Re: [tor-relays] tor hidden services & SSL EV certificate

[Jesse V]

On 01/01/2016 10:21 AM, Josef Stautner wrote:
> You can use an Amazon EC2 G-Instance and Scallion if you don't have a
> good GPU.

That is not a good idea, since then you are given them your private key.
I trust Amazon, but not that much. People have posted on the /r/onions
or /r/tor subreddit with similar pay-for-prefix services, and they
continue to get shot down for this same reason. It's better to
brute-force the prefix yourself.

Facebook's onion prefix is impressive, but I think it was a coincidence
and good luck, which is also reiterated in this blog post:
https://blog.torproject.org/blog/facebook-hidden-services-and-https-certs

-- 
Jesse V



signature.asc
Description: OpenPGP digital signature
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] tor hidden services & SSL EV certificate

[Manager Bahia del Sol LLC]

 There is alsoScallionhttps://github.com/lachesis/scallion and Eshalothttps://github.com/ReclaimYourPrivacy/eschalot The hardware facebook used to bruteforce their onion address must have been very impressive. Message: 2Date: Thu, 31 Dec 2015 10:33:19 -0900From: Jesse V To: tor-relays@lists.torproject.orgSubject: Re: [tor-relays] tor hidden services & SSL EV certificateMessage-ID: <568582ff.40...@riseup.net>Content-Type: text/plain; charset="windows-1252"On 12/31/2015 05:44 AM, Benoit Chesneau wrote: Thanks it's useful :) I am know wondering how i can bruteforce a clear name for my site like facebook but i think it's all good for the rest :)Like this: https://github.com/katmagic/ShallotIt doesn't look like it's maintained, so you may want to examine forks,but I've had success with Shallot as it is.-- Jesse V--  --  Manager of Bahia del Sol LLC ___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] tor hidden services & SSL EV certificate

[Josef Stautner]

You can use an Amazon EC2 G-Instance and Scallion if you don't have a
good GPU.

Am 01.01.2016 um 20:18 schrieb Manager Bahia del Sol LLC:
>  
> There is also
> Scallion
> https://github.com/lachesis/scallion
>  
> and Eshalot
> https://github.com/ReclaimYourPrivacy/eschalot
>  
> The hardware facebook used to bruteforce their onion address must have
> been very impressive.
>  
>>
>>
>> Message: 2
>> Date: Thu, 31 Dec 2015 10:33:19 -0900
>> From: Jesse V <kernelc...@riseup.net <mailto:kernelc...@riseup.net>>
>> To: tor-relays@lists.torproject.org
>> <mailto:tor-relays@lists.torproject.org>
>> Subject: Re: [tor-relays] tor hidden services & SSL EV certificate
>> Message-ID: <568582ff.40...@riseup.net
>> <mailto:568582ff.40...@riseup.net>>
>> Content-Type: text/plain; charset="windows-1252"
>>
>> On 12/31/2015 05:44 AM, Benoit Chesneau wrote:
>>
>>  Thanks it's useful :) I am know wondering how i can bruteforce a
>> clear
>>  name for my site like facebook but i think it's all good for the
>> rest :)
>>
>>
>> Like this: https://github.com/katmagic/Shallot
>>
>> It doesn't look like it's maintained, so you may want to examine forks,
>> but I've had success with Shallot as it is.
>>
>> -- 
>> Jesse V
>>
>>
>>
>> --
>>
>  
>  
> -- 
>  Manager of Bahia del Sol LLC
>  
>
>
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays



signature.asc
Description: OpenPGP digital signature
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] tor hidden services & SSL EV certificate

[Benoit Chesneau]

