the tor project - summerschool-croatia.cs.ru.nlalice1 alice3 irrelevant relay e(bo b3,“ x”)...
TRANSCRIPT
![Page 1: The Tor Project - summerschool-croatia.cs.ru.nlAlice1 Alice3 Irrelevant Relay E(Bo b3,“ X”) E(Bob1, “Y”) E ( B o b 2, “ Z ” ) “ Y ” “Z” “X ” Timing analysis](https://reader035.vdocuments.us/reader035/viewer/2022071212/6025832ae24b0319e708254f/html5/thumbnails/1.jpg)
1
The Tor Project
Our mission is to advance human rights and freedoms by creating
and deploying free and open privacy and anonymity
technologies, supporting their unrestricted availability and use, and furthering their scientific and
popular understanding.
![Page 2: The Tor Project - summerschool-croatia.cs.ru.nlAlice1 Alice3 Irrelevant Relay E(Bo b3,“ X”) E(Bob1, “Y”) E ( B o b 2, “ Z ” ) “ Y ” “Z” “X ” Timing analysis](https://reader035.vdocuments.us/reader035/viewer/2022071212/6025832ae24b0319e708254f/html5/thumbnails/2.jpg)
2
![Page 3: The Tor Project - summerschool-croatia.cs.ru.nlAlice1 Alice3 Irrelevant Relay E(Bo b3,“ X”) E(Bob1, “Y”) E ( B o b 2, “ Z ” ) “ Y ” “Z” “X ” Timing analysis](https://reader035.vdocuments.us/reader035/viewer/2022071212/6025832ae24b0319e708254f/html5/thumbnails/3.jpg)
● Online Anonymity– Open Source– Open Network
● Community of researchers, developers, users and relay operators.
● U.S. 501(c)(3) non-profit organization
![Page 4: The Tor Project - summerschool-croatia.cs.ru.nlAlice1 Alice3 Irrelevant Relay E(Bo b3,“ X”) E(Bob1, “Y”) E ( B o b 2, “ Z ” ) “ Y ” “Z” “X ” Timing analysis](https://reader035.vdocuments.us/reader035/viewer/2022071212/6025832ae24b0319e708254f/html5/thumbnails/4.jpg)
4
Estimated 2,000,000+ daily Tor users
![Page 5: The Tor Project - summerschool-croatia.cs.ru.nlAlice1 Alice3 Irrelevant Relay E(Bo b3,“ X”) E(Bob1, “Y”) E ( B o b 2, “ Z ” ) “ Y ” “Z” “X ” Timing analysis](https://reader035.vdocuments.us/reader035/viewer/2022071212/6025832ae24b0319e708254f/html5/thumbnails/5.jpg)
5
Threat model:what can the attacker do?
AliceAnonymity network Bob
watch (or be!) Bob!
watch Alice!
Control part of the network!
![Page 6: The Tor Project - summerschool-croatia.cs.ru.nlAlice1 Alice3 Irrelevant Relay E(Bo b3,“ X”) E(Bob1, “Y”) E ( B o b 2, “ Z ” ) “ Y ” “Z” “X ” Timing analysis](https://reader035.vdocuments.us/reader035/viewer/2022071212/6025832ae24b0319e708254f/html5/thumbnails/6.jpg)
6
Anonymity isn't encryption: Encryption just protects contents.
Alice
Bob
“Hi, Bob!”“Hi, Bob!” <gibberish>
attacker
![Page 7: The Tor Project - summerschool-croatia.cs.ru.nlAlice1 Alice3 Irrelevant Relay E(Bo b3,“ X”) E(Bob1, “Y”) E ( B o b 2, “ Z ” ) “ Y ” “Z” “X ” Timing analysis](https://reader035.vdocuments.us/reader035/viewer/2022071212/6025832ae24b0319e708254f/html5/thumbnails/7.jpg)
7
Privacy by promise, privacy by design“You can't prove it was me!”
“Promise you won't look!”
“Promise you won't remember!”
“Promise you won't tell!”
“I didn't write my name on it!”
“Isn't the Internet already anonymous?”
![Page 8: The Tor Project - summerschool-croatia.cs.ru.nlAlice1 Alice3 Irrelevant Relay E(Bo b3,“ X”) E(Bob1, “Y”) E ( B o b 2, “ Z ” ) “ Y ” “Z” “X ” Timing analysis](https://reader035.vdocuments.us/reader035/viewer/2022071212/6025832ae24b0319e708254f/html5/thumbnails/8.jpg)
8
Anonymity serves different interests for different user groups.
