia.org/wiki/File:050322-tumuenchen-parabeln.jpg
   [3] https://lists.torproject.org/pipermail/tor-news/2013-July/000004.html
   [4] https://trac.torproject.org/projects/tor/wiki/org/meetings/2013SummerDevMeeting
   [5] https://trac.torproject.org/projects/tor/wiki/org/meetings/2013SummerDevMeeting/PluggableTransports1
   [6] https://trac.torproject.org/projects/tor/wiki/org/meetings/2013SummerDevMeeting/ResearchDirector
   [7] https://trac.torproject.org/projects/tor/wiki/org/meetings/2013SummerDevMeeting/TorCrypto
   [8] https://trac.torproject.org/projects/tor/wiki/org/meetings/2013SummerDevMeeting/Timesheets
   [9] https://trac.torproject.org/projects/tor/wiki/org/meetings/2013SummerDevMeeting/MailingLists
  [10] https://gnunet.org/tor2013tum-video

Comparing handshake protocols for Tor: Ace vs ntor
--------------------------------------------------

In WPES ’12, Esfandiar Mohammadi and Aniket Kate introduced Ace, an
alternative for Tor’s current handshake protocol ntor. [11,12]

Ace was already discussed on tor-dev at the end of 2012 [13],
“but back then, no implementation for the double scalar multiplication 
operation (a * b + c * d) on Curve25519 was available. But recently,
Robert Ransom implemented in his celator library [14] a highly 
efficient double scalar multiplication which is suitable for our 
handshake protocol Ace”, wrote Esfandiar.

>From the comparative benchmarks that Shivanker Goel implemented and
ran, using Ace could improve speed and CPU load compared to the
current ntor implementation. Esfandiar Mohammadi’s email on tor-talk
contains the methodology, remarks and concrete numbers.

The code for the benchmark is available online [15] along with a 
Tor-style proposal [16] for improving circuit-creation key exchange
using Ace.

  [11] http://www.infsec.cs.uni-saarland.de/~mohammadi/paper/owake.pdf
  [12] https://lists.torproject.org/pipermail/tor-dev/2012-August/003901.html
  [13] https://lists.torproject.org/pipermail/tor-dev/2013-July/005163.html
  [14] http://www.infsec.cs.uni-saarland.de/~mohammadi/ace/celator.tar.gz
  [15] http://www.infsec.cs.uni-saarland.de/~mohammadi/ace/ace-benchmarks.tar.gz
  [16] http://www.infsec.cs.uni-saarland.de/~mohammadi/ace/ace-handshake.txt

New Globe web application to explore the Tor network
----------------------------------------------------

Christian made his Globe web application available at [17]. Globe is
quite similar to Atlas [18], and in fact uses the same data, but it 
also allows searching for bridges and is slightly more user-friendly.

Globe now uses dygraphs as a graphing engine which makes it even easier
to select time intervals for its graphs.  Feel free to try out Globe
and give feedback on its bug tracker [19].

  [17] http://globe.rndm.de/
  [18] https://atlas.torproject.org
  [19] https://github.com/makepanic/globe

Tor at OHM2013 - Netherlands
----------------------------

Several members of the Tor community will be at OHM2013: Observe, Hack,
Make: “A five day outdoor international camping festival for hackers, 
makers, and those with an inquisitive mind”, according to their 
website [20]. The event starts tomorrow with a few Tor-related meetings 
and activities.

Tom Lowenthal will be holding a social event at the Noisy Square village
for Tor contributors and relay operators on August, 1st at 14:00. [21]

Later that day, Tom will also go through “the development work, 
advocacy help, coordination, system administration, outreach, community 
support, and other things that you can do to help the Tor Project grow 
and improve” in the Lovelace Tent at 22:00. [22]

Fabio Pietrosanti invited anyone interested to attend the Tor2Web
meeting [23] to: “outlook what we’ve done, how the network growth up
discussing which could be the next major milestones to be reached in
terms of software, network development, community involvement and fundraising.”