> On 30 Dec 2015, at 13:55, Paul Syverson  wrote:
> 
> On Tue, Dec 29, 2015 at 12:27:06PM -0900, Jesse V wrote:
>> On 12/29/2015 11:18 AM, Aeris wrote:
 A few hidden services have added an
 HTTPS cert but I think that's mostly for a publicity stunt than anything
 else.
>>> 
>>> As indicated in the roger’s lecture, HTTPS is usefull for HS :
>>> - browsers handle more securely cookies or other stuff in HTTPS mode, 
>>> avoiding some possible leaks
>>> - because anybody can create an HS and proxify any content, X.509 certs 
>>> allow users to verify the authenticity of the HS (you are on the official 
>>> Facebook HS if you have a cert with facebook.com *AND* 
>>> facebookcorewwwi.onion 
>>> inside)
>>> 
>> 
>> I've downloaded the .webm of Roger's lecture but haven't had the time
>> today to listen to it. My point was that HSs already have an
>> authentication mechanism and it's assumed that you can verify the
>> address through some trusted out-of-band method, so in that case you
>> don't need an SSL cert. This can sometimes be superior to trusting the
>> centralized CA model, but I agree that the points you've listed are
>> useful applications as well.
>> 
> 
> In case it is helpful. Griffin Boyce and I have a paper forthcoming in
> IEEE Security & Privacy Magazine on this topic. The final editorial
> changes are not in so it might change a little, but you can find the
> hopefully-close-to-final version at
> https://github.com/saint/w2sp-2015/blob/master/SP_SPSI-2015-09-0170.R1_Syverson.pdf
>  
> 
> 
> It covers
> 
> - How the self-authentication of onionsites that Jesse has been noting
>  and the SSL certs for registered-domain websites that Benoit asked
>  about can complement each other in a variety of ways---and not just
>  for big companies but for individuals, small businesses, local
>  organizations, clubs, sports teams, etc.
> 
> - The current state of certs for onionsites (EV only), and what
>  the issues are that stand in the way of DV certs and a proposal
>  for resolving them.
> 
> - How this can all dovetail nicely with Let's Encrypt (an issuance
>  and usage design that binds things together nicely so it is hard to
>  undetectably set up a spoof onionsite of another onionsite
>  of a registered-domain site, etc. and vice versa) once DV certs
>  are allowed.
> 
> - A description of using GPG that can be done right now while waiting
>  for the world to catch up, and an existing example of a site that
>  does such binding (from a small site operator who found his hosting
>  provider was blocking access from the Tor network). We just cited
>  one such example in the paper, but there are of course others, e.g.,
>  https://blog.patternsinthevoid.net/isis.txt 
> 
> 
> aloha,
> Paul
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org 
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays 
> 

Thanks it's useful :) I am know wondering how i can bruteforce a clear name for 
my site like facebook but i think it's all good for the rest :)

- benoît

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] tor hidden services & SSL EV certificate

[Paul Syverson]

On Tue, Dec 29, 2015 at 12:27:06PM -0900, Jesse V wrote:
> On 12/29/2015 11:18 AM, Aeris wrote:
> >> A few hidden services have added an
> >> HTTPS cert but I think that's mostly for a publicity stunt than anything
> >> else.
> > 
> > As indicated in the roger’s lecture, HTTPS is usefull for HS :
> > - browsers handle more securely cookies or other stuff in HTTPS mode, 
> > avoiding some possible leaks
> > - because anybody can create an HS and proxify any content, X.509 certs 
> > allow users to verify the authenticity of the HS (you are on the official 
> > Facebook HS if you have a cert with facebook.com *AND* 
> > facebookcorewwwi.onion 
> > inside)
> > 
> 
> I've downloaded the .webm of Roger's lecture but haven't had the time
> today to listen to it. My point was that HSs already have an
> authentication mechanism and it's assumed that you can verify the
> address through some trusted out-of-band method, so in that case you
> don't need an SSL cert. This can sometimes be superior to trusting the
> centralized CA model, but I agree that the points you've listed are
> useful applications as well.
> 

In case it is helpful. Griffin Boyce and I have a paper forthcoming in
IEEE Security & Privacy Magazine on this topic. The final editorial
changes are not in so it might change a little, but you can find the
hopefully-close-to-final version at
https://github.com/saint/w2sp-2015/blob/master/SP_SPSI-2015-09-0170.R1_Syverson.pdf

It covers

- How the self-authentication of onionsites that Jesse has been noting
  and the SSL certs for registered-domain websites that Benoit asked
  about can complement each other in a variety of ways---and not just
  for big companies but for individuals, small businesses, local
  organizations, clubs, sports teams, etc.

- The current state of certs for onionsites (EV only), and what
  the issues are that stand in the way of DV certs and a proposal
  for resolving them.

- How this can all dovetail nicely with Let's Encrypt (an issuance
  and usage design that binds things together nicely so it is hard to
  undetectably set up a spoof onionsite of another onionsite
  of a registered-domain site, etc. and vice versa) once DV certs
  are allowed.