Anonymity
Private citizens“It's privacy!”
![Page 9: The Tor Project - summerschool-croatia.cs.ru.nlAlice1 Alice3 Irrelevant Relay E(Bo b3,“ X”) E(Bob1, “Y”) E ( B o b 2, “ Z ” ) “ Y ” “Z” “X ” Timing analysis](https://reader035.vdocuments.us/reader035/viewer/2022071212/6025832ae24b0319e708254f/html5/thumbnails/9.jpg)
9
Anonymity serves different interests for different user groups.
Anonymity
Private citizens
Businesses
“It's network security!”
“It's privacy!”
![Page 10: The Tor Project - summerschool-croatia.cs.ru.nlAlice1 Alice3 Irrelevant Relay E(Bo b3,“ X”) E(Bob1, “Y”) E ( B o b 2, “ Z ” ) “ Y ” “Z” “X ” Timing analysis](https://reader035.vdocuments.us/reader035/viewer/2022071212/6025832ae24b0319e708254f/html5/thumbnails/10.jpg)
10
Anonymity serves different interests for different user groups.
Anonymity
Private citizens
Governments Businesses
“It's traffic-analysisresistance!”
“It's network security!”
“It's privacy!”
![Page 11: The Tor Project - summerschool-croatia.cs.ru.nlAlice1 Alice3 Irrelevant Relay E(Bo b3,“ X”) E(Bob1, “Y”) E ( B o b 2, “ Z ” ) “ Y ” “Z” “X ” Timing analysis](https://reader035.vdocuments.us/reader035/viewer/2022071212/6025832ae24b0319e708254f/html5/thumbnails/11.jpg)
11
Anonymity serves different interests for different user groups.
Anonymity
Private citizens
Governments Businesses
“It's traffic-analysisresistance!”
“It's network security!”
“It's privacy!”
Human rightsactivists
“It's reachability!”
![Page 12: The Tor Project - summerschool-croatia.cs.ru.nlAlice1 Alice3 Irrelevant Relay E(Bo b3,“ X”) E(Bob1, “Y”) E ( B o b 2, “ Z ” ) “ Y ” “Z” “X ” Timing analysis](https://reader035.vdocuments.us/reader035/viewer/2022071212/6025832ae24b0319e708254f/html5/thumbnails/12.jpg)
12
Current situation: Bad people on the Internet are doing fine
TrojansVirusesExploits
PhishingSpam
BotnetsZombies
EspionageDDoS
Extortion
![Page 13: The Tor Project - summerschool-croatia.cs.ru.nlAlice1 Alice3 Irrelevant Relay E(Bo b3,“ X”) E(Bob1, “Y”) E ( B o b 2, “ Z ” ) “ Y ” “Z” “X ” Timing analysis](https://reader035.vdocuments.us/reader035/viewer/2022071212/6025832ae24b0319e708254f/html5/thumbnails/13.jpg)
13
The simplest designs use a single relay to hide connections.
Bob2
Bob1
Bob3
Alice2
Alice1
Alice3
Relay
E(Bob3,“X”)
E(Bob1, “Y”)
E(Bob2, “Z”)
“Y”
“Z”
“X”
(example: some commercial proxy providers)
![Page 14: The Tor Project - summerschool-croatia.cs.ru.nlAlice1 Alice3 Irrelevant Relay E(Bo b3,“ X”) E(Bob1, “Y”) E ( B o b 2, “ Z ” ) “ Y ” “Z” “X ” Timing analysis](https://reader035.vdocuments.us/reader035/viewer/2022071212/6025832ae24b0319e708254f/html5/thumbnails/14.jpg)
14
But a single relay (or eavesdropper!) is a single point of failure.
Bob2
Bob1
Bob3
Alice2
Alice1
Alice3
EvilRelay
E(Bob3,“X”)
E(Bob1, “Y”)
E(Bob2, “Z”)
“Y”
“Z”
“X”
![Page 15: The Tor Project - summerschool-croatia.cs.ru.nlAlice1 Alice3 Irrelevant Relay E(Bo b3,“ X”) E(Bob1, “Y”) E ( B o b 2, “ Z ” ) “ Y ” “Z” “X ” Timing analysis](https://reader035.vdocuments.us/reader035/viewer/2022071212/6025832ae24b0319e708254f/html5/thumbnails/15.jpg)
15
... or a single point of bypass.
Bob2
Bob1
Bob3
Alice2
Alice1
Alice3
IrrelevantRelay
E(Bob3,“X”)
E(Bob1, “Y”)
E(Bob2, “Z”)
“Y”
“Z”
“X”
Timing analysis bridges all connections through relay ⇒ An attractive fat target
![Page 16: The Tor Project - summerschool-croatia.cs.ru.nlAlice1 Alice3 Irrelevant Relay E(Bo b3,“ X”) E(Bob1, “Y”) E ( B o b 2, “ Z ” ) “ Y ” “Z” “X ” Timing analysis](https://reader035.vdocuments.us/reader035/viewer/2022071212/6025832ae24b0319e708254f/html5/thumbnails/16.jpg)
16
So, add multiple relays so thatno single one can betray Alice.
BobAlice
R1
R2
R3
R4 R5
![Page 17: The Tor Project - summerschool-croatia.cs.ru.nlAlice1 Alice3 Irrelevant Relay E(Bo b3,“ X”) E(Bob1, “Y”) E ( B o b 2, “ Z ” ) “ Y ” “Z” “X ” Timing analysis](https://reader035.vdocuments.us/reader035/viewer/2022071212/6025832ae24b0319e708254f/html5/thumbnails/17.jpg)
17
Alice makes a session key with R1...And then tunnels to R2...and to R3
BobAlice
R1
R2
R3
R4 R5
Bob2
![Page 18: The Tor Project - summerschool-croatia.cs.ru.nlAlice1 Alice3 Irrelevant Relay E(Bo b3,“ X”) E(Bob1, “Y”) E ( B o b 2, “ Z ” ) “ Y ” “Z” “X ” Timing analysis](https://reader035.vdocuments.us/reader035/viewer/2022071212/6025832ae24b0319e708254f/html5/thumbnails/18.jpg)
18
![Page 19: The Tor Project - summerschool-croatia.cs.ru.nlAlice1 Alice3 Irrelevant Relay E(Bo b3,“ X”) E(Bob1, “Y”) E ( B o b 2, “ Z ” ) “ Y ” “Z” “X ” Timing analysis](https://reader035.vdocuments.us/reader035/viewer/2022071212/6025832ae24b0319e708254f/html5/thumbnails/19.jpg)
19
Tor's safety comes from diversity
● #1: Diversity of relays. The more relays we have and the more diverse they are, the fewer attackers are in a position to do traffic confirmation. (Research problem: measuring diversity over time)
● #2: Diversity of users and reasons to use it. 50000 users in Iran means almost all of them are normal citizens.
![Page 20: The Tor Project - summerschool-croatia.cs.ru.nlAlice1 Alice3 Irrelevant Relay E(Bo b3,“ X”) E(Bob1, “Y”) E ( B o b 2, “ Z ” ) “ Y ” “Z” “X ” Timing analysis](https://reader035.vdocuments.us/reader035/viewer/2022071212/6025832ae24b0319e708254f/html5/thumbnails/20.jpg)
20
![Page 21: The Tor Project - summerschool-croatia.cs.ru.nlAlice1 Alice3 Irrelevant Relay E(Bo b3,“ X”) E(Bob1, “Y”) E ( B o b 2, “ Z ” ) “ Y ” “Z” “X ” Timing analysis](https://reader035.vdocuments.us/reader035/viewer/2022071212/6025832ae24b0319e708254f/html5/thumbnails/21.jpg)
21
Orbot
![Page 22: The Tor Project - summerschool-croatia.cs.ru.nlAlice1 Alice3 Irrelevant Relay E(Bo b3,“ X”) E(Bob1, “Y”) E ( B o b 2, “ Z ” ) “ Y ” “Z” “X ” Timing analysis](https://reader035.vdocuments.us/reader035/viewer/2022071212/6025832ae24b0319e708254f/html5/thumbnails/22.jpg)
22
Tails LiveCD
![Page 23: The Tor Project - summerschool-croatia.cs.ru.nlAlice1 Alice3 Irrelevant Relay E(Bo b3,“ X”) E(Bob1, “Y”) E ( B o b 2, “ Z ” ) “ Y ” “Z” “X ” Timing analysis](https://reader035.vdocuments.us/reader035/viewer/2022071212/6025832ae24b0319e708254f/html5/thumbnails/23.jpg)
23
