[Script Info]
Title: 
[Events]
Format: Layer, Start, End, Style, Name, MarginL, MarginR, MarginV, Effect, Text
Dialogue: 0,0:00:00.00,0:00:09.97,Default,,0000,0000,0000,,{\i1}silent 31C3 preroll{\i0}
Dialogue: 0,0:00:09.97,0:00:13.22,Default,,0000,0000,0000,,Dr. Gareth Owen: Hello. Can you hear me?\NYes. Okay. So my name is Gareth Owen.
Dialogue: 0,0:00:13.22,0:00:16.15,Default,,0000,0000,0000,,I’m from the University of Portsmouth.\NI’m an academic
Dialogue: 0,0:00:16.15,0:00:19.32,Default,,0000,0000,0000,,and I’m going to talk to you about\Nan experiment that we did
Dialogue: 0,0:00:19.32,0:00:22.61,Default,,0000,0000,0000,,on the Tor hidden services,\Ntrying to categorize them,
Dialogue: 0,0:00:22.61,0:00:25.23,Default,,0000,0000,0000,,estimate how many they were etc. etc.
Dialogue: 0,0:00:25.23,0:00:27.38,Default,,0000,0000,0000,,Well, as we go through the talk\NI’m going to explain
Dialogue: 0,0:00:27.38,0:00:31.12,Default,,0000,0000,0000,,how Tor hidden services work internally,\Nand how the data was collected.
Dialogue: 0,0:00:31.12,0:00:35.32,Default,,0000,0000,0000,,So what sort of conclusions you can draw\Nfrom the data based on the way that we’ve
Dialogue: 0,0:00:35.32,0:00:39.95,Default,,0000,0000,0000,,collected it. Just so [that] I get\Nan idea: how many of you use Tor
Dialogue: 0,0:00:39.95,0:00:42.43,Default,,0000,0000,0000,,on a regular basis, could you\Nput your hand up for me?
Dialogue: 0,0:00:42.43,0:00:46.12,Default,,0000,0000,0000,,So quite a big number. Keep your hand\Nup if… or put your hand up if you’re
Dialogue: 0,0:00:46.12,0:00:48.32,Default,,0000,0000,0000,,a relay operator.
Dialogue: 0,0:00:48.32,0:00:51.47,Default,,0000,0000,0000,,Wow, that’s quite a significant number,\Nisn’t it? And then, put your hand up
Dialogue: 0,0:00:51.47,0:00:55.25,Default,,0000,0000,0000,,and/or keep it up if you\Nrun a hidden service.
Dialogue: 0,0:00:55.25,0:00:59.53,Default,,0000,0000,0000,,Okay, so, a fewer number, but still\Nsome people run hidden services.
Dialogue: 0,0:00:59.53,0:01:02.72,Default,,0000,0000,0000,,Okay, so, some of you may be very familiar\Nwith the way Tor works, sort of,
Dialogue: 0,0:01:02.72,0:01:06.70,Default,,0000,0000,0000,,in a low level. But I am gonna go through\Nit for those which aren’t, so they understand
Dialogue: 0,0:01:06.70,0:01:10.38,Default,,0000,0000,0000,,just how they work. And as we go along,\Nbecause I’m explaining how
Dialogue: 0,0:01:10.38,0:01:14.03,Default,,0000,0000,0000,,the hidden services work, I’m going\Nto tag on information on how
Dialogue: 0,0:01:14.03,0:01:19.03,Default,,0000,0000,0000,,the Tor hidden services themselves can be\Ndeanonymised and also how the users
Dialogue: 0,0:01:19.03,0:01:23.09,Default,,0000,0000,0000,,of those hidden services can be\Ndeanonymised, if you put
Dialogue: 0,0:01:23.09,0:01:27.04,Default,,0000,0000,0000,,some strict criteria on what it is you\Nwant to do with respect to them.
Dialogue: 0,0:01:27.04,0:01:30.92,Default,,0000,0000,0000,,So the things that I’m going to go over:\NI wanna go over how Tor works,
Dialogue: 0,0:01:30.92,0:01:34.19,Default,,0000,0000,0000,,and then specifically how hidden services\Nwork. I’m gonna talk about something
Dialogue: 0,0:01:34.19,0:01:37.89,Default,,0000,0000,0000,,called the “Tor Distributed Hash Table”\Nfor hidden services. If you’ve heard
Dialogue: 0,0:01:37.89,0:01:40.56,Default,,0000,0000,0000,,that term and don’t know what\Nit means, don’t worry, I’ll explain
Dialogue: 0,0:01:40.56,0:01:44.01,Default,,0000,0000,0000,,what a distributed hash table is and\Nhow it works. It’s not as complicated
Dialogue: 0,0:01:44.01,0:01:47.69,Default,,0000,0000,0000,,as it sounds. And then I wanna go over\NDarknet data, so, data that we collected
Dialogue: 0,0:01:47.69,0:01:53.03,Default,,0000,0000,0000,,from Tor hidden services. And as I say,\Nas we go along I will sort of explain
Dialogue: 0,0:01:53.03,0:01:56.65,Default,,0000,0000,0000,,how you do deanonymisation of both the\Nservices themselves and of the visitors
Dialogue: 0,0:01:56.65,0:02:02.40,Default,,0000,0000,0000,,to the service. And just\Nhow complicated it is.
Dialogue: 0,0:02:02.40,0:02:07.37,Default,,0000,0000,0000,,So you may have seen this slide which\NI think was from GCHQ, released last year
Dialogue: 0,0:02:07.37,0:02:12.10,Default,,0000,0000,0000,,as part of the Snowden leaks where they\Nsaid: “You can deanonymise some users
Dialogue: 0,0:02:12.10,0:02:15.56,Default,,0000,0000,0000,,some of the time but they’ve had\Nno success in deanonymising someone
Dialogue: 0,0:02:15.56,0:02:20.11,Default,,0000,0000,0000,,in response to a specific request.”\NSo, given all of you e.g., I may be able
Dialogue: 0,0:02:20.11,0:02:25.09,Default,,0000,0000,0000,,to deanonymise a small fraction of you\Nbut I can’t choose precisely one person
Dialogue: 0,0:02:25.09,0:02:27.50,Default,,0000,0000,0000,,I want to deanonymise. That’s what\NI’m gonna be explaining in relation
Dialogue: 0,0:02:27.50,0:02:30.94,Default,,0000,0000,0000,,to the deanonymisation attacks, how\Nyou can deanonymise a section but
Dialogue: 0,0:02:30.94,0:02:38.63,Default,,0000,0000,0000,,you can’t necessarily choose which section\Nof the users that you will be deanonymising.
Dialogue: 0,0:02:38.63,0:02:42.74,Default,,0000,0000,0000,,Tor drives with just a couple\Nof different problems. On one part
Dialogue: 0,0:02:42.74,0:02:46.24,Default,,0000,0000,0000,,it allows you to bypass censorship. So if\Nyou’re in a country like China, which
Dialogue: 0,0:02:46.24,0:02:51.01,Default,,0000,0000,0000,,blocks some types of traffic you can use\NTor to bypass their censorship blocks.
Dialogue: 0,0:02:51.01,0:02:55.54,Default,,0000,0000,0000,,It tries to give you privacy, so, at some\Nlevel in the network someone can’t see
Dialogue: 0,0:02:55.54,0:02:59.20,Default,,0000,0000,0000,,what you’re doing. And at another point\Nin the network people who don’t know
Dialogue: 0,0:02:59.20,0:03:02.54,Default,,0000,0000,0000,,who you are but may necessarily\Nbe able to see what you’re doing.
Dialogue: 0,0:03:02.54,0:03:07.10,Default,,0000,0000,0000,,Now the traditional case\Nfor this is to look at VPNs.
Dialogue: 0,0:03:07.10,0:03:10.67,Default,,0000,0000,0000,,With a VPN you have\Nsort of a single provider.
Dialogue: 0,0:03:10.67,0:03:14.69,Default,,0000,0000,0000,,You have lots of users connecting\Nto the VPN. The VPN has sort of
Dialogue: 0,0:03:14.69,0:03:18.24,Default,,0000,0000,0000,,a mixing effect from an outside or\Na server’s point of view. And then
Dialogue: 0,0:03:18.24,0:03:22.50,Default,,0000,0000,0000,,out of the VPN you see requests\Nto Twitter, Wikipedia etc. etc.
Dialogue: 0,0:03:22.50,0:03:26.83,Default,,0000,0000,0000,,And if that traffic doesn’t encrypt it then\Nthe VPN can also read the contents
Dialogue: 0,0:03:26.83,0:03:30.98,Default,,0000,0000,0000,,of the traffic. Now of course there is\Na fundamental weakness with this.
Dialogue: 0,0:03:30.98,0:03:35.73,Default,,0000,0000,0000,,If you trust the VPN provider the VPN\Nprovider knows both who you are
Dialogue: 0,0:03:35.73,0:03:39.63,Default,,0000,0000,0000,,and what you’re doing and can\Nlink those two together with absolute
Dialogue: 0,0:03:39.63,0:03:43.58,Default,,0000,0000,0000,,certainty. So you don’t… whilst you do\Nget some of these properties, assuming
Dialogue: 0,0:03:43.58,0:03:48.07,Default,,0000,0000,0000,,you’ve got a trustworthy VPN provider\Nyou don’t get them in the face of
Dialogue: 0,0:03:48.07,0:03:51.61,Default,,0000,0000,0000,,an untrustworthy VPN provider.\NAnd of course: how do you trust the VPN
Dialogue: 0,0:03:51.61,0:03:59.32,Default,,0000,0000,0000,,provider? What sort of measure do\Nyou use? That’s sort of an open question.
Dialogue: 0,0:03:59.32,0:04:03.73,Default,,0000,0000,0000,,So Tor tries to solve this problem\Nby distributing the trust. Tor is
Dialogue: 0,0:04:03.73,0:04:07.50,Default,,0000,0000,0000,,an open source project, so you can go\Non to their Git repository, you can
Dialogue: 0,0:04:07.50,0:04:12.62,Default,,0000,0000,0000,,download the source code, and change it,\Nimprove it, submit patches etc.
Dialogue: 0,0:04:12.62,0:04:17.11,Default,,0000,0000,0000,,As you heard earlier, during Jacob and\NRoger’s talk they’re currently partly
Dialogue: 0,0:04:17.11,0:04:20.95,Default,,0000,0000,0000,,sponsored by the US Government which seems\Na bit paradoxical, but they explained
Dialogue: 0,0:04:20.95,0:04:24.77,Default,,0000,0000,0000,,in that talk many of the… that\Ndoesn’t affect like judgment.
Dialogue: 0,0:04:24.77,0:04:28.54,Default,,0000,0000,0000,,And indeed, they do have some funding from\Nother sources, and they design that system
Dialogue: 0,0:04:28.54,0:04:30.84,Default,,0000,0000,0000,,– which I’ll talk about a little bit\Nlater – in a way where they don’t have
Dialogue: 0,0:04:30.84,0:04:34.23,Default,,0000,0000,0000,,to trust each other. So there’s sort of\Nsome redundancy, and they’re trying
Dialogue: 0,0:04:34.23,0:04:39.65,Default,,0000,0000,0000,,to minimize these sort of trust issues\Nrelated to this. Now, Tor is
Dialogue: 0,0:04:39.65,0:04:43.31,Default,,0000,0000,0000,,a partially de-centralized network, which\Nmeans that it has some centralized
Dialogue: 0,0:04:43.31,0:04:47.87,Default,,0000,0000,0000,,components which are under the control of\Nthe Tor Project and some de-centralized
Dialogue: 0,0:04:47.87,0:04:51.19,Default,,0000,0000,0000,,components which are normally the Tor\Nrelays. If you run a relay you’re
Dialogue: 0,0:04:51.19,0:04:56.29,Default,,0000,0000,0000,,one of those de-centralized components.\NThere is, however, no single authority
Dialogue: 0,0:04:56.29,0:05:01.11,Default,,0000,0000,0000,,on the Tor network.\NSo no single server which is responsible,
Dialogue: 0,0:05:01.11,0:05:04.29,Default,,0000,0000,0000,,which you’re required to trust.\NSo the trust is somewhat distributed,
Dialogue: 0,0:05:04.29,0:05:12.00,Default,,0000,0000,0000,,but not entirely. When you establish\Na circuit through Tor you, the user,
Dialogue: 0,0:05:12.00,0:05:15.50,Default,,0000,0000,0000,,download a list of all of the relays\Ninside the Tor network.
Dialogue: 0,0:05:15.50,0:05:19.07,Default,,0000,0000,0000,,And you get to pick – and I’ll tell you\Nhow you do that – which relays
Dialogue: 0,0:05:19.07,0:05:22.75,Default,,0000,0000,0000,,you’re going to use to route your traffic\Nthrough. So here is a typical example:
Dialogue: 0,0:05:22.75,0:05:27.09,Default,,0000,0000,0000,,You’re here on the left hand side as the\Nuser. You download a list of the relays
Dialogue: 0,0:05:27.09,0:05:32.01,Default,,0000,0000,0000,,inside the Tor network and you select from\Nthat list three nodes, a guard node
Dialogue: 0,0:05:32.01,0:05:36.58,Default,,0000,0000,0000,,which is your entry into the Tor network,\Na relay node which is a middle node.
Dialogue: 0,0:05:36.58,0:05:39.01,Default,,0000,0000,0000,,Essentially, it’s going to route your\Ntraffic to a third hop. And then
Dialogue: 0,0:05:39.01,0:05:42.65,Default,,0000,0000,0000,,the third hop is the exit node where\Nyour traffic essentially exits out
Dialogue: 0,0:05:42.65,0:05:46.84,Default,,0000,0000,0000,,on the internet. Now, looking at the\Ncircuit. So this is a circuit through
Dialogue: 0,0:05:46.84,0:05:50.17,Default,,0000,0000,0000,,the Tor network through which you’re\Ngoing to route your traffic. There are
Dialogue: 0,0:05:50.17,0:05:52.54,Default,,0000,0000,0000,,three layers of encryption at the\Nbeginning, so between you
Dialogue: 0,0:05:52.54,0:05:56.15,Default,,0000,0000,0000,,and the guard node. Your traffic\Nis encrypted three times.
Dialogue: 0,0:05:56.15,0:05:59.33,Default,,0000,0000,0000,,In the first instance encrypted to the\Nguard, and the it’s encrypted again,
Dialogue: 0,0:05:59.33,0:06:03.18,Default,,0000,0000,0000,,through the relay, and then encrypted\Nagain to the exit, and as the traffic moves
Dialogue: 0,0:06:03.18,0:06:08.71,Default,,0000,0000,0000,,through the Tor network each of those\Nlayers of encryption are unpeeled
Dialogue: 0,0:06:08.71,0:06:17.30,Default,,0000,0000,0000,,from the data. The Guard here in this case\Nknows who you are, and the exit relay
Dialogue: 0,0:06:17.30,0:06:21.59,Default,,0000,0000,0000,,knows what you’re doing but neither know\Nboth. And the middle relay doesn’t really
Dialogue: 0,0:06:21.59,0:06:26.71,Default,,0000,0000,0000,,know a lot, except for which relay is\Nher guard and which relay is her exit.
Dialogue: 0,0:06:26.71,0:06:31.87,Default,,0000,0000,0000,,Who runs an exit relay? So if you run\Nan exit relay all of the traffic which
Dialogue: 0,0:06:31.87,0:06:36.21,Default,,0000,0000,0000,,users are sending out on the internet they\Nappear to come from your IP address.
Dialogue: 0,0:06:36.21,0:06:41.36,Default,,0000,0000,0000,,So running an exit relay is potentially\Nrisky because someone may do something
Dialogue: 0,0:06:41.36,0:06:45.59,Default,,0000,0000,0000,,through your relay which attracts attention.\NAnd then, when law enforcement
Dialogue: 0,0:06:45.59,0:06:48.94,Default,,0000,0000,0000,,traced that back to an IP address it’s\Ngoing to come back to your address.
Dialogue: 0,0:06:48.94,0:06:51.79,Default,,0000,0000,0000,,So some relay operators have had trouble\Nwith this, with law enforcement coming
Dialogue: 0,0:06:51.79,0:06:55.36,Default,,0000,0000,0000,,to them, and saying: “Hey we got this\Ntraffic coming through your IP address
Dialogue: 0,0:06:55.36,0:06:57.95,Default,,0000,0000,0000,,and you have to go and explain it.”\NSo if you want to run an exit relay
Dialogue: 0,0:06:57.95,0:07:01.40,Default,,0000,0000,0000,,it’s a little bit risky, but we’re thankful\Nfor those people that do run exit relays
Dialogue: 0,0:07:01.40,0:07:04.87,Default,,0000,0000,0000,,because ultimately if people didn’t run\Nan exit relay you wouldn’t be able
Dialogue: 0,0:07:04.87,0:07:08.00,Default,,0000,0000,0000,,to get out of the Tor network, and it\Nwouldn’t be terribly useful from this
Dialogue: 0,0:07:08.00,0:07:20.56,Default,,0000,0000,0000,,point of view. So, yes.\N{\i1}applause{\i0}
Dialogue: 0,0:07:20.56,0:07:24.61,Default,,0000,0000,0000,,So every Tor relay, when you set up\Na Tor relay you publish something called
Dialogue: 0,0:07:24.61,0:07:28.78,Default,,0000,0000,0000,,a descriptor which describes your Tor\Nrelay and how to use it to a set
Dialogue: 0,0:07:28.78,0:07:33.43,Default,,0000,0000,0000,,of servers called the authorities. And the\Ntrust in the Tor network is essentially
Dialogue: 0,0:07:33.43,0:07:38.61,Default,,0000,0000,0000,,split across these authorities. They’re run\Nby the core Tor Project members.