- A description of using GPG that can be done right now while waiting
  for the world to catch up, and an existing example of a site that
  does such binding (from a small site operator who found his hosting
  provider was blocking access from the Tor network). We just cited
  one such example in the paper, but there are of course others, e.g.,
  https://blog.patternsinthevoid.net/isis.txt

aloha,
Paul
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] tor hidden services & SSL EV certificate

[Mirimir]

On 12/29/2015 01:16 PM, bernard wrote:
> 
> On 29/12/2015 19:38, Jesse V wrote:
>> A few hidden services have added an
>> HTTPS cert but I think that's mostly for a publicity stunt than anything
>> else.
> 
> (I am not commenting on the technical necessity of a cert.)
> 
> No, I think the point that was made at today's talk (and correct me if I
> got it wrong) was that if I am the operator of, for example,
> www.bigclearwebwebsite.com (who, by default of big known to the
> Internet, I am not worried about the anonymity of my site or those who
> operate it).
> 
> I want to create a www.bigclearwebwebsite.onion site (which of course
> would be more like www.xhsjeflflajdfyeysksldpfiejcc.onion), I can do
> this by getting a HTTPS cert for my .onion address.
> 
> The objective of it (from a users point of view) would be the tieing the
> identity of the *clear web* site and the *.onion site* together to give
> the user some trust that bigclearwebwebsite.onion is in fact the same as
> the .com site.
> 
> 
> 
> (Replace bigclearwebwebsite. with DuckDuckGo, Facebook, etc)

True. But I don't see that it helps much for onion sites that aren't
tied to well-known clearweb sites. Spoofers could also get HTTPS certs.
And users couldn't tell them apart.

I've been playing with GnuPG-signed pages, with the public key available
from multiple independent sources. But of course, it's a bit much to
expect users to verify signatures.
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] tor hidden services & SSL EV certificate

[Benoit Chesneau]

> On 29 Dec 2015, at 21:05, Ivan Kwiatkowski  wrote:
> 
> Since you're at 32c3, you should get in touch with the EFF / Let's
> Encrypt people to see if they have made plans for this issue.


Ah I didn't think about that. I will then :)

- benoît___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] tor hidden services & SSL EV certificate

[bernard]

On 29/12/2015 20:55, Mirimir wrote:

On 12/29/2015 01:16 PM, bernard wrote:





The objective of it (from a users point of view) would be the tieing the
identity of the *clear web* site and the *.onion site* together to give
the user some trust that bigclearwebwebsite.onion is in fact the same as
the .com site.



(Replace bigclearwebwebsite. with DuckDuckGo, Facebook, etc)


True. But I don't see that it helps much for onion sites that aren't
tied to well-known clearweb sites.


Fair point. Maybe for users of a .onion site that *itself* needs 
anonymity, an SSL cert is not helpful to it.


But another way of asking: how do I as a user trust that .onion site?


I've been playing with GnuPG-signed pages, with the public key available
from multiple independent sources. But of course, it's a bit much to
expect users to verify signatures.


Well, given difficulties users have with verification of GPG key 
strings, that would be difficult.


Bernard
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] tor hidden services & SSL EV certificate

[Jesse V]

On 12/29/2015 10:25 AM, Benoit Chesneau wrote:
> I was at the talk this afternoon at the 32c3 and  get a certificate for a .onion. Any service to suggest? Also where I should 
> see to configure it correctly?
> 
> - benoit
> 

You don't need one. Hidden services automatically get end-to-end
authentication and encryption. Since that is handled by Tor and not by
the browser, hidden service addresses use "http" rather than "https",
but in this case the connection is nevertheless encrypted. It's
technically redundant to add HTTPS. A few hidden services have added an
HTTPS cert but I think that's mostly for a publicity stunt than anything
else.

-- 
Jesse V



signature.asc
Description: OpenPGP digital signature
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] tor hidden services & SSL EV certificate

[bernard]

On 29/12/2015 19:38, Jesse V wrote:

A few hidden services have added an
HTTPS cert but I think that's mostly for a publicity stunt than anything
else.


(I am not commenting on the technical necessity of a cert.)

No, I think the point that was made at today's talk (and correct me if I 
got it wrong) was that if I am the operator of, for example, 
www.bigclearwebwebsite.com (who, by default of big known to the 
Internet, I am not worried about the anonymity of my site or those who 
operate it).


I want to create a www.bigclearwebwebsite.onion site (which of course 
would be more like www.xhsjeflflajdfyeysksldpfiejcc.onion), I can do 
this by getting a HTTPS cert for my .onion address.