![Page 24: The Tor Project - summerschool-croatia.cs.ru.nlAlice1 Alice3 Irrelevant Relay E(Bo b3,“ X”) E(Bob1, “Y”) E ( B o b 2, “ Z ” ) “ Y ” “Z” “X ” Timing analysis](https://reader035.vdocuments.us/reader035/viewer/2022071212/6025832ae24b0319e708254f/html5/thumbnails/24.jpg)
24
![Page 25: The Tor Project - summerschool-croatia.cs.ru.nlAlice1 Alice3 Irrelevant Relay E(Bo b3,“ X”) E(Bob1, “Y”) E ( B o b 2, “ Z ” ) “ Y ” “Z” “X ” Timing analysis](https://reader035.vdocuments.us/reader035/viewer/2022071212/6025832ae24b0319e708254f/html5/thumbnails/25.jpg)
25
Pluggable transports
![Page 26: The Tor Project - summerschool-croatia.cs.ru.nlAlice1 Alice3 Irrelevant Relay E(Bo b3,“ X”) E(Bob1, “Y”) E ( B o b 2, “ Z ” ) “ Y ” “Z” “X ” Timing analysis](https://reader035.vdocuments.us/reader035/viewer/2022071212/6025832ae24b0319e708254f/html5/thumbnails/26.jpg)
26
Pluggable transports
● Flashproxy (Stanford), websocket● FTEProxy (Portland St), http via regex● Stegotorus (SRI/CMU), http● Skypemorph (Waterloo), Skype video● uProxy (Google), webrtc● Lantern (BNS), social network based● ScrambleSuit (Karlstad), obfs-based● Telex (Michigan/Waterloo), traffic divert
![Page 27: The Tor Project - summerschool-croatia.cs.ru.nlAlice1 Alice3 Irrelevant Relay E(Bo b3,“ X”) E(Bob1, “Y”) E ( B o b 2, “ Z ” ) “ Y ” “Z” “X ” Timing analysis](https://reader035.vdocuments.us/reader035/viewer/2022071212/6025832ae24b0319e708254f/html5/thumbnails/27.jpg)
27
Onion Service
![Page 28: The Tor Project - summerschool-croatia.cs.ru.nlAlice1 Alice3 Irrelevant Relay E(Bo b3,“ X”) E(Bob1, “Y”) E ( B o b 2, “ Z ” ) “ Y ” “Z” “X ” Timing analysis](https://reader035.vdocuments.us/reader035/viewer/2022071212/6025832ae24b0319e708254f/html5/thumbnails/28.jpg)
28
Hidden Services● The “.onion” addresses
– 16 characters long (base32)– E.g: nzh3fv6jc6jskki3.onion
● Client and Server hide their location● Can be used for various kinds of TCP traffic● Everything stays inside the Tor network
![Page 29: The Tor Project - summerschool-croatia.cs.ru.nlAlice1 Alice3 Irrelevant Relay E(Bo b3,“ X”) E(Bob1, “Y”) E ( B o b 2, “ Z ” ) “ Y ” “Z” “X ” Timing analysis](https://reader035.vdocuments.us/reader035/viewer/2022071212/6025832ae24b0319e708254f/html5/thumbnails/29.jpg)
29
![Page 30: The Tor Project - summerschool-croatia.cs.ru.nlAlice1 Alice3 Irrelevant Relay E(Bo b3,“ X”) E(Bob1, “Y”) E ( B o b 2, “ Z ” ) “ Y ” “Z” “X ” Timing analysis](https://reader035.vdocuments.us/reader035/viewer/2022071212/6025832ae24b0319e708254f/html5/thumbnails/30.jpg)
30
![Page 31: The Tor Project - summerschool-croatia.cs.ru.nlAlice1 Alice3 Irrelevant Relay E(Bo b3,“ X”) E(Bob1, “Y”) E ( B o b 2, “ Z ” ) “ Y ” “Z” “X ” Timing analysis](https://reader035.vdocuments.us/reader035/viewer/2022071212/6025832ae24b0319e708254f/html5/thumbnails/31.jpg)
31
![Page 32: The Tor Project - summerschool-croatia.cs.ru.nlAlice1 Alice3 Irrelevant Relay E(Bo b3,“ X”) E(Bob1, “Y”) E ( B o b 2, “ Z ” ) “ Y ” “Z” “X ” Timing analysis](https://reader035.vdocuments.us/reader035/viewer/2022071212/6025832ae24b0319e708254f/html5/thumbnails/32.jpg)
32
![Page 33: The Tor Project - summerschool-croatia.cs.ru.nlAlice1 Alice3 Irrelevant Relay E(Bo b3,“ X”) E(Bob1, “Y”) E ( B o b 2, “ Z ” ) “ Y ” “Z” “X ” Timing analysis](https://reader035.vdocuments.us/reader035/viewer/2022071212/6025832ae24b0319e708254f/html5/thumbnails/33.jpg)
33
![Page 34: The Tor Project - summerschool-croatia.cs.ru.nlAlice1 Alice3 Irrelevant Relay E(Bo b3,“ X”) E(Bob1, “Y”) E ( B o b 2, “ Z ” ) “ Y ” “Z” “X ” Timing analysis](https://reader035.vdocuments.us/reader035/viewer/2022071212/6025832ae24b0319e708254f/html5/thumbnails/34.jpg)
34
![Page 35: The Tor Project - summerschool-croatia.cs.ru.nlAlice1 Alice3 Irrelevant Relay E(Bo b3,“ X”) E(Bob1, “Y”) E ( B o b 2, “ Z ” ) “ Y ” “Z” “X ” Timing analysis](https://reader035.vdocuments.us/reader035/viewer/2022071212/6025832ae24b0319e708254f/html5/thumbnails/35.jpg)
Onion Service Properties
● Self authenticated(self-verifying?)
● End-to-end encrypted● NAT punching
● Limited surface area
![Page 36: The Tor Project - summerschool-croatia.cs.ru.nlAlice1 Alice3 Irrelevant Relay E(Bo b3,“ X”) E(Bob1, “Y”) E ( B o b 2, “ Z ” ) “ Y ” “Z” “X ” Timing analysis](https://reader035.vdocuments.us/reader035/viewer/2022071212/6025832ae24b0319e708254f/html5/thumbnails/36.jpg)
Takeaways
More variation in onion services than people think.
Still a tiny fraction of overall Tor traffic.
Upcoming technical work to make them harder / better / stronger / faster.
Please deploy an onion address for your website/service
![Page 37: The Tor Project - summerschool-croatia.cs.ru.nlAlice1 Alice3 Irrelevant Relay E(Bo b3,“ X”) E(Bob1, “Y”) E ( B o b 2, “ Z ” ) “ Y ” “Z” “X ” Timing analysis](https://reader035.vdocuments.us/reader035/viewer/2022071212/6025832ae24b0319e708254f/html5/thumbnails/37.jpg)
Current Security Problems● Onion identity keys are too short!● You can choose relay identity keys to target a
particular onion service● You can run relays to harvest onion addresses● Sybil attacks remain an issue for Tor in general● Guard discovery attack (proposal 247)● Website fingerprinting for onion services?
![Page 38: The Tor Project - summerschool-croatia.cs.ru.nlAlice1 Alice3 Irrelevant Relay E(Bo b3,“ X”) E(Bob1, “Y”) E ( B o b 2, “ Z ” ) “ Y ” “Z” “X ” Timing analysis](https://reader035.vdocuments.us/reader035/viewer/2022071212/6025832ae24b0319e708254f/html5/thumbnails/38.jpg)
HS Directory
Hashring
HSDirn
Desc IDrep0
Desc IDrep1
HSDirn+1
HSDirn+2
HSDirn
HSDirn+1
HSDirn+2
Desc ID = H(onion-address | H(time-period | descriptor-cookie | replica))
![Page 39: The Tor Project - summerschool-croatia.cs.ru.nlAlice1 Alice3 Irrelevant Relay E(Bo b3,“ X”) E(Bob1, “Y”) E ( B o b 2, “ Z ” ) “ Y ” “Z” “X ” Timing analysis](https://reader035.vdocuments.us/reader035/viewer/2022071212/6025832ae24b0319e708254f/html5/thumbnails/39.jpg)
HSDir Predictibility
Desc ID = H(onion-address | H( time-period | descriptor-cookie | replica))
Invariant
11:00 UTC 11:00 UTC+24
time-period span
DescID k1DescID k2
11:00 UTC+48
...
![Page 40: The Tor Project - summerschool-croatia.cs.ru.nlAlice1 Alice3 Irrelevant Relay E(Bo b3,“ X”) E(Bob1, “Y”) E ( B o b 2, “ Z ” ) “ Y ” “Z” “X ” Timing analysis](https://reader035.vdocuments.us/reader035/viewer/2022071212/6025832ae24b0319e708254f/html5/thumbnails/40.jpg)
Shared RandomnessProposal 250
Desc ID = H(onion-address |H( time-period | random-value | descriptor-cookie | replica))
Invariant
longclaw urras Faravahar moria1 dannenberg tor26 maatuskagabelmoo dizum
random-value(new every 24h)
![Page 41: The Tor Project - summerschool-croatia.cs.ru.nlAlice1 Alice3 Irrelevant Relay E(Bo b3,“ X”) E(Bob1, “Y”) E ( B o b 2, “ Z ” ) “ Y ” “Z” “X ” Timing analysis](https://reader035.vdocuments.us/reader035/viewer/2022071212/6025832ae24b0319e708254f/html5/thumbnails/41.jpg)
Shared-Random-Value phases
00:00 UTC 12:00 UTC
SRV0
Commit2
Reveal1
00:00 UTC
Agree1
12:00 UTC
Commit1
Reveal2
00:00 UTC
...
SRV1
Agree0
![Page 42: The Tor Project - summerschool-croatia.cs.ru.nlAlice1 Alice3 Irrelevant Relay E(Bo b3,“ X”) E(Bob1, “Y”) E ( B o b 2, “ Z ” ) “ Y ” “Z” “X ” Timing analysis](https://reader035.vdocuments.us/reader035/viewer/2022071212/6025832ae24b0319e708254f/html5/thumbnails/42.jpg)
Guidelines for doing your Tor research safely/ethically
● Try to attack only yourself / your own traffic● Only collect data that is acceptable to make public● Don't collect data you don't need (minimization)● Limit the granularity of data (e.g. add noise)● Describe benefits and risks, and explain why
benefits outweigh risks● Consider auxiliary data when assessing the risks● Use a Test network whenever possible
![Page 43: The Tor Project - summerschool-croatia.cs.ru.nlAlice1 Alice3 Irrelevant Relay E(Bo b3,“ X”) E(Bob1, “Y”) E ( B o b 2, “ Z ” ) “ Y ” “Z” “X ” Timing analysis](https://reader035.vdocuments.us/reader035/viewer/2022071212/6025832ae24b0319e708254f/html5/thumbnails/43.jpg)
Tricky Edge Cases
Onion address harvesting● Get them by googling for .onion? Ok.● Get them by being Verisign and looking at the
root nameservers? Hm. Ok?● Get them by being Comcast and looking at your
DNS logs? Hm. Ok?● Get them by running a Tor relay, getting the
HSDir flag, and logging what you see? Hm. Not Ok.
![Page 44: The Tor Project - summerschool-croatia.cs.ru.nlAlice1 Alice3 Irrelevant Relay E(Bo b3,“ X”) E(Bob1, “Y”) E ( B o b 2, “ Z ” ) “ Y ” “Z” “X ” Timing analysis](https://reader035.vdocuments.us/reader035/viewer/2022071212/6025832ae24b0319e708254f/html5/thumbnails/44.jpg)
![Page 45: The Tor Project - summerschool-croatia.cs.ru.nlAlice1 Alice3 Irrelevant Relay E(Bo b3,“ X”) E(Bob1, “Y”) E ( B o b 2, “ Z ” ) “ Y ” “Z” “X ” Timing analysis](https://reader035.vdocuments.us/reader035/viewer/2022071212/6025832ae24b0319e708254f/html5/thumbnails/45.jpg)
![Page 46: The Tor Project - summerschool-croatia.cs.ru.nlAlice1 Alice3 Irrelevant Relay E(Bo b3,“ X”) E(Bob1, “Y”) E ( B o b 2, “ Z ” ) “ Y ” “Z” “X ” Timing analysis](https://reader035.vdocuments.us/reader035/viewer/2022071212/6025832ae24b0319e708254f/html5/thumbnails/46.jpg)
Better Crypto
![Page 47: The Tor Project - summerschool-croatia.cs.ru.nlAlice1 Alice3 Irrelevant Relay E(Bo b3,“ X”) E(Bob1, “Y”) E ( B o b 2, “ Z ” ) “ Y ” “Z” “X ” Timing analysis](https://reader035.vdocuments.us/reader035/viewer/2022071212/6025832ae24b0319e708254f/html5/thumbnails/47.jpg)
Bigger Onion Address
nzh3fv6jc6jskki3.onion
From 16 characters:
... to 52 characters:
a1uik0w1gmfq3i5ievxdm9ceu27e88g6o7pe0rffdw9jmntwkdsd.onion
(ed25519 public key base32 encoded)
![Page 48: The Tor Project - summerschool-croatia.cs.ru.nlAlice1 Alice3 Irrelevant Relay E(Bo b3,“ X”) E(Bob1, “Y”) E ( B o b 2, “ Z ” ) “ Y ” “Z” “X ” Timing analysis](https://reader035.vdocuments.us/reader035/viewer/2022071212/6025832ae24b0319e708254f/html5/thumbnails/48.jpg)
Rendezvous Single Onion Services (RSOS)
Rendezvous Point
Proposal 260
![Page 49: The Tor Project - summerschool-croatia.cs.ru.nlAlice1 Alice3 Irrelevant Relay E(Bo b3,“ X”) E(Bob1, “Y”) E ( B o b 2, “ Z ” ) “ Y ” “Z” “X ” Timing analysis](https://reader035.vdocuments.us/reader035/viewer/2022071212/6025832ae24b0319e708254f/html5/thumbnails/49.jpg)
Single Onion Services (SOS)
The circuit is extended to the service.No Introduction nor Rendezvous.
Proposal 252
![Page 50: The Tor Project - summerschool-croatia.cs.ru.nlAlice1 Alice3 Irrelevant Relay E(Bo b3,“ X”) E(Bob1, “Y”) E ( B o b 2, “ Z ” ) “ Y ” “Z” “X ” Timing analysis](https://reader035.vdocuments.us/reader035/viewer/2022071212/6025832ae24b0319e708254f/html5/thumbnails/50.jpg)
OnionBalance - TSoPhttps://onionbalance.readthedocs.org
![Page 51: The Tor Project - summerschool-croatia.cs.ru.nlAlice1 Alice3 Irrelevant Relay E(Bo b3,“ X”) E(Bob1, “Y”) E ( B o b 2, “ Z ” ) “ Y ” “Z” “X ” Timing analysis](https://reader035.vdocuments.us/reader035/viewer/2022071212/6025832ae24b0319e708254f/html5/thumbnails/51.jpg)
Load BalancingHidden Service
IntroductionRendezvous
HS1 HS2HS3
HS4
Proposal 255
...
![Page 52: The Tor Project - summerschool-croatia.cs.ru.nlAlice1 Alice3 Irrelevant Relay E(Bo b3,“ X”) E(Bob1, “Y”) E ( B o b 2, “ Z ” ) “ Y ” “Z” “X ” Timing analysis](https://reader035.vdocuments.us/reader035/viewer/2022071212/6025832ae24b0319e708254f/html5/thumbnails/52.jpg)
52
![Page 53: The Tor Project - summerschool-croatia.cs.ru.nlAlice1 Alice3 Irrelevant Relay E(Bo b3,“ X”) E(Bob1, “Y”) E ( B o b 2, “ Z ” ) “ Y ” “Z” “X ” Timing analysis](https://reader035.vdocuments.us/reader035/viewer/2022071212/6025832ae24b0319e708254f/html5/thumbnails/53.jpg)
53
“Still the King of high secure,low latency Internet Anonymity”
Contenders for the throne:● None
![Page 54: The Tor Project - summerschool-croatia.cs.ru.nlAlice1 Alice3 Irrelevant Relay E(Bo b3,“ X”) E(Bob1, “Y”) E ( B o b 2, “ Z ” ) “ Y ” “Z” “X ” Timing analysis](https://reader035.vdocuments.us/reader035/viewer/2022071212/6025832ae24b0319e708254f/html5/thumbnails/54.jpg)
54
![Page 55: The Tor Project - summerschool-croatia.cs.ru.nlAlice1 Alice3 Irrelevant Relay E(Bo b3,“ X”) E(Bob1, “Y”) E ( B o b 2, “ Z ” ) “ Y ” “Z” “X ” Timing analysis](https://reader035.vdocuments.us/reader035/viewer/2022071212/6025832ae24b0319e708254f/html5/thumbnails/55.jpg)
55