 Does it work? Can you hear me? That's fine. Okay. At least this. I had some slides, but they don't work, so It's going to be a little bit difficult maybe to follow some things, but I hope we'll manage Okay, yeah, so this work this talk was about onions and tour I'm actually from the tour project. I work from tour And how many you guys use store? Do you run relays you should run relays So Maybe you already know about the store and what does it do? So this there is a little I wanted to go through that, but I go through it more quickly also because I don't have all the network ski mine so that So we just talk about it So I wanted to talk how a tour can help you to have privacy and anonymity and How you can use store at the application layer so The best example is that our browser because he packs everything together and he's an application that you can use for a very common use case which is serve the web and Then I wanted to talk about onion services Current onion services and the next generation onion services a little bit and How you can use store? We didn't other applications through onion services So I had a picture of an onion So who am I my name is Sylvia it's on the slides you can download it later Some people are kind of confused because they're like all the anonymity people they They present each other with their names, but some of us do at least but I think privacy is about choice Right, so if you want to be visible, so you know who builds store and who develops and what does other things? We think it's okay to to do that So I work at tour I said that I'm also part of the information security group at UPC Barcelona Got my PhD there. I don't do much there anymore, but yes, they were part of that and I'm interested about Web tracking and all those things especially researching what other people share online and And so on So what is story? I'm tourist a privacy tool to begin with But it's also like a group of people diverse group of people. There are researcher. There are developers There are relay operators Volunteers people that just advocate for the project. There are a lot of different things It's an open network. It's a door network and It's an all-profit as well. So there are actually four million daily user on tour. So tour is also that and There are 7000 relays and three thousand bridges and 200 gigabyte per second bandwidth Advertised and half used so it means that We have capacity for at least double the users or well So when we want to talk about tour The easiest things that we can say is get that or provide privacy And that's something that people can relate with general people Then we can also say that or provides anonymity, which is something that another group of people can relate to and It also provides communication security for other people and if we want to be like very specific we said also that Toys perfect analysis resistance network and this is for a very small group of people But for activists it's reachability against censorship So that's important to it was purple before It was working but purple Yeah, that's the thing it's purple Okay So How to our provides privacy We want to we said that the idea to provides privacy is by design So we want to build our tool a privacy tool. So the idea behind tour is to distribute trust and if that is you didn't have to You Don't have to trust a single point or a single server or a single cable that cannot be topped you just You don't trust no one not the network and that's part because the tour traffic is distributed Across the relays so Okay, so How door works So we have Alice above and Bob they want to talk through the tour network But Alice is the client let's say and the client receive a list of Tor relays that they can reach and This is received from the directory server. So with this list Alice picks three nodes in the network and reaches Bob and The traffic across the tour network is encrypted with the liars. That's the onion actually in the onion routing But when it goes out, it's actually unencrypted So there is actually one thing that sometimes We have to remember is that if you use Unsecured protocols on the part of the traffic that goes outside of the core network. That's part is still visible So it's still even we story secure and it's anonymous and so on so important to you secure protocols Because there's always a part that goes outside um So we said before that tours provides anonymity and anonymity is more than encryption Because encryption doesn't protect metadata. It protects the content of the conversation but not who is talking to whom so your social graph and There is this great example that I saw in the presentation from the AFF a while ago And there is the thing that if you call suicide help prevention hotline on Christmas Eve and Nobody knows what you said, but they just know that you called them Does that do they really know? Can they already know the content of the conversation? At least they know you have an issue So that's that's something to remember about me to meet the data And another thing is that encryption doesn't hide your location. Anyway, so that's also something So When you can also use start the application layer and we have the example of the tour browser and actually the tour browser is a Package version modified of Firefox with some other things Yes, HTTPS anywhere for example. He has no script. He has the tour button the tour launcher in the past It was called Vidalia And the ideas that you use that the the tour browser To serve the web It's paced 17 before that Before yeah a little bit before Okay Okay, so You have all these things packed together and there is the we want to allow people to use stores safely with a scope, which is surf the web and Reduce tracking reduce the the possibility to link user activities across different websites We have also the part about onion services And how they provide be directional anonymity so Onion services first of all are hidden services. We change the name because bad press basically The word hidden was scaring people and they were giving Bad articles about it, so the name was changed and So we have a 16 characters on your notice on in base 32 Both the client and the server hired a location The communication sense inside the door network. So there is not this part of that goes outside and It can be used for TCP traffic. There is no UDP The last time interesting properties They're self-authenticated and to end encrypted Isolation not punching there is a lot of people they use it just for SSH For the limit attack surface and the sense of super-resistance So This is I would go quickly How it works? So Bob is an onion services and what he does he would pick free introduction point that I just relays basically and this will done randomly and then He will says to the hidden service directory, which is another relay that has been in the net of a longer amount of time I think it's 96 hours Hey, this is my descriptor. This is how to reach me. These are the nodes that I picked And then there is the client that knows that this hit onion service exists. So It will get the the client we'd have the address in the browser and the top browser will go to the hidden service directory and Says hey, give me the descriptor of these onion service So the way How does the client knows I'm it's predictable I mean the client can calculate which hidden service directory to ask to and It's actually a source of issues for a number of attacks That they've been on the network so once the The client knows the introduction points. He will make a connection with the onion service and They will tell the onion service. Hey, meet me on the rendezvous point and they exchange some secrets and they will just start talking Because of the way the client knows how to connect to the onion service there have been a number of attacks One the one idea is that because introduction point and The vectories are just relays you can run relays with the idea to learn about onion services and Just collect them and then crawl them and then index them or you can run When the relays with the idea to be introduction point or rendezvous point and learn who is connecting to hidden services and these attacks have been Mitigated with the next generation onion services So one thing that they the ship is better crypto. I think With onion services, it's 1024 okay and with And show on so these have been updated and then the other thing that we had is that The address line is the actual key of the service So it's from 16 to 254 characters which can be an issues, but Apparently no one types on in service address. So we are working at that, but still it's good But the one thing that is actually good is that the new key system allows to create to create sub keys So you can use a key maybe for a number of times and then you can rotate the keys Which is also good if you don't care about Delocation of the for example if you're debium and you want to run an onion service You can use rendezvousing on onion service in which you have a direct circuit through the rendezvous point and also because Of you will make it out more difficult to come to learn onion services and to learn was connected to onion services by using a system of Interduction point there is more a little bit more complicated. It's called Vanguard's and Also, they're adding a Share a randomness in the description ID That also makes it more difficult to predict which hidden services director is going to have the descriptor But still can be calculated by the client So You can use onion services within other applications and The idea is that They can be integrated to be more secure like if you have a part of your application that you want to run as an onion services And now also this only disconnection to it That can be possible It's interesting for microservice application of which is running some connection through a database or something through it and and There is actually An example that we that we that someone did read the web sockets that was interesting and It's about our publish subscriber protocol that use onion services That's it if you have questions Sure The question is about the directory service how many of them and how the clients note there is an algorithm as it's predictable it's time-based in in the in the first in the current definition of the onion services and Basically at relay there's been on the netto for 96 hours can become a directory so Yeah, so you can just wait run relays and eventually they can become directories and there is an effort that every day bed relays are disconnected from the network Well, we don't say how that is done because we don't want to give attackers this advantage but the thing that with the upgrade with the next generation on your services that There is a consensus mechanism There is not just something that we invented its use also in other applications and every 12 hours the The directory authorities if there are eight of them now they They share a secret and then they come to a consensus that this change every 24 hours And so that goes into the mechanism and it's a little bit more sophisticated and makes