Dialogue: 0,0:07:38.61,0:07:42.64,Default,,0000,0000,0000,,And they maintain a list of all of the\Nrelays in the network. And they observe
Dialogue: 0,0:07:42.64,0:07:46.01,Default,,0000,0000,0000,,them over a period of time. If the relays\Nexhibit certain properties they give
Dialogue: 0,0:07:46.01,0:07:50.48,Default,,0000,0000,0000,,the relays flags. If e.g. a relay allows\Ntraffic to exit from the Tor network
Dialogue: 0,0:07:50.48,0:07:54.45,Default,,0000,0000,0000,,it will get the ‘Exit’ flag. If they’d been\Nswitched on for a certain period of time,
Dialogue: 0,0:07:54.45,0:07:58.40,Default,,0000,0000,0000,,or for a certain amount of traffic they’ll\Nbe allowed to become the guard relay
Dialogue: 0,0:07:58.40,0:08:02.18,Default,,0000,0000,0000,,which is the first node in your circuit.\NSo when you build your circuit you
Dialogue: 0,0:08:02.18,0:08:07.23,Default,,0000,0000,0000,,download a list of these descriptors from\None of the Directory Authorities. You look
Dialogue: 0,0:08:07.23,0:08:10.12,Default,,0000,0000,0000,,at the flags which have been assigned to\Neach of the relays, and then you pick
Dialogue: 0,0:08:10.12,0:08:14.15,Default,,0000,0000,0000,,your route based on that. So you’ll pick\Nthe guard node from a set of relays
Dialogue: 0,0:08:14.15,0:08:16.40,Default,,0000,0000,0000,,which have the ‘Guard’ flag, your exits\Nfrom the set of relays which have
Dialogue: 0,0:08:16.40,0:08:20.86,Default,,0000,0000,0000,,the ‘Exit’ flag etc. etc. Now, as of\Na quick count this morning there are
Dialogue: 0,0:08:20.86,0:08:29.23,Default,,0000,0000,0000,,about 1500 guard relays, around 1000 exit\Nrelays, and six relays flagged as ‘bad’ exits.
Dialogue: 0,0:08:29.23,0:08:34.36,Default,,0000,0000,0000,,What does a ‘bad exit’ mean?\N{\i1}waits for audience to respond{\i0}
Dialogue: 0,0:08:34.36,0:08:37.76,Default,,0000,0000,0000,,That’s not good! That’s exactly\Nwhat it means! Yes! {\i1}laughs{\i0}
Dialogue: 0,0:08:37.76,0:08:40.45,Default,,0000,0000,0000,,{\i1}applause{\i0}
Dialogue: 0,0:08:40.45,0:08:45.57,Default,,0000,0000,0000,,So relays which have been flagged as ‘bad\Nexits’ your client will never chose to exit
Dialogue: 0,0:08:45.57,0:08:50.66,Default,,0000,0000,0000,,traffic through. And examples of things\Nwhich may get a relay flagged as an
Dialogue: 0,0:08:50.66,0:08:53.83,Default,,0000,0000,0000,,[bad] exit relay – if they’re fiddling with\Nthe traffic which is coming out of
Dialogue: 0,0:08:53.83,0:08:57.02,Default,,0000,0000,0000,,the Tor relay. Or doing things like\Nman-in-the-middle attacks against
Dialogue: 0,0:08:57.02,0:09:01.63,Default,,0000,0000,0000,,SSL traffic. We’ve seen various things,\Nthere have been relays man-in-the-middling
Dialogue: 0,0:09:01.63,0:09:07.05,Default,,0000,0000,0000,,SSL traffic, there have very, very recently\Nbeen an exit relay which was patching
Dialogue: 0,0:09:07.05,0:09:10.80,Default,,0000,0000,0000,,binaries that you downloaded from the\Ninternet, inserting malware into the binaries.
Dialogue: 0,0:09:10.80,0:09:14.63,Default,,0000,0000,0000,,So you can do these things but the Tor\NProject tries to scan for them. And if
Dialogue: 0,0:09:14.63,0:09:19.83,Default,,0000,0000,0000,,these things are detected then they’ll be\Nflagged as ‘Bad Exits’. It’s true to say
Dialogue: 0,0:09:19.83,0:09:24.61,Default,,0000,0000,0000,,that the scanning mechanism is not 100%\Nfool-proof by any stretch of the imagination.
Dialogue: 0,0:09:24.61,0:09:28.56,Default,,0000,0000,0000,,It tries to pick up common types\Nof attacks, so as a result
Dialogue: 0,0:09:28.56,0:09:32.48,Default,,0000,0000,0000,,it won’t pick up unknown attacks or\Nattacks which haven’t been seen or
Dialogue: 0,0:09:32.48,0:09:36.68,Default,,0000,0000,0000,,have not been known about beforehand.
Dialogue: 0,0:09:36.68,0:09:45.37,Default,,0000,0000,0000,,So looking at this, how do you deanonymise\Nthe traffic travelling through the Tor
Dialogue: 0,0:09:45.37,0:09:49.45,Default,,0000,0000,0000,,networks? Given some traffic coming out\Nof the exit relay, how do you know
Dialogue: 0,0:09:49.45,0:09:54.27,Default,,0000,0000,0000,,which user that corresponds to? What is\Ntheir IP address? You can’t actually
Dialogue: 0,0:09:54.27,0:09:58.28,Default,,0000,0000,0000,,modify the traffic because if any of the\Nrelays tried to modify the traffic
Dialogue: 0,0:09:58.28,0:10:02.25,Default,,0000,0000,0000,,which they’re sending through the network\NTor will tear down the circuit through the relay.
Dialogue: 0,0:10:02.25,0:10:06.29,Default,,0000,0000,0000,,So there’s these integrity checks, each\Nof the hops. And if you try to sort of
Dialogue: 0,0:10:06.29,0:10:09.87,Default,,0000,0000,0000,,– because you can’t decrypt the packet\Nyou can’t modify it in any meaningful way,
Dialogue: 0,0:10:09.87,0:10:13.75,Default,,0000,0000,0000,,and because there’s an integrity check\Nat the next hop that means that you can’t
Dialogue: 0,0:10:13.75,0:10:17.02,Default,,0000,0000,0000,,modify the packet because otherwise it’s\Ndetected. So you can’t do this sort of
Dialogue: 0,0:10:17.02,0:10:20.90,Default,,0000,0000,0000,,marker, and try and follow the marker\Nthrough the network. So instead
Dialogue: 0,0:10:20.90,0:10:26.70,Default,,0000,0000,0000,,what you can do if you control… so let me\Ngive you two cases. In the worst case
Dialogue: 0,0:10:26.70,0:10:31.33,Default,,0000,0000,0000,,if the attacker controls all three of your\Nrelays that you pick, which is an unlikely
Dialogue: 0,0:10:31.33,0:10:34.74,Default,,0000,0000,0000,,scenario that needs to control quite\Na big proportion of the network. Then
Dialogue: 0,0:10:34.74,0:10:39.55,Default,,0000,0000,0000,,it should be quite obvious that they can\Nwork out who you are and also
Dialogue: 0,0:10:39.55,0:10:42.37,Default,,0000,0000,0000,,see what you’re doing because in that\Ncase they can tag the traffic, and
Dialogue: 0,0:10:42.37,0:10:45.71,Default,,0000,0000,0000,,they can just discard these integrity\Nchecks at each of the following hops.
Dialogue: 0,0:10:45.71,0:10:50.71,Default,,0000,0000,0000,,Now in a different case, if you control\Nthe Guard relay and the exit relay
Dialogue: 0,0:10:50.71,0:10:54.16,Default,,0000,0000,0000,,but not the middle relay the Guard relay\Ncan’t tamper with the traffic because
Dialogue: 0,0:10:54.16,0:10:57.66,Default,,0000,0000,0000,,this middle relay will close down the\Ncircuit as soon as it happens.
Dialogue: 0,0:10:57.66,0:11:01.13,Default,,0000,0000,0000,,The exit relay can’t send stuff back down\Nthe circuit to try and identify the user,
Dialogue: 0,0:11:01.13,0:11:05.03,Default,,0000,0000,0000,,either. Because again, the circuit will be\Nclosed down. So what can you do?
Dialogue: 0,0:11:05.03,0:11:09.87,Default,,0000,0000,0000,,Well, you can count the number of packets\Ngoing through the Guard node. And you can
Dialogue: 0,0:11:09.87,0:11:14.69,Default,,0000,0000,0000,,measure the timing differences between\Npackets, and try and spot that pattern
Dialogue: 0,0:11:14.69,0:11:18.75,Default,,0000,0000,0000,,at the Exit relays. You’re looking at counts of\Npackets and the timing between those
Dialogue: 0,0:11:18.75,0:11:22.36,Default,,0000,0000,0000,,packets which are being sent, and\Nessentially trying to correlate them all.
Dialogue: 0,0:11:22.36,0:11:26.87,Default,,0000,0000,0000,,So if your user happens to pick you as\Nyour Guard node, and then happens to pick
Dialogue: 0,0:11:26.87,0:11:31.85,Default,,0000,0000,0000,,your exit relay, then you can deanonymise\Nthem with very high probability using
Dialogue: 0,0:11:31.85,0:11:35.65,Default,,0000,0000,0000,,this technique. You’re just correlating\Nthe timings of packets and counting
Dialogue: 0,0:11:35.65,0:11:38.89,Default,,0000,0000,0000,,the number of packets going through.\NAnd the attacks demonstrated in literature
Dialogue: 0,0:11:38.89,0:11:44.51,Default,,0000,0000,0000,,are very reliable for this. We heard\Nearlier from the Tor talk about the “relay
Dialogue: 0,0:11:44.51,0:11:50.74,Default,,0000,0000,0000,,early” tag which was the attack discovered\Nby the cert researches in the US.
Dialogue: 0,0:11:50.74,0:11:55.05,Default,,0000,0000,0000,,That attack didn’t rely on timing attacks.\NInstead, what they were able to do was
Dialogue: 0,0:11:55.05,0:11:58.72,Default,,0000,0000,0000,,send a special type of cell containing\Nthe data back down the circuit,
Dialogue: 0,0:11:58.72,0:12:01.89,Default,,0000,0000,0000,,essentially marking this data, and saying:\N“This is the data we’re seeing
Dialogue: 0,0:12:01.89,0:12:06.15,Default,,0000,0000,0000,,at the Exit relay, or at the hidden\Nservice", and encode into the messages
Dialogue: 0,0:12:06.15,0:12:10.05,Default,,0000,0000,0000,,travelling back down the circuit, what the\Ndata was. And then you could pick
Dialogue: 0,0:12:10.05,0:12:14.27,Default,,0000,0000,0000,,those up at the Guard relay and say, okay,\Nwhether it’s this person that’s doing that.
Dialogue: 0,0:12:14.27,0:12:18.37,Default,,0000,0000,0000,,In fact, although this technique works,\Nand yeah it was a very nice attack,
Dialogue: 0,0:12:18.37,0:12:21.27,Default,,0000,0000,0000,,the traffic correlation attacks are\Nactually just as powerful.
Dialogue: 0,0:12:21.27,0:12:25.26,Default,,0000,0000,0000,,So although this bug has been fixed traffic\Ncorrelation attacks still work and are
Dialogue: 0,0:12:25.26,0:12:29.74,Default,,0000,0000,0000,,still fairly, fairly reliable. So the problem\Nstill does exist. This is very much
Dialogue: 0,0:12:29.74,0:12:33.40,Default,,0000,0000,0000,,an open question. How do we solve this\Nproblem? We don’t know, currently,
Dialogue: 0,0:12:33.40,0:12:40.04,Default,,0000,0000,0000,,how to solve this problem of trying\Nto tackle the traffic correlation.
Dialogue: 0,0:12:40.04,0:12:45.37,Default,,0000,0000,0000,,There are a couple of solutions.\NBut they’re not particularly…
Dialogue: 0,0:12:45.37,0:12:48.57,Default,,0000,0000,0000,,they’re not particularly reliable. Let me\Njust go through these, and I’ll skip back
Dialogue: 0,0:12:48.57,0:12:53.06,Default,,0000,0000,0000,,on the few things I’ve missed. The first\Nthing is, high-latency networks, so
Dialogue: 0,0:12:53.06,0:12:56.100,Default,,0000,0000,0000,,networks where packets are delayed\Nin their transit through the network.
Dialogue: 0,0:12:56.100,0:13:00.74,Default,,0000,0000,0000,,That throws away a lot of the timing\Ninformation. So they promise
Dialogue: 0,0:13:00.74,0:13:03.80,Default,,0000,0000,0000,,to potentially solve this problem.\NBut of course, if you want to visit
Dialogue: 0,0:13:03.80,0:13:06.78,Default,,0000,0000,0000,,Google’s home page, and you have to wait\Nfive minutes for it, you’re simply
Dialogue: 0,0:13:06.78,0:13:11.91,Default,,0000,0000,0000,,just not going to use Tor. The whole point\Nis trying to make this technology usable.
Dialogue: 0,0:13:11.91,0:13:14.76,Default,,0000,0000,0000,,And if you got something which is very,\Nvery slow then it doesn’t make it
Dialogue: 0,0:13:14.76,0:13:18.27,Default,,0000,0000,0000,,attractive to use. But of course,\Nthis case does work slightly better
Dialogue: 0,0:13:18.27,0:13:22.06,Default,,0000,0000,0000,,for e-mail. If you think about it with\Ne-mail, you don’t mind if you’re e-mail
Dialogue: 0,0:13:22.06,0:13:25.40,Default,,0000,0000,0000,,– well, you may not mind, you may mind –\Nyou don’t mind if your e-mail is delayed
Dialogue: 0,0:13:25.40,0:13:29.12,Default,,0000,0000,0000,,by some period of time. Which makes this\Nsomewhat difficult. And as Roger said
Dialogue: 0,0:13:29.12,0:13:35.13,Default,,0000,0000,0000,,earlier, you can also introduce padding\Ninto the circuit, so these are dummy cells.
Dialogue: 0,0:13:35.13,0:13:39.84,Default,,0000,0000,0000,,But, but… with a big caveat: some of the\Nresearch suggests that actually you’d
Dialogue: 0,0:13:39.84,0:13:43.44,Default,,0000,0000,0000,,need to introduce quite a lot of padding\Nto defeat these attacks, and that would
Dialogue: 0,0:13:43.44,0:13:47.18,Default,,0000,0000,0000,,overload the Tor network in its current\Nstate. So, again, not a particular
Dialogue: 0,0:13:47.18,0:13:53.86,Default,,0000,0000,0000,,practical solution.
Dialogue: 0,0:13:53.86,0:13:58.28,Default,,0000,0000,0000,,How does Tor try to solve this problem?\NWell, Tor makes it very difficult
Dialogue: 0,0:13:58.28,0:14:03.17,Default,,0000,0000,0000,,to become a users Guard relay. If you\Ncan’t become a users Guard relay
Dialogue: 0,0:14:03.17,0:14:07.84,Default,,0000,0000,0000,,then you don’t know who the user is, quite\Nsimply. And so by making it very hard
Dialogue: 0,0:14:07.84,0:14:13.25,Default,,0000,0000,0000,,to become the Guard relay therefore you\Ncan’t do this traffic correlation attack.
Dialogue: 0,0:14:13.25,0:14:17.58,Default,,0000,0000,0000,,So at the moment the Tor client chooses\None Guard relay and keeps it for a period
Dialogue: 0,0:14:17.58,0:14:22.26,Default,,0000,0000,0000,,of time. So if I want to sort of target\Njust one of you I would need to control
Dialogue: 0,0:14:22.26,0:14:26.26,Default,,0000,0000,0000,,the Guard relay that you were using at\Nthat particular point in time. And in fact
Dialogue: 0,0:14:26.26,0:14:30.68,Default,,0000,0000,0000,,I’d also need to know what that Guard\Nrelay is. So by making it very unlikely
Dialogue: 0,0:14:30.68,0:14:34.13,Default,,0000,0000,0000,,that you would select a particular malicious\NGuard relay, where the number of malicious
Dialogue: 0,0:14:34.13,0:14:39.18,Default,,0000,0000,0000,,Guard relays is very small, that’s how Tor\Ntries to solve this problem. And
Dialogue: 0,0:14:39.18,0:14:43.28,Default,,0000,0000,0000,,at the moment your Guard relay is your\Nbarrier of security. If the attacker can’t
Dialogue: 0,0:14:43.28,0:14:46.46,Default,,0000,0000,0000,,control the Guard relay then they won’t\Nknow who you are. That doesn’t mean
Dialogue: 0,0:14:46.46,0:14:50.64,Default,,0000,0000,0000,,they can’t try other sort of side channel\Nattacks by messing with the traffic
Dialogue: 0,0:14:50.64,0:14:55.13,Default,,0000,0000,0000,,at the Exit relay etc. You know that you\Nmay sort of e.g. download dodgy documents
Dialogue: 0,0:14:55.13,0:14:59.50,Default,,0000,0000,0000,,and open one on your computer, and those\Nsort of things. Now the alternative
Dialogue: 0,0:14:59.50,0:15:02.77,Default,,0000,0000,0000,,of course to having a Guard relay\Nand keeping it for a very long time
Dialogue: 0,0:15:02.77,0:15:06.03,Default,,0000,0000,0000,,will be to have a Guard relay and\Nto change it on a regular basis.
Dialogue: 0,0:15:06.03,0:15:09.93,Default,,0000,0000,0000,,Because you might think, well, just choosing\None Guard relay and sticking with it
Dialogue: 0,0:15:09.93,0:15:13.40,Default,,0000,0000,0000,,is probably a bad idea. But actually,\Nthat’s not the case. If you pick
Dialogue: 0,0:15:13.40,0:15:18.37,Default,,0000,0000,0000,,the Guard relay, and assuming that the\Nchance of picking a Guard relay that is
Dialogue: 0,0:15:18.37,0:15:22.80,Default,,0000,0000,0000,,malicious is very low, then, when you\Nfirst use your Guard relay, if you got
Dialogue: 0,0:15:22.80,0:15:27.42,Default,,0000,0000,0000,,a good choice, then your traffic is safe.\NIf you haven’t got a good choice then
Dialogue: 0,0:15:27.42,0:15:31.76,Default,,0000,0000,0000,,your traffic isn’t safe. Whereas if your\NTor client chooses a Guard relay
Dialogue: 0,0:15:31.76,0:15:35.61,Default,,0000,0000,0000,,every few minutes, or every hour, or\Nsomething on those lines at some point
Dialogue: 0,0:15:35.61,0:15:39.18,Default,,0000,0000,0000,,you’re gonna pick a malicious Guard relay.\NSo they’re gonna have some of your traffic
Dialogue: 0,0:15:39.18,0:15:43.40,Default,,0000,0000,0000,,but not all of it. And so currently the\Ntrade-off is that we make it very difficult
Dialogue: 0,0:15:43.40,0:15:48.49,Default,,0000,0000,0000,,for an attacker to control a Guard relay\Nand the user picks a Guard relay and
Dialogue: 0,0:15:48.49,0:15:52.45,Default,,0000,0000,0000,,keeps it for a long period of time. And\Nso it’s very difficult for the attackers
Dialogue: 0,0:15:52.45,0:15:58.94,Default,,0000,0000,0000,,to pick that Guard relay when they control\Na very small proportion of the network.