The objective of it (from a users point of view) would be the tieing the 
identity of the *clear web* site and the *.onion site* together to give 
the user some trust that bigclearwebwebsite.onion is in fact the same as 
the .com site.




(Replace bigclearwebwebsite. with DuckDuckGo, Facebook, etc)
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] tor hidden services & SSL EV certificate

[Jesse V]

On 12/29/2015 11:18 AM, Aeris wrote:
>> A few hidden services have added an
>> HTTPS cert but I think that's mostly for a publicity stunt than anything
>> else.
> 
> As indicated in the roger’s lecture, HTTPS is usefull for HS :
>   - browsers handle more securely cookies or other stuff in HTTPS mode, 
> avoiding some possible leaks
>   - because anybody can create an HS and proxify any content, X.509 certs 
> allow users to verify the authenticity of the HS (you are on the official 
> Facebook HS if you have a cert with facebook.com *AND* facebookcorewwwi.onion 
> inside)
> 

I've downloaded the .webm of Roger's lecture but haven't had the time
today to listen to it. My point was that HSs already have an
authentication mechanism and it's assumed that you can verify the
address through some trusted out-of-band method, so in that case you
don't need an SSL cert. This can sometimes be superior to trusting the
centralized CA model, but I agree that the points you've listed are
useful applications as well.

-- 
Jesse V



signature.asc
Description: OpenPGP digital signature
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] tor hidden services & SSL EV certificate

[Aeris]

> A few hidden services have added an
> HTTPS cert but I think that's mostly for a publicity stunt than anything
> else.

As indicated in the roger’s lecture, HTTPS is usefull for HS :
- browsers handle more securely cookies or other stuff in HTTPS mode, 
avoiding some possible leaks
- because anybody can create an HS and proxify any content, X.509 certs 
allow users to verify the authenticity of the HS (you are on the official 
Facebook HS if you have a cert with facebook.com *AND* facebookcorewwwi.onion 
inside)

-- 
Aeris
Individual crypto-terrorist group self-radicalized on the digital Internet
https://imirhil.fr/

Protect your privacy, encrypt your communications
GPG : EFB74277 ECE4E222
OTR : 5769616D 2D3DAC72
https://café-vie-privée.fr/

signature.asc
Description: This is a digitally signed message part.
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] tor hidden services & SSL EV certificate

[Ivan Kwiatkowski]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

I beg to differ. One of the very good points made in the talk was that
by tying the "vanilla" DNS name of the website and its .onion address
as alternate names, you can offer proof to your users that the .onion
URL they entered is indeed the website they were trying to reach.

Barring that, you have to trust on good faith that the random string
you found on Google is not bringing you to a malicious copy of your
destination which performs man-in-the-middle to steal your credentials
(and/or rewrites Bitcoin address since apparently that's a thing).

As for the original question, I think that you cannot get a DV
certificate for the .onion TLD at the moment. I assume that you could
go the FaceBook way and try your luck with Verisign or Digicert, but
it's probably going to cost you a few hundred of dollars.
Since you're at 32c3, you should get in touch with the EFF / Let's
Encrypt people to see if they have made plans for this issue.

- --
Ivan

On 12/29/2015 08:38 PM, Jesse V wrote:
> On 12/29/2015 10:25 AM, Benoit Chesneau wrote:
>> I was at the talk this afternoon at the 32c3 and > where can get a certificate for a .onion. Any service to suggest?
>> Also where I should see to configure it correctly?
>> 
>> - benoit
>> 
> 
> You don't need one. Hidden services automatically get end-to-end 
> authentication and encryption. Since that is handled by Tor and not
> by the browser, hidden service addresses use "http" rather than
> "https", but in this case the connection is nevertheless encrypted.
> It's technically redundant to add HTTPS. A few hidden services have
> added an HTTPS cert but I think that's mostly for a publicity stunt
> than anything else.
> 
> 
> 
> ___ tor-relays mailing
> list tor-relays@lists.torproject.org 
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> 
-BEGIN PGP SIGNATURE-
Version: GnuPG v2

