[tor-reports] Isis' November 2013

isis isis at torproject.org
Wed Jan 15 05:49:12 UTC 2014 

*** status report 2013/11
**** Isis' November 2013: Review

I spent most of my November:

    * Finishing a twisted.trial test runner for BridgeDB. [0]
    * Finishing up the (bridge) descriptor generator. [1]
    * Created a mechanism for bridgedb to safely store state
      persistently. (Previously it just reset to the settings it had whenever
      it was first started.) [2]
    * Refactoring the networkstatus descriptor parsers. [3]
    * Writing ~100 unittests for BridgeDB.
    * Creating Sphinx documentation for BridgeDB [4] and shoving it online in
      a rather random place. [5] It should really eventually have some
      official page, e.g. https://docs.torproject.org/bridgedb or something.
    * Setting up automated code coverage reports for BridgeDB. [6]
    * Fixing the bulk-exit-list fetchers and parsers for BridgeDB. [7]
    * Small patches on TBB [8] [9] [10] [11] and Scramblesuit/Obfsproxy. [12] [13]
    * Started learning C++, and discovered a Python cryptographic prototyping
      framework designed by some of Mathew Green's graduate students which
      includes support for schemes/protocols based on bilinear pairings. [14]

[0]: https://gitweb.torproject.org/user/isis/bridgedb.git/shortlog/refs/heads/feature/9865-test-runner-2-r1+nacl
[1]: https://gitweb.torproject.org/bridgedb.git/blob/HEAD:/scripts/gen_bridge_descriptors
[2]: https://gitweb.torproject.org/bridgedb.git/commitdiff/7d8572a08eb77dae9fdbe09b16d091a1194ec297
[3]: https://gitweb.torproject.org/bridgedb.git/commitdiff/a6d52fe28997d1c81c8f8533277925424b9fc157
[4]: https://gitweb.torproject.org/bridgedb.git/commitdiff/5e30229bf1f81a029a1d93e27c4b60aec6293f21
[5]: https://para.noid.cat/bridgedb/
[6]: https://coveralls.io/r/isislovecruft/bridgedb
[7]: https://gitweb.torproject.org/user/isis/bridgedb.git/shortlog/refs/heads/fix/4405-tor-exit-check
[8]: https://gitweb.torproject.org/builders/tor-browser-bundle.git/commitdiff/d73f29a46bd781f21092d54d5c8dc27149659c0e
[9]: https://gitweb.torproject.org/builders/tor-browser-bundle.git/commitdiff/7fcb59762533c2900b7d9505044980ddc7228fda
[10]: https://gitweb.torproject.org/builders/tor-browser-bundle.git/commitdiff/bb33dc8ab3103c17022bafcf0f6c595dc4d3af46
[11]: https://gitweb.torproject.org/builders/tor-browser-bundle.git/commitdiff/29b036b8cda2d0df66c356057e9145d417cc7454
[12]: https://gitweb.torproject.org/user/phw/scramblesuit.git/commitdiff/21bffac4262e733c5111c5297dae49c8abe92382
[13]: https://gitweb.torproject.org/user/phw/scramblesuit.git/commitdiff/99fd12e362baf8ddbadef7625d5c555678a7eb21
[14]: http://eprint.iacr.org/2011/617.pdf

**** Tickets worked on in November 2013:

***** BridgeDB
#4405 bridgedb's list of tor exit relays is down since bulk exit list is down
#8614 BridgeDB should be able to return multiple transport types at the same time
#9332 Revive the BridgeDB bridge-sending mailing list
#9499 BridgeDB should hand out identity fingerprints
#9626 BridgeDB sends repeated bridges
#9865 Create a test harness for BridgeDB
#9874 Research/design a way to automate testing of BridgeDB's HTTPS and email distributors
#10003 BridgeDB's DKIM validator seems to be broken
#10183 Get bridgedb back to using bulkexitlist
#9988 Refactor BridgeDB's use of `sha` module to use `hashlib` instead

***** HTTPSEverywhere
#10172 Rule for translate.google.com is broken

***** Obfsproxy
#10148 Scramblesuit doesn't handle base32 decoded shared secrets properly

***** Stem
#10227 Support descriptor generation
#8254 Parse bridge pool assignments

***** TBB
#10126 TBB-3.0-beta-1 include a non-stripped firefox binary

**** Papers:
There were several. I'll write the list down later perhaps. The most
important, however, were the CHARM paper by Green and his students mentioned
above:

Akinyele, Joseph A., et al. "Charm: A framework for rapidly prototyping
 cryptosystems." Journal of Cryptographic Engineering (2013): 1-18.
 http://eprint.iacr.org/2011/617.pdf

As well as:

Groth, Jens, and Amit Sahai. "Efficient non-interactive proof systems for
 bilinear groups." Advances in Cryptology–EUROCRYPT 2008. Springer Berlin
 Heidelberg, 2008. 415-432.
 https://www.iacr.org/archive/eurocrypt2008/49650412/49650412.pdf

The Groth-Sahai paper was the original presentation of what's known as
Groth-Sahai Proofs, which are a special way of constructing NIZKPoK proofs,
such that a Prover who wishes to show knowledge of certain values is able to
make two vectors of (internal) commitments to those values via ring modules
with a bilinear map, and then (external) commitments which satisfy pairing
product equation for some pairing-friendly prime-order groups.

This is, in hopefully simpler terms, a way of creating internal commitments to
some values; the internal commitments are then embedded within other external
commitments, such that the external commitments prove knowledge the original
values, without ever giving away any knowledge of the values (nor the openings
to the internal commitments).

In addition to the obvious uses they provide for various anonymous signature
schemes and other privacy-aware protocols, the equations for the constructions
of Groth-Sahai proofs are quite beautiful ― I'd really encourage people to
read this paper.
 
Belenkiy, M., Camenisch, J., Chase, M., Kohlweiss, M., Lysyanskaya, A., &
 Shacham, H..
 "Randomizable proofs and delegatable anonymous credentials."
 Advances in Cryptology-CRYPTO 2009. Springer Berlin Heidelberg, 2009. 108-125.
 http://cseweb.ucsd.edu/~hovav/dist/delcred.pdf

I want to implement this. These could be used by a BridgeDB client (with the
social distributor) to prove a valid signature on the client's set of bridges
in ZK. Or as the invite tokens, to invite friends to get bridges. Or for an
anonymous payment system within TBB. Probably quite hard to implement, as it
requires Groth-Sahai proofs, and pairings, and all that. But *so* useful.

-- 
 ♥Ⓐ isis agora lovecruft
_________________________________________________________
GPG: 4096R/A3ADB67A2CDB8B35
Current Keys: https://blog.patternsinthevoid.net/isis.txt
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1154 bytes
Desc: Digital signature
URL: <http://lists.torproject.org/pipermail/tor-reports/attachments/20140115/3a2509f6/attachment.sig>

More information about the tor-reports mailing list