Dialogue: 0,0:15:58.94,0:16:06.42,Default,,0000,0000,0000,,So this, currently, provides those\Nproperties I described earlier, the privacy
Dialogue: 0,0:16:06.42,0:16:11.41,Default,,0000,0000,0000,,and the anonymity when you’re browsing the\Nweb, when you’re accessing websites etc.
Dialogue: 0,0:16:11.41,0:16:16.52,Default,,0000,0000,0000,,But still you know who the website is. So\Nalthough you’re anonymous and the website
Dialogue: 0,0:16:16.52,0:16:20.73,Default,,0000,0000,0000,,doesn’t know who you are you know who the\Nwebsite is. And there may be some cases
Dialogue: 0,0:16:20.73,0:16:25.50,Default,,0000,0000,0000,,where e.g. the website would also wish to\Nremain anonymous. You want the person
Dialogue: 0,0:16:25.50,0:16:29.97,Default,,0000,0000,0000,,accessing the website and the website\Nitself to be anonymous to each other.
Dialogue: 0,0:16:29.97,0:16:34.23,Default,,0000,0000,0000,,And you could think about people e.g.\Nbeing in countries where running
Dialogue: 0,0:16:34.23,0:16:39.73,Default,,0000,0000,0000,,a political blog e.g. might be a dangerous\Nactivity. If you run that on a regular
Dialogue: 0,0:16:39.73,0:16:45.66,Default,,0000,0000,0000,,webserver you’re easily identified whereas,\Nif you got some way where you as
Dialogue: 0,0:16:45.66,0:16:49.49,Default,,0000,0000,0000,,the webserver can be anonymous then\Nthat allows you to do that activity without
Dialogue: 0,0:16:49.49,0:16:57.48,Default,,0000,0000,0000,,being targeted by your government. So\Nthis is what hidden services try to solve.
Dialogue: 0,0:16:57.48,0:17:03.08,Default,,0000,0000,0000,,Now when you first think about a problem\Nyou kind of think: “Hang on a second,
Dialogue: 0,0:17:03.08,0:17:06.43,Default,,0000,0000,0000,,the user doesn’t know who the website\Nis and the website doesn’t know
Dialogue: 0,0:17:06.43,0:17:09.89,Default,,0000,0000,0000,,who the user is. So how on earth do they\Ntalk to each other?” Well, that’s essentially
Dialogue: 0,0:17:09.89,0:17:14.22,Default,,0000,0000,0000,,what the Tor hidden service protocol tries\Nto sort of set up. How do you identify and
Dialogue: 0,0:17:14.22,0:17:19.58,Default,,0000,0000,0000,,connect to each other. So at the moment\Nthis is what happens: We’ve got Bob
Dialogue: 0,0:17:19.58,0:17:23.78,Default,,0000,0000,0000,,on the [right] hand side who is the hidden\Nservice. And we got Alice on the left hand
Dialogue: 0,0:17:23.78,0:17:28.62,Default,,0000,0000,0000,,side here who is the user who wishes to\Nvisit the hidden service. Now when Bob
Dialogue: 0,0:17:28.62,0:17:34.19,Default,,0000,0000,0000,,sets up his hidden service he picks three\Nnodes in the Tor network as introduction
Dialogue: 0,0:17:34.19,0:17:38.83,Default,,0000,0000,0000,,points and builds several hop circuits to\Nthem. So the introduction points don’t know
Dialogue: 0,0:17:38.83,0:17:44.68,Default,,0000,0000,0000,,who Bob is. Bob has circuits to them. And\NBob says to each of these introduction points
Dialogue: 0,0:17:44.68,0:17:48.24,Default,,0000,0000,0000,,“Will you relay traffic to me if someone\Nconnects to you asking for me?”
Dialogue: 0,0:17:48.24,0:17:53.03,Default,,0000,0000,0000,,And then those introduction points\Ndo that. So then, once Bob has picked
Dialogue: 0,0:17:53.03,0:17:56.84,Default,,0000,0000,0000,,his introduction points he publishes\Na descriptor describing the list of his
Dialogue: 0,0:17:56.84,0:18:01.31,Default,,0000,0000,0000,,introduction points for someone who wishes\Nto come onto his websites. And then Alice
Dialogue: 0,0:18:01.31,0:18:06.70,Default,,0000,0000,0000,,on the left hand side wishing to visit Bob\Nwill pick a rendezvous point in the network
Dialogue: 0,0:18:06.70,0:18:10.03,Default,,0000,0000,0000,,and build a circuit to it. So this “RP”\Nhere is the rendezvous point.
Dialogue: 0,0:18:10.03,0:18:14.53,Default,,0000,0000,0000,,And she will relay a message via one of\Nthe introduction points saying to Bob:
Dialogue: 0,0:18:14.53,0:18:18.29,Default,,0000,0000,0000,,“Meet me at the rendezvous point”.\NAnd then Bob will build a 3-hop-circuit
Dialogue: 0,0:18:18.29,0:18:22.87,Default,,0000,0000,0000,,to the rendezvous point. So now at this\Nstage we got Alice with a multi-hop circuit
Dialogue: 0,0:18:22.87,0:18:26.89,Default,,0000,0000,0000,,to the rendezvous point, and Bob with\Na multi-hop circuit to the rendezvous point.
Dialogue: 0,0:18:26.89,0:18:32.55,Default,,0000,0000,0000,,Alice and Bob haven’t connected to one\Nanother directly. The rendezvous point
Dialogue: 0,0:18:32.55,0:18:36.53,Default,,0000,0000,0000,,doesn’t know who Bob is, the rendezvous\Npoint doesn’t know who Alice is.
Dialogue: 0,0:18:36.53,0:18:40.26,Default,,0000,0000,0000,,All they’re doing is forwarding the\Ntraffic. And they can’t inspect the traffic,
Dialogue: 0,0:18:40.26,0:18:43.74,Default,,0000,0000,0000,,either, because the traffic itself\Nis encrypted.
Dialogue: 0,0:18:43.74,0:18:47.53,Default,,0000,0000,0000,,So that’s currently how you solve this\Nproblem with trying to communicate
Dialogue: 0,0:18:47.53,0:18:50.82,Default,,0000,0000,0000,,with someone who you don’t know\Nwho they are and vice versa.
Dialogue: 0,0:18:50.82,0:18:55.74,Default,,0000,0000,0000,,{\i1}drinks from the bottle{\i0}
Dialogue: 0,0:18:55.74,0:18:58.87,Default,,0000,0000,0000,,The principle thing I’m going to talk\Nabout today is this database.
Dialogue: 0,0:18:58.87,0:19:01.99,Default,,0000,0000,0000,,So I said, Bob, when he picks his\Nintroduction points he builds this thing
Dialogue: 0,0:19:01.99,0:19:06.08,Default,,0000,0000,0000,,called a descriptor, describing who his\Nintroduction points are, and he publishes
Dialogue: 0,0:19:06.08,0:19:10.39,Default,,0000,0000,0000,,them to a database. This database itself\Nis distributed throughout the Tor network.
Dialogue: 0,0:19:10.39,0:19:17.86,Default,,0000,0000,0000,,It’s not a single server. So both, Bob and\NAlice need to be able to publish information
Dialogue: 0,0:19:17.86,0:19:22.04,Default,,0000,0000,0000,,to this database, and also retrieve\Ninformation from this database. And Tor
Dialogue: 0,0:19:22.04,0:19:24.82,Default,,0000,0000,0000,,currently uses something called\Na distributed hash table, which I’m gonna
Dialogue: 0,0:19:24.82,0:19:27.93,Default,,0000,0000,0000,,give an example of what this means and\Nhow it works. And then I’ll talk to you
Dialogue: 0,0:19:27.93,0:19:34.38,Default,,0000,0000,0000,,specifically how the Tor Distributed Hash\NTable works itself. So let’s say e.g.
Dialogue: 0,0:19:34.38,0:19:39.83,Default,,0000,0000,0000,,you've got a set of servers. So here we've\Ngot 26 servers and you’d like to store
Dialogue: 0,0:19:39.83,0:19:44.24,Default,,0000,0000,0000,,your files across these different servers\Nwithout having a single server responsible
Dialogue: 0,0:19:44.24,0:19:48.05,Default,,0000,0000,0000,,for deciding, “okay, that file is stored\Non that server, and this file is stored
Dialogue: 0,0:19:48.05,0:19:53.05,Default,,0000,0000,0000,,on that server” etc. etc. Now here is my\Nlist of files. You could take a very naive
Dialogue: 0,0:19:53.05,0:19:57.74,Default,,0000,0000,0000,,approach. And you could say: “Okay, I’ve\Ngot 26 servers, I got all of these file names
Dialogue: 0,0:19:57.74,0:20:01.25,Default,,0000,0000,0000,,and start with the letter of the alphabet.”\NAnd I could say: “All of the files that begin
Dialogue: 0,0:20:01.25,0:20:05.45,Default,,0000,0000,0000,,with A are gonna go under server A; or\Nthe files that begin with B are gonna go
Dialogue: 0,0:20:05.45,0:20:09.90,Default,,0000,0000,0000,,on server B etc.” And then when you want\Nto retrieve a file you say: “Okay, what
Dialogue: 0,0:20:09.90,0:20:13.95,Default,,0000,0000,0000,,does my file name begin with?” And then\Nyou know which server it’s stored on.
Dialogue: 0,0:20:13.95,0:20:17.75,Default,,0000,0000,0000,,Now of course you could have a lot of\Nservers – sorry – a lot of files
Dialogue: 0,0:20:17.75,0:20:22.78,Default,,0000,0000,0000,,which begin with a Z, an X or a Y etc. in\Nwhich case you’re gonna overload
Dialogue: 0,0:20:22.78,0:20:27.31,Default,,0000,0000,0000,,that server. You’re gonna have more files\Nstored on one server than on another server
Dialogue: 0,0:20:27.31,0:20:32.15,Default,,0000,0000,0000,,in your set. And if you have a lot of big\Nfiles, say e.g. beginning with B then
Dialogue: 0,0:20:32.15,0:20:35.52,Default,,0000,0000,0000,,rather than distributing your files across\Nall the servers you’re gonna just be
Dialogue: 0,0:20:35.52,0:20:39.06,Default,,0000,0000,0000,,overloading one or two of them. So to\Nsolve this problem what we tend to do is:
Dialogue: 0,0:20:39.06,0:20:42.41,Default,,0000,0000,0000,,we take the file name, and we run it\Nthrough a cryptographic hash function.
Dialogue: 0,0:20:42.41,0:20:46.93,Default,,0000,0000,0000,,A hash function produces output which\Nlooks like random, very small changes
Dialogue: 0,0:20:46.93,0:20:50.74,Default,,0000,0000,0000,,in the input so a cryptographic hash\Nfunction produces a very large change
Dialogue: 0,0:20:50.74,0:20:55.24,Default,,0000,0000,0000,,in the output. And this change looks\Nrandom. So if I take all of my file names
Dialogue: 0,0:20:55.24,0:20:59.82,Default,,0000,0000,0000,,here, and assuming I have a lot more,\NI take a hash of them, and then I use
Dialogue: 0,0:20:59.82,0:21:05.47,Default,,0000,0000,0000,,that hash to determine which server to\Nstore the file on. Then, with high probability
Dialogue: 0,0:21:05.47,0:21:09.67,Default,,0000,0000,0000,,my files will be distributed evenly across\Nall of the servers. And then when I want
Dialogue: 0,0:21:09.67,0:21:12.99,Default,,0000,0000,0000,,to go and retrieve one of the files I take\Nmy file name, I run it through the
Dialogue: 0,0:21:12.99,0:21:15.98,Default,,0000,0000,0000,,cryptographic hash function, that gives me\Nthe hash, and then I use that hash
Dialogue: 0,0:21:15.98,0:21:19.74,Default,,0000,0000,0000,,to identify which server that particular\Nfile is stored on. And then I go and
Dialogue: 0,0:21:19.74,0:21:25.99,Default,,0000,0000,0000,,retrieve it. So that’s the sort of a loose\Nidea of how a distributed hash table works.
Dialogue: 0,0:21:25.99,0:21:29.34,Default,,0000,0000,0000,,There are a couple of problems with this.\NWhat if you got a changing size, what
Dialogue: 0,0:21:29.34,0:21:34.70,Default,,0000,0000,0000,,if the number of servers you got changes\Nin size as it does in the Tor network.
Dialogue: 0,0:21:34.70,0:21:42.29,Default,,0000,0000,0000,,It’s a very brief overview of the theory.\NSo how does it apply for the Tor network?
Dialogue: 0,0:21:42.29,0:21:47.64,Default,,0000,0000,0000,,Well, the Tor network has a set of relays\Nand it has a set of hidden services.
Dialogue: 0,0:21:47.64,0:21:52.71,Default,,0000,0000,0000,,Now we take all of the relays, and they\Nhave a hash identity which identifies them.
Dialogue: 0,0:21:52.71,0:21:57.46,Default,,0000,0000,0000,,And we map them onto a circle using that\Nhash value as an identifier. So you can
Dialogue: 0,0:21:57.46,0:22:03.23,Default,,0000,0000,0000,,imagine the hash value ranging from Zero\Nto a very large number. We got a Zero point
Dialogue: 0,0:22:03.23,0:22:07.28,Default,,0000,0000,0000,,at the very top there. And that runs all\Nthe way round to the very large number.
Dialogue: 0,0:22:07.28,0:22:12.13,Default,,0000,0000,0000,,So given the identity hash for a relay we\Ncan map that to a particular point on
Dialogue: 0,0:22:12.13,0:22:19.07,Default,,0000,0000,0000,,the server. And then all we have to do\Nis also do this for hidden services.
Dialogue: 0,0:22:19.07,0:22:22.32,Default,,0000,0000,0000,,So there’s a hidden service address,\Nsomething.onion, so this is
Dialogue: 0,0:22:22.32,0:22:27.75,Default,,0000,0000,0000,,one of the hidden websites that you might\Nvisit. You take the – I’m not gonna describe
Dialogue: 0,0:22:27.75,0:22:33.98,Default,,0000,0000,0000,,in too much detail how this is done but –\Nthe value is done in such a way such that
Dialogue: 0,0:22:33.98,0:22:38.02,Default,,0000,0000,0000,,it’s evenly distributed about the circle.\NSo your hidden service will have
Dialogue: 0,0:22:38.02,0:22:44.24,Default,,0000,0000,0000,,a particular point on the circle. And the\Nrelays will also be mapped onto this circle.
Dialogue: 0,0:22:44.24,0:22:49.64,Default,,0000,0000,0000,,So there’s the relays. And the hidden\Nservice. And in the case of Tor
Dialogue: 0,0:22:49.64,0:22:53.46,Default,,0000,0000,0000,,the hidden service actually maps to two\Npositions on the circle, and it publishes
Dialogue: 0,0:22:53.46,0:22:57.85,Default,,0000,0000,0000,,its descriptor to the three relays to the\Nright at one position, and the three relays
Dialogue: 0,0:22:57.85,0:23:01.60,Default,,0000,0000,0000,,to the right at another position. So there\Nare actually in total six places where
Dialogue: 0,0:23:01.60,0:23:05.06,Default,,0000,0000,0000,,this descriptor is published on the\Ncircle. And then if I want to go and
Dialogue: 0,0:23:05.06,0:23:09.45,Default,,0000,0000,0000,,fetch and connect to a hidden service\NI go on to go and pull this hidden descriptor
Dialogue: 0,0:23:09.45,0:23:13.78,Default,,0000,0000,0000,,down to identify what its introduction\Npoints are. I take the hidden service
Dialogue: 0,0:23:13.78,0:23:17.20,Default,,0000,0000,0000,,address, I find out where it is on the\Ncircle, I map all of the relays onto
Dialogue: 0,0:23:17.20,0:23:21.11,Default,,0000,0000,0000,,the circle, and then I identify which\Nrelays on the circle are responsible
Dialogue: 0,0:23:21.11,0:23:24.03,Default,,0000,0000,0000,,for that particular hidden service. And\NI just connect, then I say: “Do you have
Dialogue: 0,0:23:24.03,0:23:26.63,Default,,0000,0000,0000,,a copy of the descriptor for that\Nparticular hidden service?”
Dialogue: 0,0:23:26.63,0:23:29.62,Default,,0000,0000,0000,,And if so then we’ve got our list of\Nintroduction points. And we can go
Dialogue: 0,0:23:29.62,0:23:38.02,Default,,0000,0000,0000,,to the next steps to connect to our hidden\Nservice. So I’m gonna explain how we
Dialogue: 0,0:23:38.02,0:23:41.32,Default,,0000,0000,0000,,sort of set up our experiments. What we\Nthought, or what we were interested to do,
Dialogue: 0,0:23:41.32,0:23:48.18,Default,,0000,0000,0000,,was collect publications of hidden\Nservices. So for everytime a hidden service
Dialogue: 0,0:23:48.18,0:23:51.52,Default,,0000,0000,0000,,gets set up it publishes to this distributed\Nhash table. What we wanted to do was
Dialogue: 0,0:23:51.52,0:23:55.75,Default,,0000,0000,0000,,collect those publications so that we\Nget a complete list of all of the hidden
Dialogue: 0,0:23:55.75,0:23:59.28,Default,,0000,0000,0000,,services. And what we also wanted to do\Nis to find out how many times a particular
Dialogue: 0,0:23:59.28,0:24:06.30,Default,,0000,0000,0000,,hidden service is requested.