iQIcBAEBCAAGBQJWgud3AAoJEEDp8Kj16odUcN0P+QElB/86fiE1Sl5nvN8SrkaB
Tw9sMpWh3Eciccyu831l8eljb2zsEcsVaGrpye3gKTdCRDHJIw+6zT2clRwgxlby
1isi7/x2rUr18ar2qE32edisTy4++FUJA+qEZADBQGzAojVFMn+MZIODkVBGFmwG
raOycdABpCk6GD1z8Xes0vNzFoFws4sEyWuqWWsAYNbDyokHYWSI41MtgqiSuzJe
3pB+SNwZ5IeP3vOjZbpL/pe7zoqqP2eKjPstT50MhOblBQtvbjQPc439meCHjmcu
1sXCNClODZFuyEOa2dQO6aG9fX/nF6xEYkQViF34otgSwcKB6IcIRsaXD+MLT7Ts
wS18ug7ZjaMChq59Ug4BtjSJGrQqbjLmzaYq+Sk8GCVXVxgLAJqfQzDEDi3k3nBE
xPdeDYYaD5poGlfevpSi6xdmI5N0jbBv74TI9XuLtDgg6PCI1oUccH+O+Qyfabn/
al81ANcQsTYgTMDb6iemo7HJ7FxN+1fHHy8voKecDG8hzJUUDMh/rXzrt8egbWbj
y0Q0wbW7vY+AjJy+YYrWe5YHCxJ9u7VacJ59YCkFPeG7ZXIUqv15cKTxVMXhgeR+
ZhksZgWSQ1bzbThMRP/alrPvSL2N9yhAxXkdQ+ycKzNygXS88M7S0OIKBIAp73zO
MY6YnhupRj2N1+9X8dqe
=mCnL
-END PGP SIGNATURE-
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] tor hidden services & SSL EV certificate

[benoitc]

> On 29 Dec 2015, at 21:18, Aeris  wrote:
> 
>> A few hidden services have added an
>> HTTPS cert but I think that's mostly for a publicity stunt than anything
>> else.
> 
> As indicated in the roger’s lecture, HTTPS is usefull for HS :
>   - browsers handle more securely cookies or other stuff in HTTPS mode, 
> avoiding some possible leaks
>   - because anybody can create an HS and proxify any content, X.509 certs 
> allow users to verify the authenticity of the HS (you are on the official 
> Facebook HS if you have a cert with facebook.com *AND* facebookcorewwwi.onion 
> inside)
> 

Yes I forgot to say it was for a know url already (https://friendpaste.com) on 
which I would like to add a .onion access so people don't have to go out of the 
tor network somehow. Having a cert working on that address would help to 
validate the access.

I will check with digicert if this is possible since they are already providing 
me a cert for this address.

- benoit

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] tor hidden services & SSL EV certificate

[Billy Humphreys]

There should be a way to auth via letsencrypt.org, anonymously.

To: tor-relays@lists.torproject.org
From: kernelc...@riseup.net
Date: Tue, 29 Dec 2015 12:27:06 -0900
Subject: Re: [tor-relays] tor hidden services & SSL EV certificate

On 12/29/2015 11:18 AM, Aeris wrote:
>> A few hidden services have added an
>> HTTPS cert but I think that's mostly for a publicity stunt than anything
>> else.
> 
> As indicated in the roger’s lecture, HTTPS is usefull for HS :
>   - browsers handle more securely cookies or other stuff in HTTPS mode, 
> avoiding some possible leaks
>   - because anybody can create an HS and proxify any content, X.509 certs 
> allow users to verify the authenticity of the HS (you are on the official 
> Facebook HS if you have a cert with facebook.com *AND* facebookcorewwwi.onion 
> inside)
> 
 
I've downloaded the .webm of Roger's lecture but haven't had the time
today to listen to it. My point was that HSs already have an
authentication mechanism and it's assumed that you can verify the
address through some trusted out-of-band method, so in that case you
don't need an SSL cert. This can sometimes be superior to trusting the
centralized CA model, but I agree that the points you've listed are
useful applications as well.
 
-- 
Jesse V
 

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
  ___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] tor hidden services & SSL EV certificate

[benoitc]

> On 29 Dec 2015, at 21:05, Ivan Kwiatkowski  wrote:
> 
> 
> As for the original question, I think that you cannot get a DV
> certificate for the .onion TLD at the moment. I assume that you could
> go the FaceBook way and try your luck with Verisign or Digicert, but
> it's probably going to cost you a few hundred of dollars.


Just for info ordering a .onion certificate in digicert is supported:

https://blog.digicert.com/ordering-a-onion-certificate-from-digicert/

- benoit___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays