pre-talk slides

svn:r1115

doc/codecon04.mgp

@@ -60,26 +60,43 @@ Deployed: 20 nodes, hundreds (?) of users
 
 Many improvements on earlier design
 
-Free software -- available source code
+Free software -- modified BSD license
 
 Design is not covered by earlier onion routing
 patent
 
+Uses SOCKS to interface with client apps
+
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 %page
 
-Talk Overview
-
-A bit about Onion Routing
+We have working code
 
-Improvements we've made
+(14 kloc of C)
 
-Some related work
+and a design document,
+and a byte-level specification,
+and a Debian package (in Unstable)
 
-Some lessons learned
+Works on Linux, BSD, OSX, Cygwin, ...
+User-space, doesn't need kernel mods or root
 
-Ask me questions
+%size 9
+http://freehaven.net/tor/
 
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%%page
+%%
+%%Talk Overview
+%%
+%%A bit about Onion Routing
+%%
+%%Improvements we've made
+%%
+%%Some related work
+%%
+%%Ask me questions
+%%
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 %page
 
@@ -95,7 +112,8 @@ Government applications
 	research, law enforcement
 %size 6
 Business applications
-	hide relationships and volumes of communication
+%size 5
+(hide relationships and volumes of communication)
 	Who is visiting job sites?
 	Which groups are talking to patent lawyers?
 	Who are your suppliers and customers?
@@ -106,6 +124,19 @@ Business applications
 
 Anonymity is a network effect
 
+	Systems need traffic (many low-sensitivity users) to attract the high-sensitivity users
+	Most users do not value anonymity much
+	Weak security (fast system) can mean more users
+		which can mean 
+%cont, font "italic"
+stronger 
+%cont, font "standard"
+anonymity
+	High-sensitivity agents have incentive to run nodes
+		so they can be certain first node in their path is good
+		to attract traffic for their messages
+	There can be an optimal level of free-riding
+
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 %page
 
@@ -122,10 +153,12 @@ Fixed-size cells
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 %page
 
-Tor's goal
+Tor's goals
 
-Conservative design (minimize new design work needed)
+Conservative design
+	minimize new design work needed
 
+%size 6
 Support testing of future research
 
 Design for deployment; deploy for use
@@ -133,13 +166,13 @@ Design for deployment; deploy for use
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 %page
 
-Threat model
-
-Protect against curious Bob
+Threat model -- what we aim for
 
 Protect against somebody watching Alice
 
-Protect against a few curious nodes in the middle
+Protect against curious Bob
+
+Protect against `some' curious nodes in the middle
 
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 %page
@@ -149,11 +182,13 @@ Differences / limitations
 
 We're TCP-only, not all IP (but we're user-space and very portable)
 
+Not as strong as high-latency systems (Mixmaster, Mixminion)
+
 Not peer-to-peer
 
 No protocol normalization
 
-%%Not unobservable
+Not unobservable (no steg, etc)
 
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 %page
@@ -164,12 +199,8 @@ Perfect forward secrecy
 Telescoping circuit
 
 	negotiates keys at each hop
+	no more need for replay detection
 
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-%%page
-%%
-%%Separation from "protocol cleaning"
-%%
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 %page
 
@@ -183,6 +214,33 @@ Please show us they're worth the usability tradeoff
 %%
 %%Many TCP streams can share one circuit
 %%
+
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%page
+
+Many TCP streams share a circuit
+
+Previous designs built a new circuit for each stream
+
+	lots of public key ops per request
+	plus anonymity dangers from making so many circuits
+
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%page
+
+Leaky-pipe circuit topology
+
+Alice can direct cells to any node in her circuit
+
+	So we can support long-range padding,
+	have multiple streams exiting at different places in the circuit
+	etc
+
+%size 6
+Unclear whether this is dangerous or useful
+
+More research needed
+
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 %page
 
@@ -193,11 +251,14 @@ Simple rate limiting
 
 Plus have to keep internal nodes from overflowing
 
+(Can't use global state or inter-node control)
+
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 %page
 
 Directory servers
 
+To solve the `introduction' problem
 
 Approve new servers
 
@@ -233,17 +294,32 @@ Even an external adversary could do this!
 
 Rendezvous points
 
-
 allow hidden services
 
+don't need (brittle) reply onions
+
+	Access-controlled: Bob can control who he talks to
+	Robust: Bob's service is available even when some Tor nodes go down
+	Smear-resistant: Evil service can't frame a rendezvous router
+	Application-transparent: Don't need to modify Bob's apache
+
+%size 6
+(Not implemented yet)
+
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 %page
 
-Related work
+How do we compare security?
 
-c/n vs c^2/n^2 vs 2
+Assume adversary owns c of n nodes
+	can choose which
+%size 6
+What's the chance for a random Alice and Bob that he wins?
 
-freedom, peekabooty, jap
+Freedom, Tor: (c/n)^2
+Peekabooty, six-four, etc: c/n
+Jap (if no padding): 1 if c>1
+Anonymizer: 1 if c>0
 
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 %page
@@ -252,11 +328,12 @@ Future work
 
 Threshold directory agreement
 
-Restricted-route (non-clique) topology
+Scalability: Morphmix/p2p extensions?
+Restricted-route (non-clique topology)
 
-Morphmix/p2p extensions?
+Non-TCP transport
 
-Location-hidden servers via rendezvous points
+Implement rendezvous points
 
 Make it work better
 
@@ -265,9 +342,9 @@ Make it work better
 
 We have working code
 
-
 Plus a design document,
 and a byte-level specification
+and a Debian package (in Unstable)
 
 %size 9
 http://freehaven.net/tor/