Dialogue: 0,0:24:06.30,0:24:10.54,Default,,0000,0000,0000,,Just one more point that\Nwill become important later.
Dialogue: 0,0:24:10.54,0:24:14.23,Default,,0000,0000,0000,,The position which the hidden service\Nappears on the circle changes
Dialogue: 0,0:24:14.23,0:24:18.95,Default,,0000,0000,0000,,every 24 hours. So there’s not\Na fixed position every single day.
Dialogue: 0,0:24:18.95,0:24:24.37,Default,,0000,0000,0000,,If we run 40 nodes over a long period of\Ntime we will occupy positions within
Dialogue: 0,0:24:24.37,0:24:29.57,Default,,0000,0000,0000,,that distributed hash table. And we will be\Nable to collect publications and requests
Dialogue: 0,0:24:29.57,0:24:34.30,Default,,0000,0000,0000,,for hidden services that are located at\Nthat position inside the distributed
Dialogue: 0,0:24:34.30,0:24:39.25,Default,,0000,0000,0000,,hash table. So in that case we ran 40 Tor\Nnodes, we had a student at university
Dialogue: 0,0:24:39.25,0:24:43.95,Default,,0000,0000,0000,,who said: “Hey, I run a hosting company,\NI got loads of server capacity”, and
Dialogue: 0,0:24:43.95,0:24:46.58,Default,,0000,0000,0000,,we told him what we were doing, and he\Nsaid: “Well, you really helped us out,
Dialogue: 0,0:24:46.58,0:24:49.82,Default,,0000,0000,0000,,these last couple of years…”\Nand just gave us loads of server capacity
Dialogue: 0,0:24:49.82,0:24:55.50,Default,,0000,0000,0000,,to allow us to do this. So we spun up 40\NTor nodes. Each Tor node was required
Dialogue: 0,0:24:55.50,0:24:59.56,Default,,0000,0000,0000,,to advertise a certain amount of bandwidth\Nto become a part of that distributed
Dialogue: 0,0:24:59.56,0:25:02.20,Default,,0000,0000,0000,,hash table. It’s actually a very small\Namount, so this didn’t matter too much.
Dialogue: 0,0:25:02.20,0:25:06.05,Default,,0000,0000,0000,,And then, after – this has changed\Nrecently in the last few days,
Dialogue: 0,0:25:06.05,0:25:10.07,Default,,0000,0000,0000,,it used to be 25 hours, it’s just been\Nincreased as a result of one of the
Dialogue: 0,0:25:10.07,0:25:14.57,Default,,0000,0000,0000,,attacks last week. But here… certainly\Nduring our study it was 25 hours. You then
Dialogue: 0,0:25:14.57,0:25:18.30,Default,,0000,0000,0000,,appear at a particular point inside that\Ndistributed hash table. And you’re then
Dialogue: 0,0:25:18.30,0:25:22.75,Default,,0000,0000,0000,,in a position to record publications of\Nhidden services and requests for hidden
Dialogue: 0,0:25:22.75,0:25:27.81,Default,,0000,0000,0000,,services. So not only can you get a full\Nlist of the onion addresses you can also
Dialogue: 0,0:25:27.81,0:25:32.25,Default,,0000,0000,0000,,find out how many times each of the\Nonion addresses are requested.
Dialogue: 0,0:25:32.25,0:25:38.27,Default,,0000,0000,0000,,And so this is what we recorded. And then,\Nonce we had a full list of… or once
Dialogue: 0,0:25:38.27,0:25:41.83,Default,,0000,0000,0000,,we had run for a long period of time to\Ncollect a long list of .onion addresses
Dialogue: 0,0:25:41.83,0:25:46.85,Default,,0000,0000,0000,,we then built a custom crawler that would\Nvisit each of the Tor hidden services
Dialogue: 0,0:25:46.85,0:25:51.45,Default,,0000,0000,0000,,in turn, and pull down the HTML contents,\Nthe text content from the web page,
Dialogue: 0,0:25:51.45,0:25:54.76,Default,,0000,0000,0000,,so that we could go ahead and classify\Nthe content. Now it’s really important
Dialogue: 0,0:25:54.76,0:25:59.25,Default,,0000,0000,0000,,to know here, and it will become obvious\Nwhy a little bit later, we only pulled down
Dialogue: 0,0:25:59.25,0:26:03.03,Default,,0000,0000,0000,,HTML content. We didn’t pull out images.\NAnd there’s a very, very important reason
Dialogue: 0,0:26:03.03,0:26:09.98,Default,,0000,0000,0000,,for that which will become clear shortly.
Dialogue: 0,0:26:09.98,0:26:13.52,Default,,0000,0000,0000,,We had a lot of questions when we\Nfirst started this. Noone really knew
Dialogue: 0,0:26:13.52,0:26:18.00,Default,,0000,0000,0000,,how many hidden services there were. It had\Nbeen suggested to us there was a very high
Dialogue: 0,0:26:18.00,0:26:21.25,Default,,0000,0000,0000,,turn-over of hidden services. We wanted to\Nconfirm that whether that was true or not.
Dialogue: 0,0:26:21.25,0:26:24.53,Default,,0000,0000,0000,,And we also wanted to do this so,\Nwhat are the hidden services,
Dialogue: 0,0:26:24.53,0:26:30.14,Default,,0000,0000,0000,,how popular are they, etc. etc. etc. So\Nour estimate for how many hidden services
Dialogue: 0,0:26:30.14,0:26:34.77,Default,,0000,0000,0000,,there are, over the period which we\Nran our study, this is a graph plotting
Dialogue: 0,0:26:34.77,0:26:38.56,Default,,0000,0000,0000,,our estimate for each of the individual\Ndays as to how many hidden services
Dialogue: 0,0:26:38.56,0:26:44.85,Default,,0000,0000,0000,,there were on that particular day. Now the\Ndata is naturally noisy because we’re only
Dialogue: 0,0:26:44.85,0:26:48.59,Default,,0000,0000,0000,,a very small proportion of that circle.\NSo we’re only observing a very small
Dialogue: 0,0:26:48.59,0:26:53.25,Default,,0000,0000,0000,,proportion of the total publications and\Nrequests every single day, for each of
Dialogue: 0,0:26:53.25,0:26:57.26,Default,,0000,0000,0000,,those hidden services. And if you\Ntake a long term average for this
Dialogue: 0,0:26:57.26,0:27:02.72,Default,,0000,0000,0000,,there’s about 45.000 hidden services that\Nwe think were present, on average,
Dialogue: 0,0:27:02.72,0:27:07.88,Default,,0000,0000,0000,,each day, during our entire study. Which\Nis a large number of hidden services.
Dialogue: 0,0:27:07.88,0:27:11.07,Default,,0000,0000,0000,,But over the entire length we\Ncollected about 80.000, in total.
Dialogue: 0,0:27:11.07,0:27:14.27,Default,,0000,0000,0000,,Some came and went etc.\NSo the next question after how many
Dialogue: 0,0:27:14.27,0:27:17.75,Default,,0000,0000,0000,,hidden services there are is how long\Nthe hidden service exists for.
Dialogue: 0,0:27:17.75,0:27:20.62,Default,,0000,0000,0000,,Does it exist for a very long period\Nof time, does it exist for a very short
Dialogue: 0,0:27:20.62,0:27:24.22,Default,,0000,0000,0000,,period of time etc. etc.\NSo what we did was, for every single
Dialogue: 0,0:27:24.22,0:27:30.26,Default,,0000,0000,0000,,.onion address we plotted how many times\Nwe saw a publication for that particular
Dialogue: 0,0:27:30.26,0:27:34.16,Default,,0000,0000,0000,,hidden service during the six months.\NHow many times did we see it.
Dialogue: 0,0:27:34.16,0:27:38.10,Default,,0000,0000,0000,,If we saw it a lot of times that suggested\Nin general the hidden service existed
Dialogue: 0,0:27:38.10,0:27:42.18,Default,,0000,0000,0000,,for a very long period of time. If we saw\Na very short number of publications
Dialogue: 0,0:27:42.18,0:27:45.76,Default,,0000,0000,0000,,for each hidden service then that\Nsuggests that they were only present
Dialogue: 0,0:27:45.76,0:27:51.69,Default,,0000,0000,0000,,for a very short period of time. This is\Nour graph. By far the most number
Dialogue: 0,0:27:51.69,0:27:55.89,Default,,0000,0000,0000,,of hidden services we only saw once during\Nthe entire study. And we never saw them
Dialogue: 0,0:27:55.89,0:28:00.39,Default,,0000,0000,0000,,again. We suggest that there’s a very high\Nturnover of the hidden services, they
Dialogue: 0,0:28:00.39,0:28:04.52,Default,,0000,0000,0000,,don’t tend to exist on average i.e. for\Na very long period of time.
Dialogue: 0,0:28:04.52,0:28:10.73,Default,,0000,0000,0000,,And then you can see the sort of\Na tail here. If we plot just those
Dialogue: 0,0:28:10.73,0:28:16.39,Default,,0000,0000,0000,,hidden services which existed for a long\Ntime, so e.g. we could take hidden services
Dialogue: 0,0:28:16.39,0:28:20.28,Default,,0000,0000,0000,,which have a high number of hit requests\Nand say: “Okay, those that have a high number
Dialogue: 0,0:28:20.28,0:28:24.80,Default,,0000,0000,0000,,of hits probably existed for a long time.”\NThat’s not absolutely certain, but probably.
Dialogue: 0,0:28:24.80,0:28:29.19,Default,,0000,0000,0000,,Then you see this sort of -normal- plot\Nabout 4..5, so we saw on average
Dialogue: 0,0:28:29.19,0:28:34.87,Default,,0000,0000,0000,,most hidden services four or five times\Nduring the entire six months if they were
Dialogue: 0,0:28:34.87,0:28:40.53,Default,,0000,0000,0000,,popular and we’re using that as a proxy\Nmeasure for whether they existed
Dialogue: 0,0:28:40.53,0:28:48.16,Default,,0000,0000,0000,,for the entire time. Now, this stage was\Nover 160 days, so almost six months.
Dialogue: 0,0:28:48.16,0:28:51.49,Default,,0000,0000,0000,,What we also wanted to do was trying\Nto confirm this over a longer period.
Dialogue: 0,0:28:51.49,0:28:56.31,Default,,0000,0000,0000,,So last year, in 2013, about February time\Nsome researchers of the University
Dialogue: 0,0:28:56.31,0:29:00.35,Default,,0000,0000,0000,,of Luxemburg also ran a similar study\Nbut it ran over a very short period of time
Dialogue: 0,0:29:00.35,0:29:05.06,Default,,0000,0000,0000,,over the day. But they did it in such\Na way it could collect descriptors
Dialogue: 0,0:29:05.06,0:29:08.59,Default,,0000,0000,0000,,across much of the circle during a single\Nday. That was because of a bug in the way
Dialogue: 0,0:29:08.59,0:29:12.02,Default,,0000,0000,0000,,Tor did some of the things which has\Nnow been fixed so we can’t repeat that
Dialogue: 0,0:29:12.02,0:29:16.52,Default,,0000,0000,0000,,as a particular way. So we got a list of\N.onion addresses from February 2013
Dialogue: 0,0:29:16.52,0:29:18.96,Default,,0000,0000,0000,,from these researchers at the University\Nof Luxemburg. And then we got our list
Dialogue: 0,0:29:18.96,0:29:23.67,Default,,0000,0000,0000,,of .onion addresses from this six months\Nwhich was March to September of this year.
Dialogue: 0,0:29:23.67,0:29:26.70,Default,,0000,0000,0000,,And we wanted to say, okay, we’re given\Nthese two sets of .onion addresses.
Dialogue: 0,0:29:26.70,0:29:30.74,Default,,0000,0000,0000,,Which .onion addresses existed in his set\Nbut not ours and vice versa, and which
Dialogue: 0,0:29:30.74,0:29:39.74,Default,,0000,0000,0000,,.onion addresses existed in both sets?
Dialogue: 0,0:29:39.74,0:29:45.52,Default,,0000,0000,0000,,So as you can see a very small minority\Nof hidden service addresses existed
Dialogue: 0,0:29:45.52,0:29:50.00,Default,,0000,0000,0000,,in both sets. This is over an 18 month\Nperiod between these two collection points.
Dialogue: 0,0:29:50.00,0:29:54.43,Default,,0000,0000,0000,,A very small number of services existed\Nin both his data set and in
Dialogue: 0,0:29:54.43,0:29:58.39,Default,,0000,0000,0000,,our data set. Which again suggested\Nthere’s a very high turnover of hidden
Dialogue: 0,0:29:58.39,0:30:02.92,Default,,0000,0000,0000,,services that don’t tend to exist\Nfor a very long period of time.
Dialogue: 0,0:30:02.92,0:30:06.53,Default,,0000,0000,0000,,So the question is why is that?\NWhich we’ll come on to a little bit later.
Dialogue: 0,0:30:06.53,0:30:11.12,Default,,0000,0000,0000,,It’s a very valid question, can’t answer\Nit 100%, we have some inclines as to
Dialogue: 0,0:30:11.12,0:30:15.56,Default,,0000,0000,0000,,why that may be the case. So in terms\Nof popularity which hidden services
Dialogue: 0,0:30:15.56,0:30:19.70,Default,,0000,0000,0000,,did we see, or which .onion addresses\Ndid we see requested the most?
Dialogue: 0,0:30:19.70,0:30:26.98,Default,,0000,0000,0000,,Which got the most number of hits? Or the\Nmost number of directory requests.
Dialogue: 0,0:30:26.98,0:30:30.12,Default,,0000,0000,0000,,So botnet Command & Control servers\N– if you’re not familiar with what
Dialogue: 0,0:30:30.12,0:30:34.34,Default,,0000,0000,0000,,a botnet is, the idea is to infect lots of\Npeople with a piece of malware.
Dialogue: 0,0:30:34.34,0:30:37.63,Default,,0000,0000,0000,,And this malware phones home to\Na Command & Control server where
Dialogue: 0,0:30:37.63,0:30:41.50,Default,,0000,0000,0000,,the botnet master can give instructions\Nto each of the bots on to do things.
Dialogue: 0,0:30:41.50,0:30:46.78,Default,,0000,0000,0000,,So it might be e.g. to collect passwords,\Nkey strokes, banking details.
Dialogue: 0,0:30:46.78,0:30:51.01,Default,,0000,0000,0000,,Or it might be to do things like\NDistributed Denial of Service attacks,
Dialogue: 0,0:30:51.01,0:30:55.22,Default,,0000,0000,0000,,or to send spam, those sorts of things.\NAnd a couple of years ago someone gave
Dialogue: 0,0:30:55.22,0:31:00.72,Default,,0000,0000,0000,,a talk and said: “Well, the problem with\Nrunning a botnet is your C&C servers
Dialogue: 0,0:31:00.72,0:31:05.75,Default,,0000,0000,0000,,are vulnerable.” Once a C&C server is taken\Ndown you no longer have control over
Dialogue: 0,0:31:05.75,0:31:10.03,Default,,0000,0000,0000,,your botnet. So it’s been a sort of arms\Nrace against anti-virus companies and
Dialogue: 0,0:31:10.03,0:31:15.13,Default,,0000,0000,0000,,against malware authors to try and come up\Nwith techniques to run C&C servers in a way
Dialogue: 0,0:31:15.13,0:31:18.49,Default,,0000,0000,0000,,which they can’t be taken down. And\Na couple of years ago someone gave a talk
Dialogue: 0,0:31:18.49,0:31:22.45,Default,,0000,0000,0000,,at a conference that said: “You know what?\NIt would be a really good idea if botnet
Dialogue: 0,0:31:22.45,0:31:25.81,Default,,0000,0000,0000,,C&C servers were run as Tor hidden\Nservices because then no one knows
Dialogue: 0,0:31:25.81,0:31:29.37,Default,,0000,0000,0000,,where they are, and in theory they can’t\Nbe taken down.” So in the fact we have this
Dialogue: 0,0:31:29.37,0:31:33.00,Default,,0000,0000,0000,,there are loads and loads and loads of\Nthese addresses associated with several
Dialogue: 0,0:31:33.00,0:31:38.12,Default,,0000,0000,0000,,different botnets, ‘Sefnit’ and ‘Skynet’.\NNow Skynet is the one I wanted to talk
Dialogue: 0,0:31:38.12,0:31:42.84,Default,,0000,0000,0000,,to you about because the guy that runs\NSkynet had a twitter account, and he also
Dialogue: 0,0:31:42.84,0:31:47.21,Default,,0000,0000,0000,,did a Reddit AMA. If you not heard\Nof a Reddit AMA before, that’s a Reddit
Dialogue: 0,0:31:47.21,0:31:51.50,Default,,0000,0000,0000,,ask-me-anything. You can go on the website\Nand ask the guy anything. So this guy
Dialogue: 0,0:31:51.50,0:31:54.79,Default,,0000,0000,0000,,wasn’t hiding in the shadows. He’d say:\N“Hey, I’m running this massive botnet,
Dialogue: 0,0:31:54.79,0:31:58.18,Default,,0000,0000,0000,,here’s my Twitter account which I update\Nregularly, here is my Reddit AMA where
Dialogue: 0,0:31:58.18,0:32:01.62,Default,,0000,0000,0000,,you can ask me questions!” etc.
Dialogue: 0,0:32:01.62,0:32:04.59,Default,,0000,0000,0000,,He was arrested last year, which is not,\Nperhaps, a huge surprise.
Dialogue: 0,0:32:04.59,0:32:11.75,Default,,0000,0000,0000,,{\i1}laughter and applause{\i0}
Dialogue: 0,0:32:11.75,0:32:15.97,Default,,0000,0000,0000,,But… so he was arrested,\Nhis C&C servers disappeared
Dialogue: 0,0:32:15.97,0:32:21.60,Default,,0000,0000,0000,,but there were still infected hosts trying\Nto connect with the C&C servers and
Dialogue: 0,0:32:21.60,0:32:24.49,Default,,0000,0000,0000,,request access to the C&C server.
Dialogue: 0,0:32:24.49,0:32:27.57,Default,,0000,0000,0000,,This is why we’re saying: “A large number\Nof hits.” So all of these requests are
Dialogue: 0,0:32:27.57,0:32:31.52,Default,,0000,0000,0000,,failed requests, i.e. we didn’t have\Na descriptor for them because
Dialogue: 0,0:32:31.52,0:32:34.91,Default,,0000,0000,0000,,the hidden service had gone away but\Nthere were still clients requesting each
Dialogue: 0,0:32:34.91,0:32:38.04,Default,,0000,0000,0000,,of the hidden services.
Dialogue: 0,0:32:38.04,0:32:41.98,Default,,0000,0000,0000,,And the next thing we wanted to do was\Nto try and categorize sites. So, as I said
Dialogue: 0,0:32:41.98,0:32:45.96,Default,,0000,0000,0000,,earlier, we crawled all of the hidden\Nservices that we could, and we classified
Dialogue: 0,0:32:45.96,0:32:50.23,Default,,0000,0000,0000,,them into different categories based\Non what the type of content was
Dialogue: 0,0:32:50.23,0:32:53.65,Default,,0000,0000,0000,,on the hidden service side. The first\Ngraph I have is the number of sites
Dialogue: 0,0:32:53.65,0:32:58.04,Default,,0000,0000,0000,,in each of the categories. So you can see\Ndown the bottom here we got lots of
Dialogue: 0,0:32:58.04,0:33:04.28,Default,,0000,0000,0000,,different categories. We got drugs, market\Nplaces, etc. on the bottom. And the graph
Dialogue: 0,0:33:04.28,0:33:07.36,Default,,0000,0000,0000,,shows the percentage of the hidden\Nservices that we crawled that fit in
Dialogue: 0,0:33:07.36,0:33:12.68,Default,,0000,0000,0000,,to each of these categories. So e.g. looking\Nat this, drugs, the most number of sites
Dialogue: 0,0:33:12.68,0:33:16.25,Default,,0000,0000,0000,,that we crawled were made up of\Ndrugs-focused websites, followed by
Dialogue: 0,0:33:16.25,0:33:20.97,Default,,0000,0000,0000,,market places etc. There’s a couple of\Nquestions you might have here,
Dialogue: 0,0:33:20.97,0:33:25.64,Default,,0000,0000,0000,,so which ones are gonna stick out, what\Ndoes ‘porn’ mean, well, you know
Dialogue: 0,0:33:25.64,0:33:31.06,Default,,0000,0000,0000,,what ‘porn’ means. There are some very\Nnotorious porn sites on the Tor Darknet.
Dialogue: 0,0:33:31.06,0:33:34.47,Default,,0000,0000,0000,,There was one in particular which was\Nfocused on revenge porn. It turns out
Dialogue: 0,0:33:34.47,0:33:37.52,Default,,0000,0000,0000,,that youngsters wish to take pictures\Nof themselves, and send it to their
Dialogue: 0,0:33:37.52,0:33:45.04,Default,,0000,0000,0000,,boyfriends or their girlfriends. And\Nwhen they get dumped they publish them
Dialogue: 0,0:33:45.04,0:33:49.75,Default,,0000,0000,0000,,on these websites. So there were several\Nof these sites on the main internet
Dialogue: 0,0:33:49.75,0:33:53.07,Default,,0000,0000,0000,,which have mostly been shut down.\NAnd some of these sites were archived
Dialogue: 0,0:33:53.07,0:33:58.22,Default,,0000,0000,0000,,on the Darknet. The second one is that\Nwe should probably wonder what is,
Dialogue: 0,0:33:58.22,0:34:03.43,Default,,0000,0000,0000,,is ‘abuse’. Abuse was… every single\Nsite we classified in this category
Dialogue: 0,0:34:03.43,0:34:07.75,Default,,0000,0000,0000,,were child abuse sites. So they were in\Nsome way facilitating child abuse.
Dialogue: 0,0:34:07.75,0:34:10.98,Default,,0000,0000,0000,,And how do we know that? Well, the data\Nthat came back from the crawler
Dialogue: 0,0:34:10.98,0:34:14.79,Default,,0000,0000,0000,,made it completely unambiguous as to what\Nthe content was in these sites. That was
Dialogue: 0,0:34:14.79,0:34:18.92,Default,,0000,0000,0000,,completely obvious, from then content, from\Nthe crawler as to what was on these sites.
Dialogue: 0,0:34:18.92,0:34:23.45,Default,,0000,0000,0000,,And this is the principal reason why we\Ndidn’t pull down images from sites.
Dialogue: 0,0:34:23.45,0:34:26.10,Default,,0000,0000,0000,,There are many countries that\Nwould be a criminal offense to do so.
Dialogue: 0,0:34:26.10,0:34:29.53,Default,,0000,0000,0000,,So our crawler only pulled down text\Ncontent from all of these sites, and that
Dialogue: 0,0:34:29.53,0:34:34.47,Default,,0000,0000,0000,,enabled us to classify them, based on\Nthat. We didn’t pull down any images.
Dialogue: 0,0:34:34.47,0:34:37.88,Default,,0000,0000,0000,,So of course the next thing we liked to do\Nis to say: “Okay, well, given each of these
Dialogue: 0,0:34:37.88,0:34:42.76,Default,,0000,0000,0000,,categories, what proportion of directory\Nrequests went to each of the categories?”
Dialogue: 0,0:34:42.76,0:34:45.49,Default,,0000,0000,0000,,Now the next graph is going to need some\Nexplaining as to precisely what it
Dialogue: 0,0:34:45.49,0:34:52.09,Default,,0000,0000,0000,,means, and I’m gonna give that. This is\Nthe proportion of directory requests
Dialogue: 0,0:34:52.09,0:34:55.83,Default,,0000,0000,0000,,which we saw that went to each of the\Ncategories of hidden service that we
Dialogue: 0,0:34:55.83,0:34:59.74,Default,,0000,0000,0000,,classified. As you can see, in fact, we\Nsaw a very large number going to these
Dialogue: 0,0:34:59.74,0:35:05.01,Default,,0000,0000,0000,,abuse sites. And the rest sort of\Ndistributed right there, at the bottom.
Dialogue: 0,0:35:05.01,0:35:07.23,Default,,0000,0000,0000,,And the question is: “What is it\Nwe’re collecting here?”
Dialogue: 0,0:35:07.23,0:35:12.07,Default,,0000,0000,0000,,We’re collecting successful hidden service\Ndirectory requests. What does a hidden
Dialogue: 0,0:35:12.07,0:35:16.79,Default,,0000,0000,0000,,service directory request mean?\NIt probably loosely correlates with
Dialogue: 0,0:35:16.79,0:35:22.23,Default,,0000,0000,0000,,either a visit or a visitor. So somewhere\Nin between those two. Because when you
Dialogue: 0,0:35:22.23,0:35:26.79,Default,,0000,0000,0000,,want to visit a hidden service you make\Na request for the hidden service descriptor
Dialogue: 0,0:35:26.79,0:35:31.08,Default,,0000,0000,0000,,and that allows you to connect to it\Nand browse through the web site.
Dialogue: 0,0:35:31.08,0:35:34.77,Default,,0000,0000,0000,,But there are cases where, e.g. if you\Nrestart Tor, you’ll go back and you
Dialogue: 0,0:35:34.77,0:35:40.10,Default,,0000,0000,0000,,re-fetch the descriptor. So in that case\Nwe’ll count twice, for example.
Dialogue: 0,0:35:40.10,0:35:43.05,Default,,0000,0000,0000,,What proportion of these are people,\Nand which proportion of them are
Dialogue: 0,0:35:43.05,0:35:46.62,Default,,0000,0000,0000,,something else? The answer to that is\Nwe just simply don’t know.
Dialogue: 0,0:35:46.62,0:35:50.25,Default,,0000,0000,0000,,We've got directory requests but that doesn’t\Ntell us about what they’re doing on these
Dialogue: 0,0:35:50.25,0:35:55.13,Default,,0000,0000,0000,,sites, what they’re fetching, or who\Nindeed they are, or what it is they are.
Dialogue: 0,0:35:55.13,0:35:58.69,Default,,0000,0000,0000,,So these could be automated requests,\Nthey could be human beings. We can’t
Dialogue: 0,0:35:58.69,0:36:03.75,Default,,0000,0000,0000,,distinguish between those two things.
Dialogue: 0,0:36:03.75,0:36:06.42,Default,,0000,0000,0000,,What are the limitations?
Dialogue: 0,0:36:06.42,0:36:12.17,Default,,0000,0000,0000,,A hidden service directory request neither\Nexactly correlates to a visit -or- a visitor.
Dialogue: 0,0:36:12.17,0:36:16.38,Default,,0000,0000,0000,,It’s probably somewhere in between.\NSo you can’t say whether it’s exactly one
Dialogue: 0,0:36:16.38,0:36:19.81,Default,,0000,0000,0000,,or the other. We cannot say whether\Na hidden service directory request
Dialogue: 0,0:36:19.81,0:36:26.23,Default,,0000,0000,0000,,is a person or something automated.\NWe can’t distinguish between those two.
Dialogue: 0,0:36:26.23,0:36:31.89,Default,,0000,0000,0000,,Any type of site could be targeted by e.g.\NDoS attacks, by web crawlers which would
Dialogue: 0,0:36:31.89,0:36:40.04,Default,,0000,0000,0000,,greatly inflate the figures. If you were\Nto do a DoS attack it’s likely you’d only
Dialogue: 0,0:36:40.04,0:36:44.70,Default,,0000,0000,0000,,request a small number of descriptors.\NYou’d actually be flooding the site itself
Dialogue: 0,0:36:44.70,0:36:47.74,Default,,0000,0000,0000,,rather than the directories. But, in\Ntheory, you could flood the directories.
Dialogue: 0,0:36:47.74,0:36:52.84,Default,,0000,0000,0000,,But we didn’t see any sort of shutdown\Nof our directories based on flooding, e.g.
Dialogue: 0,0:36:52.84,0:36:58.72,Default,,0000,0000,0000,,Whilst we can’t rule that out, it doesn’t\Nseem to fit too well with what we’ve got.
Dialogue: 0,0:36:58.72,0:37:02.97,Default,,0000,0000,0000,,The other question is ‘crawlers’.\NI obviously talked with the Tor Project
Dialogue: 0,0:37:02.97,0:37:08.57,Default,,0000,0000,0000,,about these results and they’ve suggested\Nthat there are groups, so the child
Dialogue: 0,0:37:08.57,0:37:12.74,Default,,0000,0000,0000,,protection agencies e.g. that will crawl\Nthese sites on a regular basis. And,
Dialogue: 0,0:37:12.74,0:37:15.88,Default,,0000,0000,0000,,again, that doesn’t necessarily correlate\Nwith a human being. And that could
Dialogue: 0,0:37:15.88,0:37:19.83,Default,,0000,0000,0000,,inflate the figures. How many hidden\Ndirectory requests would there be
Dialogue: 0,0:37:19.83,0:37:24.61,Default,,0000,0000,0000,,if a crawler was pointed at it. Typically,\Nif I crawl them on a single day, one request.
Dialogue: 0,0:37:24.61,0:37:27.85,Default,,0000,0000,0000,,But if they got a large number of servers\Ndoing the crawling then it could be
Dialogue: 0,0:37:27.85,0:37:32.84,Default,,0000,0000,0000,,a request per day for every single server.\NSo, again, I can’t give you, definitive,
Dialogue: 0,0:37:32.84,0:37:37.93,Default,,0000,0000,0000,,“yes, this is human beings” or\N“yes, this is automated requests”.
Dialogue: 0,0:37:37.93,0:37:43.30,Default,,0000,0000,0000,,The other important point is, these two\Ncontent graphs are only hidden services
Dialogue: 0,0:37:43.30,0:37:48.55,Default,,0000,0000,0000,,offering web content. There are hidden\Nservices that do things, e.g. IRC,
Dialogue: 0,0:37:48.55,0:37:52.49,Default,,0000,0000,0000,,the instant messaging etc. Those aren’t\Nincluded in these figures. We’re only
Dialogue: 0,0:37:52.49,0:37:57.99,Default,,0000,0000,0000,,concentrating on hidden services offering\Nweb sites. They’re HTTP services, or HTTPS
Dialogue: 0,0:37:57.99,0:38:01.64,Default,,0000,0000,0000,,services. Because that allows to easily\Nclassify them. And, in fact, some of
Dialogue: 0,0:38:01.64,0:38:06.08,Default,,0000,0000,0000,,the other types are IRC and Jabber the\Nresult was probably not directly comparable
Dialogue: 0,0:38:06.08,0:38:08.92,Default,,0000,0000,0000,,with web sites. That’s sort of the use\Ncase for using them, it’s probably
Dialogue: 0,0:38:08.92,0:38:16.49,Default,,0000,0000,0000,,slightly different. So I appreciate the\Nlast graph is somewhat alarming.
Dialogue: 0,0:38:16.49,0:38:20.64,Default,,0000,0000,0000,,If you have any questions please ask\Neither me or the Tor developers
Dialogue: 0,0:38:20.64,0:38:24.81,Default,,0000,0000,0000,,as to how to interpret these results. It’s\Nnot quite as straight-forward as it may
Dialogue: 0,0:38:24.81,0:38:27.50,Default,,0000,0000,0000,,look when you look at the graph. You\Nmight look at the graph and say: “Hey,
Dialogue: 0,0:38:27.50,0:38:30.98,Default,,0000,0000,0000,,that looks like there’s lots of people\Nvisiting these sites”. It’s difficult
Dialogue: 0,0:38:30.98,0:38:40.24,Default,,0000,0000,0000,,to conclude that from the results.
Dialogue: 0,0:38:40.24,0:38:45.99,Default,,0000,0000,0000,,The next slide is gonna be very\Ncontentious. I will prefix it with:
Dialogue: 0,0:38:45.99,0:38:50.97,Default,,0000,0000,0000,,“I’m not advocating -any- kind of\Naction whatsoever. I’m just trying
Dialogue: 0,0:38:50.97,0:38:56.13,Default,,0000,0000,0000,,to describe technically as to what could\Nbe done. It’s not up to me to make decisions
Dialogue: 0,0:38:56.13,0:39:02.87,Default,,0000,0000,0000,,on these types of things.” So, of course,\Nwhen we found this out, frankly, I think
Dialogue: 0,0:39:02.87,0:39:06.19,Default,,0000,0000,0000,,we were stunned. I mean, it took us\Nseveral days, frankly, it just stunned us,
Dialogue: 0,0:39:06.19,0:39:09.61,Default,,0000,0000,0000,,“what the hell, this is not\Nwhat we expected at all.”
Dialogue: 0,0:39:09.61,0:39:13.21,Default,,0000,0000,0000,,So a natural step is, well, we think, most\Nof us think that Tor is a great thing,
Dialogue: 0,0:39:13.21,0:39:18.51,Default,,0000,0000,0000,,it seems. Could this problem be sorted out\Nwhile still keeping Tor as it is?
Dialogue: 0,0:39:18.51,0:39:21.51,Default,,0000,0000,0000,,And probably the next step to say: “Well,\Nokay, could we just block this class
Dialogue: 0,0:39:21.51,0:39:26.06,Default,,0000,0000,0000,,of content and not other types of content?”\NSo could we block just hidden services
Dialogue: 0,0:39:26.06,0:39:29.63,Default,,0000,0000,0000,,that are associated with these sites and\Nnot other types of hidden services?
Dialogue: 0,0:39:29.63,0:39:33.37,Default,,0000,0000,0000,,We thought there’s three ways in which\Nwe could block hidden services.
Dialogue: 0,0:39:33.37,0:39:36.96,Default,,0000,0000,0000,,And I’ll talk about whether these were\Nimpossible in the coming months,
Dialogue: 0,0:39:36.96,0:39:39.43,Default,,0000,0000,0000,,after explaining them. But during our\Nstudy these would have been impossible
Dialogue: 0,0:39:39.43,0:39:43.59,Default,,0000,0000,0000,,and presently they are possible.
Dialogue: 0,0:39:43.59,0:39:48.63,Default,,0000,0000,0000,,A single individual could shut down\Na single hidden service by controlling
Dialogue: 0,0:39:48.63,0:39:53.64,Default,,0000,0000,0000,,all of the relays which are responsible\Nfor receiving a publication request
Dialogue: 0,0:39:53.64,0:39:57.28,Default,,0000,0000,0000,,on that distributed hash table. It’s\Npossible to place one of your relays
Dialogue: 0,0:39:57.28,0:40:01.46,Default,,0000,0000,0000,,at a particular position on that circle\Nand so therefore make yourself be
Dialogue: 0,0:40:01.46,0:40:04.29,Default,,0000,0000,0000,,the responsible relay for\Na particular hidden service.
Dialogue: 0,0:40:04.29,0:40:08.50,Default,,0000,0000,0000,,And if you control all of the six relays\Nwhich are responsible for a hidden service,
Dialogue: 0,0:40:08.50,0:40:11.39,Default,,0000,0000,0000,,when someone comes to you and says:\N“Can I have a descriptor for that site”
Dialogue: 0,0:40:11.39,0:40:15.91,Default,,0000,0000,0000,,you can just say: “No, I haven’t got it”.\NAnd provided you control those relays
Dialogue: 0,0:40:15.91,0:40:20.58,Default,,0000,0000,0000,,users won’t be able to fetch those sites.
Dialogue: 0,0:40:20.58,0:40:25.01,Default,,0000,0000,0000,,The second option is you could say:\N“Okay, the Tor Project are blocking these”
Dialogue: 0,0:40:25.01,0:40:28.94,Default,,0000,0000,0000,,– which I’ll talk about in a second –\N“as a relay operator”. Could I
Dialogue: 0,0:40:28.94,0:40:32.50,Default,,0000,0000,0000,,as a relay operator say: “Okay, as\Na relay operator I don’t want to carry
Dialogue: 0,0:40:32.50,0:40:35.93,Default,,0000,0000,0000,,this type of content, and I don’t want to\Nbe responsible for serving up this type
Dialogue: 0,0:40:35.93,0:40:39.93,Default,,0000,0000,0000,,of content.” A relay operator could patch\Nhis relay and say: “You know what,
Dialogue: 0,0:40:39.93,0:40:44.02,Default,,0000,0000,0000,,if anyone comes to this relay requesting\Nanyone of these sites then, again, just
Dialogue: 0,0:40:44.02,0:40:48.74,Default,,0000,0000,0000,,refuse to do it”. The problem is a lot of\Nrelay operators need to do it. So a very,
Dialogue: 0,0:40:48.74,0:40:51.99,Default,,0000,0000,0000,,very large number of the potential relay\Noperators would need to do that
Dialogue: 0,0:40:51.99,0:40:56.17,Default,,0000,0000,0000,,to effectively block these sites. The\Nfinal option is the Tor Project could
Dialogue: 0,0:40:56.17,0:41:00.74,Default,,0000,0000,0000,,modify the Tor program and actually embed\Nthese ingresses in the Tor program itself
Dialogue: 0,0:41:00.74,0:41:05.03,Default,,0000,0000,0000,,so as that all relays by default both\Nblock hidden service directory requests
Dialogue: 0,0:41:05.03,0:41:10.56,Default,,0000,0000,0000,,to these sites, and also clients themselves\Nwould say: “Okay, if anyone’s requesting
Dialogue: 0,0:41:10.56,0:41:15.00,Default,,0000,0000,0000,,these block them at the client level.”\NNow I hasten to add: I’m not advocating
Dialogue: 0,0:41:15.00,0:41:18.23,Default,,0000,0000,0000,,any kind of action that is entirely up to\Nother people because, frankly, I think
Dialogue: 0,0:41:18.23,0:41:22.53,Default,,0000,0000,0000,,if I advocated blocking hidden services\NI probably wouldn’t make it out alive,
Dialogue: 0,0:41:22.53,0:41:27.05,Default,,0000,0000,0000,,so I’m just saying: this is a description\Nof what technical measures could be used
Dialogue: 0,0:41:27.05,0:41:30.73,Default,,0000,0000,0000,,to block some classes of sites. And of\Ncourse there’s lots of questions here.
Dialogue: 0,0:41:30.73,0:41:35.15,Default,,0000,0000,0000,,If e.g. the Tor Project themselves decided:\N“Okay, we’re gonna block these sites”
Dialogue: 0,0:41:35.15,0:41:38.49,Default,,0000,0000,0000,,that means they are essentially\Nin control of the block list.
Dialogue: 0,0:41:38.49,0:41:41.36,Default,,0000,0000,0000,,The block list would be somewhat public\Nso everyone would be up to inspect
Dialogue: 0,0:41:41.36,0:41:44.93,Default,,0000,0000,0000,,what the sites are that are being blocked\Nand they would be in control of some kind
Dialogue: 0,0:41:44.93,0:41:54.36,Default,,0000,0000,0000,,of block list. Which, you know, arguably\Nis against what the Tor Projects are after.
Dialogue: 0,0:41:54.36,0:41:59.56,Default,,0000,0000,0000,,{\i1}takes a sip, coughs{\i0}
Dialogue: 0,0:41:59.56,0:42:05.48,Default,,0000,0000,0000,,So how about deanonymising visitors\Nto hidden service web sites?
Dialogue: 0,0:42:05.48,0:42:08.94,Default,,0000,0000,0000,,So in this case we got a user on the\Nleft-hand side who is connected to
Dialogue: 0,0:42:08.94,0:42:12.63,Default,,0000,0000,0000,,a Guard node. We’ve got a hidden service\Non the right-hand side who is connected
Dialogue: 0,0:42:12.63,0:42:17.53,Default,,0000,0000,0000,,to a Guard node and on the top we got\None of those directory servers which is
Dialogue: 0,0:42:17.53,0:42:21.85,Default,,0000,0000,0000,,responsible for serving up those\Nhidden service directory requests.
Dialogue: 0,0:42:21.85,0:42:28.66,Default,,0000,0000,0000,,Now, when you first want to connect to\Na hidden service you connect through
Dialogue: 0,0:42:28.66,0:42:31.62,Default,,0000,0000,0000,,your Guard node and through a couple of hops\Nup to the hidden service directory and
Dialogue: 0,0:42:31.62,0:42:35.84,Default,,0000,0000,0000,,you request the descriptor off of them.\NSo at this point if you are the attacker
Dialogue: 0,0:42:35.84,0:42:39.44,Default,,0000,0000,0000,,and you control one of the hidden service\Ndirectory nodes for a particular site
Dialogue: 0,0:42:39.44,0:42:43.10,Default,,0000,0000,0000,,you can send back down the circuit\Na particular pattern of traffic.
Dialogue: 0,0:42:43.10,0:42:47.74,Default,,0000,0000,0000,,And if you control that user’s\NGuard node – which is a big if –
Dialogue: 0,0:42:47.74,0:42:52.11,Default,,0000,0000,0000,,then you can spot that pattern of traffic\Nat the Guard node. The question is:
Dialogue: 0,0:42:52.11,0:42:56.94,Default,,0000,0000,0000,,“How do you control a particular user’s\NGuard node?” That’s very, very hard.
Dialogue: 0,0:42:56.94,0:43:01.48,Default,,0000,0000,0000,,But if e.g. I run a hidden service and all\Nof you visit my hidden service, and
Dialogue: 0,0:43:01.48,0:43:05.67,Default,,0000,0000,0000,,I’m running a couple of dodgy Guard relays\Nthen the probability is that some of you,
Dialogue: 0,0:43:05.67,0:43:09.76,Default,,0000,0000,0000,,certainly not all of you by any stretch will\Nselect my dodgy Guard relay, and
Dialogue: 0,0:43:09.76,0:43:13.22,Default,,0000,0000,0000,,I could deanonymise you, but I couldn’t\Ndeanonymise the rest of them.
Dialogue: 0,0:43:13.22,0:43:18.26,Default,,0000,0000,0000,,So what we’re saying here is that\Nyou can deanonymise some of the users
Dialogue: 0,0:43:18.26,0:43:22.13,Default,,0000,0000,0000,,some of the time but you can’t pick which\Nusers those are which you’re going to
Dialogue: 0,0:43:22.13,0:43:26.61,Default,,0000,0000,0000,,deanonymise. You can’t deanonymise someone\Nspecific but you can deanonymise a fraction
Dialogue: 0,0:43:26.61,0:43:32.17,Default,,0000,0000,0000,,based on what fraction of the network you\Ncontrol in terms of Guard capacity.
Dialogue: 0,0:43:32.17,0:43:36.34,Default,,0000,0000,0000,,How about… so the attacker controls those\Ntwo – here’s a picture from a research of
Dialogue: 0,0:43:36.34,0:43:40.20,Default,,0000,0000,0000,,the University of Luxemburg which\Ndid this. And these are plots of
Dialogue: 0,0:43:40.20,0:43:45.27,Default,,0000,0000,0000,,taking the user’s IP address visiting\Na C&C server, and then geolocating it
Dialogue: 0,0:43:45.27,0:43:48.48,Default,,0000,0000,0000,,and putting it on a map. So “where was the\Nuser located when they called one of
Dialogue: 0,0:43:48.48,0:43:51.62,Default,,0000,0000,0000,,the Tor hidden services?” So, again,\Nthis is a selection, a percentage
Dialogue: 0,0:43:51.62,0:43:58.06,Default,,0000,0000,0000,,of the users visiting C&C servers\Nusing this technique.
Dialogue: 0,0:43:58.06,0:44:03.77,Default,,0000,0000,0000,,How about deanonymising hidden services\Nthemselves? Well, again, you got a problem.
Dialogue: 0,0:44:03.77,0:44:08.34,Default,,0000,0000,0000,,You’re the user. You’re gonna connect\Nthrough your Guard into the Tor network.
Dialogue: 0,0:44:08.34,0:44:12.16,Default,,0000,0000,0000,,And then, eventually, through the hidden\Nservice’s Guard node, and talk to
Dialogue: 0,0:44:12.16,0:44:16.74,Default,,0000,0000,0000,,the hidden service. As the attacker you\Nneed to control the hidden service’s
Dialogue: 0,0:44:16.74,0:44:20.86,Default,,0000,0000,0000,,Guard node to do these traffic correlation\Nattacks. So again, it’s very difficult
Dialogue: 0,0:44:20.86,0:44:24.39,Default,,0000,0000,0000,,to deanonymise a specific Tor hidden\Nservice. But if you think about, okay,
Dialogue: 0,0:44:24.39,0:44:30.20,Default,,0000,0000,0000,,there is 1.000 Tor hidden services, if you\Ncan control a percentage of the Guard nodes
Dialogue: 0,0:44:30.20,0:44:34.23,Default,,0000,0000,0000,,then some hidden services will pick you\Nand then you’ll be able to deanonymise those.
Dialogue: 0,0:44:34.23,0:44:37.33,Default,,0000,0000,0000,,So provided you don’t care which hidden\Nservices you gonna deanonymise
Dialogue: 0,0:44:37.33,0:44:41.40,Default,,0000,0000,0000,,then it becomes much more straight-forward\Nto control the Guard nodes of some hidden
Dialogue: 0,0:44:41.40,0:44:44.91,Default,,0000,0000,0000,,services but you can’t pick exactly\Nwhat those are.
Dialogue: 0,0:44:44.91,0:44:51.04,Default,,0000,0000,0000,,So what sort of data can you see\Ntraversing a relay?
Dialogue: 0,0:44:51.04,0:44:55.88,Default,,0000,0000,0000,,This is a modified Tor client which just\Ndumps cells which are coming…
Dialogue: 0,0:44:55.88,0:44:58.75,Default,,0000,0000,0000,,essentially packets travelling down\Na circuit, and the information you can
Dialogue: 0,0:44:58.75,0:45:04.02,Default,,0000,0000,0000,,extract from them at a Guard node.\NAnd this is done off the main Tor network.
Dialogue: 0,0:45:04.02,0:45:08.59,Default,,0000,0000,0000,,So I’ve got a client connected to\Na “malicious” Guard relay
Dialogue: 0,0:45:08.59,0:45:14.04,Default,,0000,0000,0000,,and it logs every single packet – they’re\Ncalled ‘cells’ in the Tor protocol –
Dialogue: 0,0:45:14.04,0:45:17.62,Default,,0000,0000,0000,,coming through the Guard relay. We can’t\Ndecrypt the packet because it’s encrypted
Dialogue: 0,0:45:17.62,0:45:21.78,Default,,0000,0000,0000,,three times. What we can record,\Nthough, is the IP address of the user,
Dialogue: 0,0:45:21.78,0:45:25.07,Default,,0000,0000,0000,,the IP address of the next hop,\Nand we can count packets travelling
Dialogue: 0,0:45:25.07,0:45:29.24,Default,,0000,0000,0000,,in each direction down the circuit. And we\Ncan also record the time at which those
Dialogue: 0,0:45:29.24,0:45:32.21,Default,,0000,0000,0000,,packets were sent. So of course, if you’re\Ndoing the traffic correlation attacks
Dialogue: 0,0:45:32.21,0:45:37.97,Default,,0000,0000,0000,,you’re using that time in the information\Nto try and work out whether you’re seeing
Dialogue: 0,0:45:37.97,0:45:42.37,Default,,0000,0000,0000,,traffic which you’ve sent and which\Nidentifies a particular user or not.
Dialogue: 0,0:45:42.37,0:45:44.81,Default,,0000,0000,0000,,Or indeed traffic which they’ve sent\Nwhich you’ve seen at a different point
Dialogue: 0,0:45:44.81,0:45:49.10,Default,,0000,0000,0000,,in the network.
Dialogue: 0,0:45:49.10,0:45:51.98,Default,,0000,0000,0000,,Moving on to my…
Dialogue: 0,0:45:51.98,0:45:55.76,Default,,0000,0000,0000,,…interesting problems,\Nresearch questions etc.
Dialogue: 0,0:45:55.76,0:45:59.25,Default,,0000,0000,0000,,Based on what I’ve said, I’ve said there’s\Nthese directory authorities which are
Dialogue: 0,0:45:59.25,0:46:05.07,Default,,0000,0000,0000,,controlled by the core Tor members. If\Ne.g. they were malicious then they could
Dialogue: 0,0:46:05.07,0:46:08.99,Default,,0000,0000,0000,,manipulate the Tor… – if a big enough\Nchunk of them are malicious then
Dialogue: 0,0:46:08.99,0:46:12.70,Default,,0000,0000,0000,,they can manipulate the consensus\Nto direct you to particular nodes.
Dialogue: 0,0:46:12.70,0:46:15.92,Default,,0000,0000,0000,,I don’t think that’s the case, and that\Nanyone thinks that’s the case.
Dialogue: 0,0:46:15.92,0:46:19.18,Default,,0000,0000,0000,,And Tor is designed in a way to tr…\NI mean that you’d have to control
Dialogue: 0,0:46:19.18,0:46:22.48,Default,,0000,0000,0000,,a certain number of the authorities\Nto be able to do anything important.
Dialogue: 0,0:46:22.48,0:46:25.27,Default,,0000,0000,0000,,So the Tor people… I said this\Nto them a couple of days ago.
Dialogue: 0,0:46:25.27,0:46:28.78,Default,,0000,0000,0000,,I find it quite funny that you’d design\Nyour system as if you don’t trust
Dialogue: 0,0:46:28.78,0:46:31.88,Default,,0000,0000,0000,,each other. To which their response was:\N“No, we design our system so that
Dialogue: 0,0:46:31.88,0:46:35.62,Default,,0000,0000,0000,,we don’t have to trust each other.” Which\NI think is a very good model to have,
Dialogue: 0,0:46:35.62,0:46:39.43,Default,,0000,0000,0000,,when you have this type of system.\NSo could we eliminate these sort of
Dialogue: 0,0:46:39.43,0:46:43.24,Default,,0000,0000,0000,,centralized servers? I think that’s\Nactually a very hard problem to do.
Dialogue: 0,0:46:43.24,0:46:46.34,Default,,0000,0000,0000,,There are lots of attacks which could\Npotentially be deployed against
Dialogue: 0,0:46:46.34,0:46:51.25,Default,,0000,0000,0000,,a decentralized network. At the moment the\NTor network is relatively well understood
Dialogue: 0,0:46:51.25,0:46:54.49,Default,,0000,0000,0000,,both in terms of what types of attack it\Nis vulnerable to. So if we were to move
Dialogue: 0,0:46:54.49,0:46:58.88,Default,,0000,0000,0000,,to a new architecture then we may open it\Nto a whole new class of attacks.
Dialogue: 0,0:46:58.88,0:47:02.00,Default,,0000,0000,0000,,The Tor network has been existing\Nfor quite some time and it’s been
Dialogue: 0,0:47:02.00,0:47:06.82,Default,,0000,0000,0000,,very well studied. What about global\Nadversaries like the NSA, where you could
Dialogue: 0,0:47:06.82,0:47:10.98,Default,,0000,0000,0000,,monitor network links all across the\Nworld? It’s very difficult to defend
Dialogue: 0,0:47:10.98,0:47:15.53,Default,,0000,0000,0000,,against that. Where they can monitor…\Nif they can identify which Guard relay
Dialogue: 0,0:47:15.53,0:47:18.76,Default,,0000,0000,0000,,you’re using, they can monitor traffic\Ngoing into and out of the Guard relay,
Dialogue: 0,0:47:18.76,0:47:23.26,Default,,0000,0000,0000,,and they log each of the subsequent hops\Nalong. It’s very, very difficult to defend against
Dialogue: 0,0:47:23.26,0:47:26.47,Default,,0000,0000,0000,,these types of things. Do we know if\Nthey’re doing it? The documents that were
Dialogue: 0,0:47:26.47,0:47:29.85,Default,,0000,0000,0000,,released yesterday – I’ve only had a very\Nbrief look through them, but they suggest
Dialogue: 0,0:47:29.85,0:47:32.48,Default,,0000,0000,0000,,that they’re not presently doing it and\Nthey haven’t had much success.
Dialogue: 0,0:47:32.48,0:47:36.45,Default,,0000,0000,0000,,I don’t know why, there are very powerful\Nattacks described in the academic literature
Dialogue: 0,0:47:36.45,0:47:40.83,Default,,0000,0000,0000,,which are very, very reliable and most\Nacademic literature you can access for free
Dialogue: 0,0:47:40.83,0:47:43.96,Default,,0000,0000,0000,,so it’s not even as if they have to figure\Nout how to do it. They just have to read
Dialogue: 0,0:47:43.96,0:47:47.01,Default,,0000,0000,0000,,the academic literature and try and\Nimplement some of these attacks.
Dialogue: 0,0:47:47.01,0:47:52.00,Default,,0000,0000,0000,,I don’t know what – why they’re not. The\Nnext question is how to detect malicious
Dialogue: 0,0:47:52.00,0:47:57.76,Default,,0000,0000,0000,,relays. So in my case we’re running\N40 relays. Our relays were on consecutive
Dialogue: 0,0:47:57.76,0:48:01.57,Default,,0000,0000,0000,,IP addresses, so we’re running 40\N– well, most of them are on consecutive
Dialogue: 0,0:48:01.57,0:48:04.82,Default,,0000,0000,0000,,IP addresses in two blocks. So they’re\Nrunning on IP addresses numbered
Dialogue: 0,0:48:04.82,0:48:09.28,Default,,0000,0000,0000,,e.g. 1,2,3,4,…\NWe were running two relays per IP address,
Dialogue: 0,0:48:09.28,0:48:12.21,Default,,0000,0000,0000,,and every single relay had my name\Nplastered across it.
