Florian Rüchel <[email protected]> writes: > Hi everyone, > > I am attaching the conversation from the assistants list over. > > Here is the TL;DR: I want to write my master's thesis on Tor, > preferrably on a topic that has to do with Hidden Services and/or > Cryptography in Tor. > > I have followed George's recommendations and read through some of the > sources provided. In the end, several topics seem appealing to me, but > before moving on I'd like to get some feedback from you guys on whether > you'd consider the topics worth researching or even have some additional > ideas.
Some comments follow: > > HSDir tracking: I have taken a look at the idea of PIR ( > https://en.wikipedia.org/wiki/Private_information_retrieval) and the > problem associated with getting HS descriptiors. I have only looked at > the theory of PIR so far and not yet an idea of how this can be > accomplished (and to what extend) in practice. > This is worth researching and even implementing a PoC of. There are various places in the Tor protocols that PIR could be applied. However I don't know how feasible it is for an MSc thesis. I remember that Ian Goldberg had a nice survey paper of PIR schemes. There are even some implementations of some PIR schemes floating the internet, but they are probably research quality implementations. > Certificates for HS: I find this topic particularly interesting and have > followed the discussion. The general concept seems like a great thing to > achieve and it could actually outperform the regular SSL/CA > infrastructure stuff as it could remove the need for CAs. Unfortunately, > this seems something that is not extensive enough to warrant a whole > thesis. If you guys think otherwise, please let me know. > > Tor with mix features: Tor has the explicit goal of being a low-latency > network. However, there are several protocols where high-latency would > be acceptable. I liked the idea of high latency HSes > (https://lists.torproject.org/pipermail/tor-dev/2014-November/007818.html). > I'd like to know what you think about this idea being viable. It would > have the advantage of being very flexible from just a theoretic > evaluation down to a real implementation so I could adjust this to my > time. But only if this is actually desired so it does not need to stay > theoretic. I think it would be very interesting to evaluate whether this > can improve or hurt anonymity of low-latency users, as well. > I agree. Very interesting area. I'm hoping for Tor to move the area forward during the next one year. We will see. Parallel research would be good. Some ideas to move forward: https://lists.torproject.org/pipermail/tor-dev/2014-November/007859.html > Traffic confirmation attacks: This is here more or less for > completeness. I know this topic is open for several years and would be > one of the most powerful countermeasures to deploy but unless someone > has started on something that I could build upon, I don't see myself > coming up with something useful here. > > Guard discovery attacks: I have only read roughly what these attacks > are. I'd like to know if it would make sense to take a deeper look here, > i.e. you think extensive research is needed on that topic. > A few people are thinking about this actively, and I'm hoping that this topic will also move forward over the next months. I believe that there is research to be done here. See the relevant thread for some directions. > Improving crypto for HSes: The blog entry on HS > (https://blog.torproject.org/blog/hidden-services-need-some-love) > vaguely states that crypto for HSes could be improved. However, the > article is over a year old and I know the new rend-spec-ng exists, so > I'd like to know whether there's anything here to work on. I have a > fairly good background on cryptography, so I'd like to help here if help > is needed. > Maybe check the part about the HSDir hashring? https://trac.torproject.org/projects/tor/ticket/8244 https://lists.torproject.org/pipermail/tor-dev/2013-November/005878.html > Cryptography: There's two proposal ideas, one from 2010 > (https://gitweb.torproject.org/torspec.git/blob/HEAD:/proposals/ideas/xxx-crypto-migration.txt) > and one from 2011 > (https://gitweb.torproject.org/torspec.git/blob/HEAD:/proposals/ideas/xxx-new-crypto-sketch.txt) > which builds on that. Has some of this been addressed? Is this still > being worked on or just leftover that has already been integrated to the > desired level? Would an analysis of the cryptography used in Tor make > sense to you, i.e. building on those documents reviewing where and how > Tor uses cryptography to secure its operations and evaluating the > methods used? > Yes, a crypto/code audit would indeed be very useful. > Onion addresses: I took a look at several approaches around > censorship-resistant lookups, e.g. the GNS (see George's recommendation > below) and Aarown Swartz's proposal on squaring Zooko's triangle by > achieving all three properties. I think it would be a cool thing if it > were actually possible to improve onion addresses to be human-readable, > especially when they get longer by using bigger keys in the future > (since 80 bit won't suffice). I don't know if this is actually possible > (I see some issues on Aaron's proposal and Dan Kaminsky confirmed them) > but working out a scheme that makes handling the names easier for users > while not sacrificing the security would help a lot, I think. Yes, definitely interesting and worth doing. Many possible directions and ideas too. See this thread http://archives.seul.org/or/dev/May-2013/msg00115.html for some ideas. Another interesting idea is the anonymous blacklisting