Last but not least, Moritz Bartl from torservers.net will be around with
Tor stickers and posters, as well as collecting donations to create new
exit nodes. Look around the Noisy Square! [24]

  [20] https://ohm2013.org/
  [21] https://program.ohm2013.org/event/307.html
  [22] https://program.ohm2013.org/event/305.html
  [23] https://program.ohm2013.org/event/256.html
  [24] https://noisysquare.com/

Miscellaneous development news
------------------------------

GSoC students sent out a new round of status reports. Johannes Fürmann had 
made great progress on the framework for EvilGenius — a way to simulate 
censorship events: “The Genius is there, all we have to do now is make 
it more evil.” [25] 

Cristian-Matei Toader is moving forward on limiting the set of allowed 
system calls by the tor daemon [26]. 

ra_ sucessfully now has a “rttprober” script to measure the RTT of Tor 
circuits [27]. 

Kostas Jakeliunas has a clean code base for the Tor Metrics Archive 
project that can import archival data and be queried with an
Onionoo-like interface [28]. 

Hareesan did a quick report on the steganography browser extension [29].

Chang Lan Status has returned to report some progress on the HTTP 
pluggable transport [30].

Karsten Loesing added a new “fields” parameter to Onionoo. It can be used
to restrict the response size when only a specific set of attributes are
needed. [31] This feature is used by the bubble graphs showing diversity
of the Tor network wrote by Lunar. The latter are now available on the
metrics website, thanks to Karsten. [32]

Kevin P Dyer released Format-Transforming Encryption Pluggable Transport
version v0.1.2-alpha [33]. Source code, documentation and builds are
available on the FTE website. [34]

Damian Johnson has released two new monitoring scripts [35] based on the
remote descriptor fetching support recently added to Stem [36]: one to
check for malformed content in the descriptors, the other to monitor
sudden influxes of new relays (potential Sybil attacks).

  [25] https://lists.torproject.org/pipermail/tor-dev/2013-July/005179.html
  [26] https://lists.torproject.org/pipermail/tor-dev/2013-July/005180.html
  [27] https://lists.torproject.org/pipermail/tor-dev/2013-July/005181.html
  [28] https://lists.torproject.org/pipermail/tor-dev/2013-July/005197.html
  [29] https://lists.torproject.org/pipermail/tor-dev/2013-July/005185.html
  [30] https://lists.torproject.org/pipermail/tor-dev/2013-July/005193.html
  [31] https://gitweb.torproject.org/onionoo.git/commit/1c1dfa48
  [32] https://metrics.torproject.org/bubbles.html
  [33] https://lists.torproject.org/pipermail/tor-dev/2013-July/005194.html
  [34] https://kpdyer.com/fte/
  [35] https://lists.torproject.org/pipermail/tor-dev/2013-July/005209.html
  [36] https://stem.torproject.org/

Upcoming events
---------------

Jul 31-05 | Tor at OHM
          | Geestmerambacht, Netherlands
          | https://ohm2013.org/
          |
Aug 1-4   | Runa Sandvik @ DEF-CON 21
          | Rio Hotel, Las Vegas, USA
          | https://www.defcon.org/html/defcon-21/dc-21-index.html
          |
Aug 13    | Roger at the 3rd USENIX Workshop on Free and Open 
          | Communications on the Internet
          | Washington, DC, USA
          | https://www.usenix.org/conference/foci13/

This issue of Tor Weekly News has been assembled by Lunar, dope457,
malaparte, harmony, and Karsten Loesing.

Want to continue reading TWN? Please help us create this newsletter.
We still need more volunteers to watch the Tor community and report
important news. Please see the project page [37], write down your
name and subscribe to the team mailing-list [38] if you want to
get involved!

  [37] https://trac.torproject.org/projects/tor/wiki/TorWeeklyNews
  [38] https://lists.torproject.org/cgi-bin/mailman/listinfo/news-team

More information about the tor-news mailing list