Dialogue: 0,0:48:12.21,0:48:14.74,Default,,0000,0000,0000,,So after I set up these 40 relays in
Dialogue: 0,0:48:14.74,0:48:17.42,Default,,0000,0000,0000,,a relatively short period of time\NI expected someone from the Tor Project
Dialogue: 0,0:48:17.42,0:48:22.26,Default,,0000,0000,0000,,to come to me and say: “Hey Gareth, what\Nare you doing?” – no one noticed,
Dialogue: 0,0:48:22.26,0:48:26.09,Default,,0000,0000,0000,,no one noticed. So this is presently\Nan open question. On the Tor Project
Dialogue: 0,0:48:26.09,0:48:28.79,Default,,0000,0000,0000,,they’re quite open about this. They\Nacknowledged that, in fact, last year
Dialogue: 0,0:48:28.79,0:48:33.21,Default,,0000,0000,0000,,we had the CERT researchers launch much\Nmore relays than that. The Tor Project
Dialogue: 0,0:48:33.21,0:48:36.51,Default,,0000,0000,0000,,spotted those large number of relays\Nbut chose not to do anything about it
Dialogue: 0,0:48:36.51,0:48:40.12,Default,,0000,0000,0000,,and, in fact, they were deploying an\Nattack. But, as you know, it’s often very
Dialogue: 0,0:48:40.12,0:48:43.70,Default,,0000,0000,0000,,difficult to defend against unknown\Nattacks. So at the moment how to detect
Dialogue: 0,0:48:43.70,0:48:47.78,Default,,0000,0000,0000,,malicious relays is a bit of an open\Nquestion. Which as I think is being
Dialogue: 0,0:48:47.78,0:48:50.72,Default,,0000,0000,0000,,discussed on the mailing list.
Dialogue: 0,0:48:50.72,0:48:54.23,Default,,0000,0000,0000,,The other one is defending against unknown\Ntampering at exits. If you took or take
Dialogue: 0,0:48:54.23,0:48:57.22,Default,,0000,0000,0000,,the exit relays – the exit relay\Ncan tamper with the traffic.
Dialogue: 0,0:48:57.22,0:49:01.04,Default,,0000,0000,0000,,So we know particular types of attacks\Ndoing SSL man-in-the-middles etc.
Dialogue: 0,0:49:01.04,0:49:05.35,Default,,0000,0000,0000,,We’ve seen recently binary patching.\NHow do we detect unknown tampering
Dialogue: 0,0:49:05.35,0:49:08.97,Default,,0000,0000,0000,,with traffic, other types of traffic? So\Nthe binary tampering wasn’t spotted
Dialogue: 0,0:49:08.97,0:49:12.06,Default,,0000,0000,0000,,until it was spotted by someone who\Ntold the Tor Project. So it wasn’t
Dialogue: 0,0:49:12.06,0:49:15.61,Default,,0000,0000,0000,,detected e.g. by the Tor Project\Nthemselves, it was spotted by someone else
Dialogue: 0,0:49:15.61,0:49:20.50,Default,,0000,0000,0000,,and notified to them. And then the final\None open on here is the Tor code review.
Dialogue: 0,0:49:20.50,0:49:25.40,Default,,0000,0000,0000,,So the Tor code is open source. We know\Nfrom OpenSSL that, although everyone
Dialogue: 0,0:49:25.40,0:49:29.26,Default,,0000,0000,0000,,can read source code, people don’t always\Nlook at it. And OpenSSL has been
Dialogue: 0,0:49:29.26,0:49:32.23,Default,,0000,0000,0000,,a huge mess, and there’s been\Nlots of stuff disclosed over that
Dialogue: 0,0:49:32.23,0:49:35.88,Default,,0000,0000,0000,,over the last coming days. There are\Nlots of eyes on the Tor code but I think
Dialogue: 0,0:49:35.88,0:49:41.52,Default,,0000,0000,0000,,always, more eyes are better. I’d say,\Nideally if we can get people to look
Dialogue: 0,0:49:41.52,0:49:45.14,Default,,0000,0000,0000,,at the Tor code and look for\Nvulnerabilities then… I encourage people
Dialogue: 0,0:49:45.14,0:49:49.86,Default,,0000,0000,0000,,to do that. It’s a very useful thing to\Ndo. There could be unknown vulnerabilities
Dialogue: 0,0:49:49.86,0:49:53.12,Default,,0000,0000,0000,,as we’ve seen with the “relay early” type\Nquite recently in the Tor code which
Dialogue: 0,0:49:53.12,0:49:56.99,Default,,0000,0000,0000,,could be quite serious. The truth is we\Njust don’t know until people do thorough
Dialogue: 0,0:49:56.99,0:50:02.50,Default,,0000,0000,0000,,code audits, and even then it’s very\Ndifficult to know for certain.
Dialogue: 0,0:50:02.50,0:50:08.17,Default,,0000,0000,0000,,So my last point, I think, yes,
Dialogue: 0,0:50:08.17,0:50:11.13,Default,,0000,0000,0000,,is advice to future researchers.\NSo if you ever wanted, or are planning
Dialogue: 0,0:50:11.13,0:50:16.35,Default,,0000,0000,0000,,on doing a study in the future, e.g. on\NTor, do not do what the CERT researchers
Dialogue: 0,0:50:16.35,0:50:20.55,Default,,0000,0000,0000,,do and start deanonymising people on the\Nlive Tor network and doing it in a way
Dialogue: 0,0:50:20.55,0:50:25.06,Default,,0000,0000,0000,,which is incredibly irresponsible. I don’t\Nthink…I mean, I tend, myself, to give you with
Dialogue: 0,0:50:25.06,0:50:28.51,Default,,0000,0000,0000,,the benefit of a doubt, I don’t think the\NCERT researchers set out to be malicious.
Dialogue: 0,0:50:28.51,0:50:33.32,Default,,0000,0000,0000,,I think they’re just very naive.\NThat’s what it was they were doing.
Dialogue: 0,0:50:33.32,0:50:36.78,Default,,0000,0000,0000,,That was rapidly pointed out to them.\NIn my case we are running
Dialogue: 0,0:50:36.78,0:50:43.09,Default,,0000,0000,0000,,40 relays. Our Tor relays they were forwarding\Ntraffic, they were acting as good relays.
Dialogue: 0,0:50:43.09,0:50:45.97,Default,,0000,0000,0000,,The only thing that we were doing\Nwas logging publication requests
Dialogue: 0,0:50:45.97,0:50:50.05,Default,,0000,0000,0000,,to the directories. Big question whether\Nthat’s malicious or not – I don’t know.
Dialogue: 0,0:50:50.05,0:50:53.33,Default,,0000,0000,0000,,One thing that has been pointed out to me\Nis that the .onion addresses themselves
Dialogue: 0,0:50:53.33,0:50:58.27,Default,,0000,0000,0000,,could be considered sensitive information,\Nso any data we will be retaining
Dialogue: 0,0:50:58.27,0:51:01.84,Default,,0000,0000,0000,,from the study is the aggregated data.\NSo we won't be retaining information
Dialogue: 0,0:51:01.84,0:51:05.40,Default,,0000,0000,0000,,on individual .onion addresses because\Nthat could potentially be considered
Dialogue: 0,0:51:05.40,0:51:08.90,Default,,0000,0000,0000,,sensitive information. If you think about\Nsomeone running an .onion address which
Dialogue: 0,0:51:08.90,0:51:11.24,Default,,0000,0000,0000,,contains something which they don’t want\Nother people knowing about. So we won’t
Dialogue: 0,0:51:11.24,0:51:15.06,Default,,0000,0000,0000,,be retaining that data, and\Nwe’ll be destroying them.
Dialogue: 0,0:51:15.06,0:51:19.92,Default,,0000,0000,0000,,So I think that brings me now\Nto starting the questions.
Dialogue: 0,0:51:19.92,0:51:22.77,Default,,0000,0000,0000,,I want to say “Thanks” to a couple of\Npeople. The student who donated
Dialogue: 0,0:51:22.77,0:51:26.82,Default,,0000,0000,0000,,the server to us. Nick Savage who is one\Nof my colleagues who was a sounding board
Dialogue: 0,0:51:26.82,0:51:30.51,Default,,0000,0000,0000,,during the entire study. Ivan Pustogarov\Nwho is the researcher at the University
Dialogue: 0,0:51:30.51,0:51:34.70,Default,,0000,0000,0000,,of Luxembourg who sent us the large data\Nset of .onion addresses from last year.
Dialogue: 0,0:51:34.70,0:51:37.67,Default,,0000,0000,0000,,He’s also the chap who has demonstrated\Nthose deanonymisation attacks
Dialogue: 0,0:51:37.67,0:51:41.50,Default,,0000,0000,0000,,that I talked about. A big "Thank you" to\NRoger Dingledine who has frankly been…
Dialogue: 0,0:51:41.50,0:51:45.23,Default,,0000,0000,0000,,presented loads of questions to me over\Nthe last couple of days and allowed me
Dialogue: 0,0:51:45.23,0:51:49.41,Default,,0000,0000,0000,,to bounce ideas back and forth.\NThat has been a very useful process.
Dialogue: 0,0:51:49.41,0:51:53.64,Default,,0000,0000,0000,,If you are doing future research I strongly\Nencourage you to contact the Tor Project
Dialogue: 0,0:51:53.64,0:51:57.04,Default,,0000,0000,0000,,at the earliest opportunity. You’ll find\Nthem… certainly I found them to be
Dialogue: 0,0:51:57.04,0:51:59.46,Default,,0000,0000,0000,,extremely helpful.
Dialogue: 0,0:51:59.46,0:52:04.64,Default,,0000,0000,0000,,Donncha also did something similar,\Nso both Ivan and Donncha have done
Dialogue: 0,0:52:04.64,0:52:09.52,Default,,0000,0000,0000,,a similar study in trying to classify the\Ntypes of hidden services or work out
Dialogue: 0,0:52:09.52,0:52:13.52,Default,,0000,0000,0000,,how many hits there are to particular\Ntypes of hidden service. Ivan Pustogarov
Dialogue: 0,0:52:13.52,0:52:17.43,Default,,0000,0000,0000,,did it on a bigger scale\Nand found similar results to us.
Dialogue: 0,0:52:17.43,0:52:21.91,Default,,0000,0000,0000,,That is that these abuse sites\Nfeatured frequently
Dialogue: 0,0:52:21.91,0:52:26.74,Default,,0000,0000,0000,,in the top requested sites. That was done\Nover a year ago, and again, he was seeing
Dialogue: 0,0:52:26.74,0:52:31.11,Default,,0000,0000,0000,,similar sorts of pattern. There were these\Nabuse sites being requested frequently.
Dialogue: 0,0:52:31.11,0:52:35.45,Default,,0000,0000,0000,,So that also sort of probates\Nwhat we’re saying.
Dialogue: 0,0:52:35.45,0:52:38.54,Default,,0000,0000,0000,,The data I put online is at this address,\Nthere will probably be the slides,
Dialogue: 0,0:52:38.54,0:52:41.61,Default,,0000,0000,0000,,something called ‘The Tor Research\NFramework’ which is an implementation
Dialogue: 0,0:52:41.61,0:52:47.51,Default,,0000,0000,0000,,of a Java client, so an implementation\Nof a Tor client in Java specifically aimed
Dialogue: 0,0:52:47.51,0:52:52.08,Default,,0000,0000,0000,,at researchers. So if e.g. you wanna pull\Nout data from a consensus you can do.
Dialogue: 0,0:52:52.08,0:52:55.29,Default,,0000,0000,0000,,If you want to build custom routes\Nthrough the network you can do.
Dialogue: 0,0:52:55.29,0:52:58.23,Default,,0000,0000,0000,,If you want to build routes through the\Nnetwork and start sending padding traffic
Dialogue: 0,0:52:58.23,0:53:01.72,Default,,0000,0000,0000,,down them you can do etc.\NThe code is designed in a way which is
Dialogue: 0,0:53:01.72,0:53:06.00,Default,,0000,0000,0000,,designed to be easily modifiable\Nfor testing lots of these things.
Dialogue: 0,0:53:06.00,0:53:10.58,Default,,0000,0000,0000,,There is also a link to the Tor FBI\Nexploit which they deployed against
Dialogue: 0,0:53:10.58,0:53:16.23,Default,,0000,0000,0000,,visitors to some Tor hidden services last\Nyear. They exploited a Mozilla Firefox bug
Dialogue: 0,0:53:16.23,0:53:20.54,Default,,0000,0000,0000,,and then ran code on users who were\Nvisiting these hidden service, and ran
Dialogue: 0,0:53:20.54,0:53:24.62,Default,,0000,0000,0000,,code on their computer to identify them.\NAt this address there is a link to that
Dialogue: 0,0:53:24.62,0:53:29.25,Default,,0000,0000,0000,,including a copy of the shell code and an\Nanalysis of exactly what it was doing.
Dialogue: 0,0:53:29.25,0:53:31.67,Default,,0000,0000,0000,,And then of course a list of references,\Nwith papers and things.
Dialogue: 0,0:53:31.67,0:53:34.26,Default,,0000,0000,0000,,So I’m quite happy to take questions now.
Dialogue: 0,0:53:34.26,0:53:46.96,Default,,0000,0000,0000,,{\i1}applause{\i0}
Dialogue: 0,0:53:46.96,0:53:50.88,Default,,0000,0000,0000,,Herald: Thanks for the nice talk!\NDo we have any questions
Dialogue: 0,0:53:50.88,0:53:57.00,Default,,0000,0000,0000,,from the internet?
Dialogue: 0,0:53:57.00,0:53:59.74,Default,,0000,0000,0000,,Signal Angel: One question. It’s very hard\Nto block addresses since creating them
Dialogue: 0,0:53:59.74,0:54:03.62,Default,,0000,0000,0000,,is cheap, and they can be generated\Nfor each user, and rotated often. So
Dialogue: 0,0:54:03.62,0:54:07.51,Default,,0000,0000,0000,,can you think of any other way\Nfor doing the blocking?
Dialogue: 0,0:54:07.51,0:54:09.80,Default,,0000,0000,0000,,Gareth: That is absolutely true, so, yes.\NIf you were to block a particular .onion
Dialogue: 0,0:54:09.80,0:54:13.06,Default,,0000,0000,0000,,address they can wail: “I want another\N.onion address.” So I don’t know of
Dialogue: 0,0:54:13.06,0:54:16.76,Default,,0000,0000,0000,,any way to counter that now.
Dialogue: 0,0:54:16.76,0:54:18.51,Default,,0000,0000,0000,,Herald: Another one from the internet?\N{\i1}inaudible answer from Signal Angel{\i0}
Dialogue: 0,0:54:18.51,0:54:22.03,Default,,0000,0000,0000,,Okay, then, Microphone 1, please!
Dialogue: 0,0:54:22.03,0:54:26.36,Default,,0000,0000,0000,,Question: Thank you, that’s fascinating\Nresearch. You mentioned that it is
Dialogue: 0,0:54:26.36,0:54:32.20,Default,,0000,0000,0000,,possible to influence the hash of your\Nrelay node in a sense that you could
Dialogue: 0,0:54:32.20,0:54:35.97,Default,,0000,0000,0000,,to be choosing which service you are\Nadvertising, or which hidden service
Dialogue: 0,0:54:35.97,0:54:38.05,Default,,0000,0000,0000,,you are responsible for. Is that right?\NGareth: Yeah, correct!
Dialogue: 0,0:54:38.05,0:54:40.39,Default,,0000,0000,0000,,Question: So could you elaborate\Non how this is possible?
Dialogue: 0,0:54:40.39,0:54:44.74,Default,,0000,0000,0000,,Gareth: So e.g. you just keep regenerating\Na public key for your relay,
Dialogue: 0,0:54:44.74,0:54:48.14,Default,,0000,0000,0000,,you’ll get closer and closer to the point\Nwhere you’ll be the responsible relay
Dialogue: 0,0:54:48.14,0:54:51.16,Default,,0000,0000,0000,,for that particular hidden service. That’s\Njust – you keep regenerating your identity
Dialogue: 0,0:54:51.16,0:54:54.72,Default,,0000,0000,0000,,hash until you’re at that particular point\Nin the relay. That’s not particularly
Dialogue: 0,0:54:54.72,0:55:00.49,Default,,0000,0000,0000,,computationally intensive to do.\NThat was it?
Dialogue: 0,0:55:00.49,0:55:04.74,Default,,0000,0000,0000,,Herald: Okay, next question\Nfrom Microphone 5, please.
Dialogue: 0,0:55:04.74,0:55:09.49,Default,,0000,0000,0000,,Question: Hi, I was wondering for the\Nattacks where you identify a certain number
Dialogue: 0,0:55:09.49,0:55:15.17,Default,,0000,0000,0000,,of users using a hidden service. Have\Nthose attacks been used, or is there
Dialogue: 0,0:55:15.17,0:55:18.88,Default,,0000,0000,0000,,any evidence there, and is there\Nany way of protecting against that?
Dialogue: 0,0:55:18.88,0:55:22.26,Default,,0000,0000,0000,,Gareth: That’s a very interesting question,\Nis there any way to detect these types
Dialogue: 0,0:55:22.26,0:55:24.97,Default,,0000,0000,0000,,of attacks? So some of the attacks,\Nif you’re going to generate particular
Dialogue: 0,0:55:24.97,0:55:29.03,Default,,0000,0000,0000,,traffic patterns, one way to do that is to\Nuse the padding cells. The padding cells
Dialogue: 0,0:55:29.03,0:55:32.07,Default,,0000,0000,0000,,aren’t used at the moment by the official\NTor client. So the detection of those
Dialogue: 0,0:55:32.07,0:55:36.51,Default,,0000,0000,0000,,could be indicative but it doesn't... \Nit`s not conclusive evidence in our tool.
Dialogue: 0,0:55:36.51,0:55:40.05,Default,,0000,0000,0000,,Question: And is there any way of\Nprotecting against a government
Dialogue: 0,0:55:40.05,0:55:46.51,Default,,0000,0000,0000,,or something trying to denial-of-service\Nhidden services?