protocols, like Nymble. Making a practical (implementable) such protocol, would give us a very good push in the "block all Tor users from accesing our website" fight. Also, feel free to drop by IRC. It's #tor-dev at OFTC. Most Tor developers are active there and would be glad to answer any questions. > > This would be the bigger topics I have found on which I could see myself > building a thesis. I also stumbled upon smaller research questions (e.g. > whether running a bridge/relay is good, bad or doesn't make a difference > for anonymity) but none of those warrant a full 6 month thesis so I > discarded them for the moment. > > If you could take the time to evaluate my ideas and let me know what you > think, I'd greatly appreciate that. The hardest thing here as an > outsider is to assess the current situation and figure out where work is > actually needed and where problems/issues have already been addressed so > any help from you guys would really help me. > > Thanks in advance & Regards, > Florian Rüchel > > P.S.: George: >> I'm about to relocate, so my reply will be short! Come and find us in >> CCC for more. > Unfortuantely, I don't know what you mean by CCC :( >> Ah, I'm also a fan of the FluxFingers team :) > Great! Have played some CTFs for yourselves, then? Are you member of a team? > > Thanks for your quick reply, it has helped me a great deal moving > forward on this project. > > On 12.11.2014 23:15, George Kadianakis wrote: >> Florian Rüchel <[email protected]> writes: >> >>> Hello everyone, >>> >>> I am about to write my master's thesis and am evaluating Tor as my >>> research topic. I have read through several documents (including the >>> Ideas page of the research page and the Research page on the Volunteer's >>> page). I also read "Hidden Services need some love" >>> (https://blog.torproject.org/blog/hidden-services-need-some-love) and >>> especially followed the section on cryptography (reading both proposals) >>> with great interest. >>> >>> Before diving into more of those documents that are available, I noticed >>> you encourage people to contact you through this list should they wish >>> to conduct research. Right now I am in a very early state as I have not >>> chosen a topic yet. In my choice I want to do something that benefits >>> the Tor network, satisfies my professor and involves topics I generally >>> care for. >>> >>> As noted above, I took particular interest in Hidden Services and >>> general cryptography used by Tor. So if possible, I would like to have >>> those two (or one of those topics) to focus my thesis on. Of course, I >>> need to define my topic in such a way that it fits my time schedule >>> (half a year, full-time) and that my professor accepts it. >>> >>> Now, before moving any further I'd like to know if there are any further >>> documents I should read that are more up to date than the documents >>> indicated above (especially the crypto specs are from 2010/2011 so I >>> don't know how far the network has moved here). It would also be >>> interesting to know whether some of the issues described for Hidden >>> Services are already addressed and whether my research would be better >>> directed somewhere else. >>> >>> I would be glad if you could take the time to respond to my request so >>> as to help me define my topic better. >>> >> Greetings, >> >> I'm about to relocate, so my reply will be short! Come and find us in >> CCC for more. >> >> I'd first suggest you to join and skim over the [tor-dev] mailing list: >> https://lists.torproject.org/pipermail/tor-dev/ >> Especially this month there has been an increase of threads about >> hidden services, so I'd suggest you to check it out. >> >> I'd also suggest you to read the recent blog post about the attacks >> against HSes: >> https://blog.torproject.org/blog/thoughts-and-concerns-about-operation-onymous >> >> The blog post offers plenty of material for research, since it lists >> various attacks and issues with the security of HSes that we need to >> fix and would definitely benefit from further thinking. Check the >> guard discovery [tor-dev] thread for example. >> >> Also check this recent thread: >> https://lists.torproject.org/pipermail/tor-dev/2014-October/007642.html >> which is part of figuring out work for a funded project. Most of those >> tasks are not very interesting for you, but you can find deeper >> research questions in some of them. >> >> Another guy recently did his thesis on HS scaling: >> https://lists.torproject.org/pipermail/tor-dev/2014-April/006788.html >> >> There is also this stuff: >> https://lists.torproject.org/pipermail/tor-dev/2013-November/005878.html >> related to the HSDir hashring in rend-spec-ng.txt. >> >> And check out the "Trawling Hidden Services" paper by Ralf et al. >> >> For example, on a more key management tone, petname systems for HSes >> would be very interesting, which is related to the recent work of >> GNUNet with GNS: >> https://gnunet.org/gns >> >> BTW, keep in mind that some of these projects will be moving during >> the next year. >> >> Also, if you have public questions which would benefit more people, it >> would be great if you could post in [tor-dev] instead of here. It's >> good to answer obscure HS questions in public so that more people can >> understand the protocol. >> >> Ah, I'm also a fan of the FluxFingers team :) >> >> Thanks for the interest and hope this was useful. > > _______________________________________________ > tor-dev mailing list > [email protected] > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev _______________________________________________ tor-dev mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