Dialogue: 0,0:55:46.51,0:55:48.18,Default,,0000,0000,0000,,Gareth: So I… trying to… did not…
Dialogue: 0,0:55:48.18,0:55:52.50,Default,,0000,0000,0000,,Question: Is it possible to protect\Nagainst this kind of attack?
Dialogue: 0,0:55:52.50,0:55:56.18,Default,,0000,0000,0000,,Gareth: Not that I’m aware of. The Tor\NProject are currently revising how they
Dialogue: 0,0:55:56.18,0:55:59.50,Default,,0000,0000,0000,,do the hidden service protocol which will\Nmake e.g. what I did, enumerating
Dialogue: 0,0:55:59.50,0:56:03.23,Default,,0000,0000,0000,,the hidden services, much more difficult.\NAnd to also be in a position on the
Dialogue: 0,0:56:03.23,0:56:07.47,Default,,0000,0000,0000,,distributed hash table in advance\Nfor a particular hidden service.
Dialogue: 0,0:56:07.47,0:56:10.51,Default,,0000,0000,0000,,So they are at the moment trying to change\Nthe way it’s done, and make some of
Dialogue: 0,0:56:10.51,0:56:15.27,Default,,0000,0000,0000,,these things more difficult.
Dialogue: 0,0:56:15.27,0:56:20.29,Default,,0000,0000,0000,,Herald: Good. Next question\Nfrom Microphone 2, please.
Dialogue: 0,0:56:20.29,0:56:27.22,Default,,0000,0000,0000,,Mic2: Hi. I’m running the Tor2Web abuse,\Nand so I used to see a lot of abuse of requests
Dialogue: 0,0:56:27.22,0:56:31.13,Default,,0000,0000,0000,,concerning the Tor hidden service\Nbeing exposed on the internet through
Dialogue: 0,0:56:31.13,0:56:37.27,Default,,0000,0000,0000,,the Tor2Web.org domain name. And I just\Nwanted to comment on, like you said,
Dialogue: 0,0:56:37.27,0:56:45.41,Default,,0000,0000,0000,,the abuse number of the requests. I used\Nto spoke with some of the child protection
Dialogue: 0,0:56:45.41,0:56:50.07,Default,,0000,0000,0000,,agencies that reported abuse at\NTor2Web.org, and they are effectively
Dialogue: 0,0:56:50.07,0:56:55.57,Default,,0000,0000,0000,,using crawlers that periodically look for\Nchanges in order to get new images to be
Dialogue: 0,0:56:55.57,0:57:00.19,Default,,0000,0000,0000,,put in the database. And what I was able\Nto understand is that the German agency
Dialogue: 0,0:57:00.19,0:57:07.44,Default,,0000,0000,0000,,doing that is crawling the same sites that\Nthe Italian agencies are crawling, too.
Dialogue: 0,0:57:07.44,0:57:11.89,Default,,0000,0000,0000,,So it’s likely that in most of the\Ncountries there are the child protection
Dialogue: 0,0:57:11.89,0:57:16.79,Default,,0000,0000,0000,,agencies that are crawling those few\Nnumbers of Tor hidden services that
Dialogue: 0,0:57:16.79,0:57:22.76,Default,,0000,0000,0000,,contain child porn. And I saw it also\Na bit from the statistics of Tor2Web
Dialogue: 0,0:57:22.76,0:57:28.50,Default,,0000,0000,0000,,where the amount of abuse relating to\Nthat kind of content, it’s relatively low.
Dialogue: 0,0:57:28.50,0:57:30.00,Default,,0000,0000,0000,,Just as contribution!
Dialogue: 0,0:57:30.00,0:57:33.50,Default,,0000,0000,0000,,Gareth: Yes, that’s very interesting,\Nthank you for that!
Dialogue: 0,0:57:33.50,0:57:37.26,Default,,0000,0000,0000,,{\i1}applause{\i0}
Dialogue: 0,0:57:37.26,0:57:39.56,Default,,0000,0000,0000,,Herald: Next, Microphone 4, please.
Dialogue: 0,0:57:39.56,0:57:45.26,Default,,0000,0000,0000,,Mic4: You then attacked or deanonymised\Nusers with an infected or a modified Guard
Dialogue: 0,0:57:45.26,0:57:51.81,Default,,0000,0000,0000,,relay? Is it required to modify the Guard\Nrelay if I control the entry point
Dialogue: 0,0:57:51.81,0:57:57.36,Default,,0000,0000,0000,,of the user to the internet?\NIf I’m his ISP?
Dialogue: 0,0:57:57.36,0:58:01.90,Default,,0000,0000,0000,,Gareth: Yes, if you observe traffic\Ntravelling into a Guard relay without
Dialogue: 0,0:58:01.90,0:58:04.57,Default,,0000,0000,0000,,controlling the Guard relay itself.\NMic4: Yeah.
Dialogue: 0,0:58:04.57,0:58:07.50,Default,,0000,0000,0000,,Gareth: In theory, yes. I wouldn’t be able\Nto tell you how reliable that is
Dialogue: 0,0:58:07.50,0:58:10.50,Default,,0000,0000,0000,,off the top of my head.\NMic4: Thanks!
Dialogue: 0,0:58:10.50,0:58:13.63,Default,,0000,0000,0000,,Herald: So another question\Nfrom the internet!
Dialogue: 0,0:58:13.63,0:58:16.34,Default,,0000,0000,0000,,Signal Angel: Wouldn’t the ability to\Nchoose the key hash prefix give
Dialogue: 0,0:58:16.34,0:58:19.98,Default,,0000,0000,0000,,the ability to target specific .onions?
Dialogue: 0,0:58:19.98,0:58:23.68,Default,,0000,0000,0000,,Gareth: So you can only target one .onion\Naddress at a time. Because of the way
Dialogue: 0,0:58:23.68,0:58:28.08,Default,,0000,0000,0000,,they are generated. So you wouldn’t be\Nable to say e.g. “Pick a key which targeted
Dialogue: 0,0:58:28.08,0:58:32.34,Default,,0000,0000,0000,,two or more .onion addresses.” You can\Nonly target one .onion address at a time
Dialogue: 0,0:58:32.34,0:58:37.72,Default,,0000,0000,0000,,by positioning yourself at a particular\Npoint on the distributed hash table.
Dialogue: 0,0:58:37.72,0:58:40.26,Default,,0000,0000,0000,,Herald: Another one\Nfrom the internet? … Okay.
Dialogue: 0,0:58:40.26,0:58:43.37,Default,,0000,0000,0000,,Then Microphone 3, please.
Dialogue: 0,0:58:43.37,0:58:47.78,Default,,0000,0000,0000,,Mic3: Hey. Thanks for this research.\NI think it strengthens the network.
Dialogue: 0,0:58:47.78,0:58:54.30,Default,,0000,0000,0000,,So in the deem (?) I was wondering whether\Nyou can donate this relays to be a part of
Dialogue: 0,0:58:54.30,0:58:59.50,Default,,0000,0000,0000,,non-malicious relays pool, basically\Nuse them as regular relays afterwards?
Dialogue: 0,0:58:59.50,0:59:02.75,Default,,0000,0000,0000,,Gareth: Okay, so can I donate the relays\Na rerun and at the Tor capacity (?) ?
Dialogue: 0,0:59:02.75,0:59:05.49,Default,,0000,0000,0000,,Unfortunately, I said they were run by\Na student and they were donated for
Dialogue: 0,0:59:05.49,0:59:09.51,Default,,0000,0000,0000,,a fixed period of time. So we’ve given\Nthose back to him. We are very grateful
Dialogue: 0,0:59:09.51,0:59:14.79,Default,,0000,0000,0000,,to him, he was very generous. In fact,\Nwithout his contribution donating these
Dialogue: 0,0:59:14.79,0:59:18.70,Default,,0000,0000,0000,,it would have been much more difficult\Nto collect as much data as we did.
Dialogue: 0,0:59:18.70,0:59:21.49,Default,,0000,0000,0000,,Herald: Good, next, Microphone 5, please!
Dialogue: 0,0:59:21.49,0:59:25.84,Default,,0000,0000,0000,,Mic5: Yeah hi, first of all thanks\Nfor your talk. I think you’ve raised
Dialogue: 0,0:59:25.84,0:59:29.31,Default,,0000,0000,0000,,some real issues that need to be\Nconsidered very carerfully by everyone
Dialogue: 0,0:59:29.31,0:59:33.95,Default,,0000,0000,0000,,on the Tor Project. My question: I’d like\Nto go back to the issue with so many
Dialogue: 0,0:59:33.95,0:59:38.47,Default,,0000,0000,0000,,abuse related web sites running over\Nthe Tor Project. I think it’s an important
Dialogue: 0,0:59:38.47,0:59:41.90,Default,,0000,0000,0000,,issue that really needs to be considered\Nbecause we don’t wanna be associated
Dialogue: 0,0:59:41.90,0:59:44.84,Default,,0000,0000,0000,,with that at the end of the day.\NAnyone who uses Tor, who runs a relay
Dialogue: 0,0:59:44.84,0:59:51.25,Default,,0000,0000,0000,,or an exit node. And I understand it’s\Na bit of a censored issue, and you don’t
Dialogue: 0,0:59:51.25,0:59:55.30,Default,,0000,0000,0000,,really have any say over whether it’s\Nimplemented or not. But I’d like to get
Dialogue: 0,0:59:55.30,1:00:02.41,Default,,0000,0000,0000,,your opinion on the implementation\Nof a distributed block-deny system
Dialogue: 0,1:00:02.41,1:00:06.98,Default,,0000,0000,0000,,that would run in very much a similar way\Nto those of the directory authorities.
Dialogue: 0,1:00:06.98,1:00:08.95,Default,,0000,0000,0000,,I’d just like to see what\Nyou think of that.
Dialogue: 0,1:00:08.95,1:00:13.20,Default,,0000,0000,0000,,Gareth: So you’re asking me whether I want\Nto support a particular blocking mechanism
Dialogue: 0,1:00:13.20,1:00:14.20,Default,,0000,0000,0000,,then?
Dialogue: 0,1:00:14.20,1:00:16.47,Default,,0000,0000,0000,,Mic5: I’d like to get your opinion on it.\N{\i1}Gareth laughs{\i0}
Dialogue: 0,1:00:16.47,1:00:20.54,Default,,0000,0000,0000,,I know it’s a sensitive issue but I think,\Nlike I said, I think something…
Dialogue: 0,1:00:20.54,1:00:25.70,Default,,0000,0000,0000,,I think it needs to be considered because\Neveryone running exit nodes and relays
Dialogue: 0,1:00:25.70,1:00:30.27,Default,,0000,0000,0000,,and people of the Tor Project don’t\Nwant to be known or associated with
Dialogue: 0,1:00:30.27,1:00:34.79,Default,,0000,0000,0000,,these massive amount of abuse web sites\Nthat currently exist within the Tor network.
Dialogue: 0,1:00:34.79,1:00:40.21,Default,,0000,0000,0000,,Gareth: I absolutely agree, and I think\Nthe Tor Project are horrified as well that
Dialogue: 0,1:00:40.21,1:00:43.96,Default,,0000,0000,0000,,this problem exists, and they, in fact,\Ntalked on it in previous years that
Dialogue: 0,1:00:43.96,1:00:48.69,Default,,0000,0000,0000,,they have a problem with this type of\Ncontent. I asked to what if anything is
Dialogue: 0,1:00:48.69,1:00:52.34,Default,,0000,0000,0000,,done about it, it’s very much up to them.\NCould it be done in a distributed fashion?
Dialogue: 0,1:00:52.34,1:00:56.24,Default,,0000,0000,0000,,So the example I gave was a way which\Nit could be done by relay operators.
Dialogue: 0,1:00:56.24,1:00:59.77,Default,,0000,0000,0000,,So e.g. that would need the consensus of\Na large number of relay operators to be
Dialogue: 0,1:00:59.77,1:01:02.89,Default,,0000,0000,0000,,effective. So that is done in\Na distributed fashion. The question is:
Dialogue: 0,1:01:02.89,1:01:06.81,Default,,0000,0000,0000,,who gives the list of .onion addresses to\Nblock to each of the relay operators?
Dialogue: 0,1:01:06.81,1:01:09.64,Default,,0000,0000,0000,,Clearly, the relay operators aren’t going\Nto collect themselves. It needs to be
Dialogue: 0,1:01:09.64,1:01:15.78,Default,,0000,0000,0000,,supplied by someone like the Tor Project,\Ne.g., or someone trustworthy. Yes, it can
Dialogue: 0,1:01:15.78,1:01:20.48,Default,,0000,0000,0000,,be done in a distributed fashion.\NIt can be done in an open fashion.
Dialogue: 0,1:01:20.48,1:01:21.71,Default,,0000,0000,0000,,Mic5: Who knows?\NGareth: Okay.
Dialogue: 0,1:01:21.71,1:01:23.75,Default,,0000,0000,0000,,Mic5: Thank you.
Dialogue: 0,1:01:23.75,1:01:27.26,Default,,0000,0000,0000,,Herald: Good. And another\Nquestion from the internet.
Dialogue: 0,1:01:27.26,1:01:31.21,Default,,0000,0000,0000,,Signal Angel: Apparently there’s an option\Nin the Tor client to collect statistics
Dialogue: 0,1:01:31.21,1:01:35.17,Default,,0000,0000,0000,,on hidden services. Do you know about\Nthis, and how it relates to your research?
Dialogue: 0,1:01:35.17,1:01:38.55,Default,,0000,0000,0000,,Gareth: Yes, I believe they’re going to\Nbe… the extent to which I know about it
Dialogue: 0,1:01:38.55,1:01:41.93,Default,,0000,0000,0000,,is they’re gonna be trying this next\Nmonth, to try and estimate how many
Dialogue: 0,1:01:41.93,1:01:46.49,Default,,0000,0000,0000,,hidden services there are. So keep\Nyour eye on the Tor Project web site,
Dialogue: 0,1:01:46.49,1:01:50.34,Default,,0000,0000,0000,,I’m sure they’ll be publishing\Ntheir data in the coming months.
Dialogue: 0,1:01:50.34,1:01:55.09,Default,,0000,0000,0000,,Herald: And, sadly, we are running out of\Ntime, so this will be the last question,
Dialogue: 0,1:01:55.09,1:01:56.98,Default,,0000,0000,0000,,so Microphone 4, please!
Dialogue: 0,1:01:56.98,1:02:01.25,Default,,0000,0000,0000,,Mic4: Hi, I’m just wondering if you could\Nsort of outline what ethical clearances
Dialogue: 0,1:02:01.25,1:02:04.51,Default,,0000,0000,0000,,you had to get from your university\Nto conduct this kind of research.
Dialogue: 0,1:02:04.51,1:02:07.26,Default,,0000,0000,0000,,Gareth: So we have to discuss these\Ntypes of things before undertaking
Dialogue: 0,1:02:07.26,1:02:11.97,Default,,0000,0000,0000,,any research. And we go through the steps\Nto make sure that we’re not e.g. storing
Dialogue: 0,1:02:11.97,1:02:16.37,Default,,0000,0000,0000,,sensitive information about particular\Npeople. So yes, we are very mindful
Dialogue: 0,1:02:16.37,1:02:19.24,Default,,0000,0000,0000,,of that. And that’s why I made a\Nparticular point of putting on the slides
Dialogue: 0,1:02:19.24,1:02:21.51,Default,,0000,0000,0000,,as to some of the things to consider.
Dialogue: 0,1:02:21.51,1:02:26.18,Default,,0000,0000,0000,,Mic4: So like… you outlined a potential\Nimplementation of the traffic correlation
Dialogue: 0,1:02:26.18,1:02:29.50,Default,,0000,0000,0000,,attack. Are you saying that\Nyou performed the attack? Or…
Dialogue: 0,1:02:29.50,1:02:33.18,Default,,0000,0000,0000,,Gareth: No, no no, absolutely not.\NSo the link I’m giving… absolutely not.
Dialogue: 0,1:02:33.18,1:02:34.85,Default,,0000,0000,0000,,We have not engaged in any…
Dialogue: 0,1:02:34.85,1:02:36.35,Default,,0000,0000,0000,,Mic4: It just wasn’t clear\Nfrom the slides.
Dialogue: 0,1:02:36.35,1:02:39.38,Default,,0000,0000,0000,,Gareth: I apologize. So it’s absolutely\Nclear on that. No, we’re not engaging
Dialogue: 0,1:02:39.38,1:02:42.86,Default,,0000,0000,0000,,in any deanonymisation research on the\NTor network. The research I showed
Dialogue: 0,1:02:42.86,1:02:46.08,Default,,0000,0000,0000,,is linked on the references, I think,\Nwhich I put at the end of the slides.
Dialogue: 0,1:02:46.08,1:02:52.00,Default,,0000,0000,0000,,You can read about it. But it’s done in\Nsimulation. So e.g. there’s a way
Dialogue: 0,1:02:52.00,1:02:54.73,Default,,0000,0000,0000,,to do simulation of the Tor network on\Na single computer. I can’t remember
Dialogue: 0,1:02:54.73,1:02:58.88,Default,,0000,0000,0000,,the name of the project, though.\NShadow! Yes, it’s a system
Dialogue: 0,1:02:58.88,1:03:02.17,Default,,0000,0000,0000,,called Shadow, we can run a large\Nnumber of Tor relays on a single computer
Dialogue: 0,1:03:02.17,1:03:04.58,Default,,0000,0000,0000,,and simulate the traffic between them.\NIf you’re going to do that type of research
Dialogue: 0,1:03:04.58,1:03:09.38,Default,,0000,0000,0000,,then you should use that. Okay,\Nthank you very much, everyone.
Dialogue: 0,1:03:09.38,1:03:17.98,Default,,0000,0000,0000,,{\i1}applause{\i0}
Dialogue: 0,1:03:17.98,1:03:22.07,Default,,0000,0000,0000,,{\i1}silent postroll titles{\i0}
Dialogue: 0,1:03:22.07,1:03:27.00,Default,,0000,0000,0000,,subtitles created by c3subtitles.de\NJoin, and help us!