SlideShare une entreprise Scribd logo

Tor: How it works to keep you safe online. PhutureCon 2014

Télécharger en tant que PPTX, PDF
I
IceQUICK

Presented at the first PhutureCon (2014) (http://phuturecon.com) in Denver, CO.

Technologie
1  sur  15
How it works to keep you safe online Phuturecon 2014 IceQUICK ParkBenchIndustries.com
Who am I  Former USAF NOC admin (Active Duty and Contractor)  Windows/Solaris/Linux admin  IT process architect (ITIL)  Not a developer (Tor is written in C)  Tor Experience  User for 10+ years  Relay node admin for ~3 years
This presentation Combined from a variety of sources No tricks, vulnerabilities, hacks Not ‘breaking news’ Why I trust the network Why you should contribute
What is Tor?  Network of virtual tunnels  Privately Browse Internet  FREE!  Used by…  Journalists  Activists  Censorship circumventing citizens  Military intel analysts  Law enforcement  Whistleblowers  Bloggers  http://www.torproject.org/ Privacy-contious
Tor History  ~1995 - Naval Research Lab as “Onion Routing”  2002 - Converted to TOR “The Onion Router”  Code open-sourced  2006 – Tor Project Formed  501(c)(3) research-educational non-profit  Today: 60%+ of funding still from US Government
Technologies Used  PKI  Public/Private Keys  Hashing / Signing  Diffie-Hellman key exchange  PFS – Perfect Forward Secrecy  DHT – Distributed Hash Table  For hidden services /.onions
Life of a session  Client to Node 1(Guard)  Perform DH Key Exchange  Acquire PFS Session Key  Use Node 1(Guard) to repeat process to Node 2(Relay)  Use Node 2(Relay) to repeat process to Node 3 (Exit)  Use Node 3 to contact internet resource  Create new path every 10 minutes  Will route existing TCP sessions through existing paths  Repeat…
DH Key Exchange  Key Exchange  Client gets the node’s public key from directory  Client sends the first half of DH handshake encrypted with node’s public key  Node receives, decrypts it, using its private key  Node has first half (client’s) of two-way DH handshake  Node completes second half of the handshake, creating session key  Hashes the resulting session key and signs it with it private key  Node sends to client – both parties now have the session key  Verify Session Key  Client believes session key came from the router  Client decrypts session key using router's public key  Will only work if session key was signed with the router's private key
Uses  Web Browsing  DNS  Most services using TCP  Chat, Mail, etc.  Hidden Services  E.g. http://j8hlg2sh2hoasdh8.onion/
What can you do?  Run a Relay  Exit node or not  Home cable modem  VPS  Tor Cloud – Amazon  Help Develop  C, C++, Python, Java  OnionTip.com  BTC to node operators  Defend its use
Questions?
Enjoy! @IceQUICK icequick@parkbenchindustries.com @DC970

Recommandé

Tor
TorTor
TorBharat Sabne
 
TOR: The Onion Router
TOR: The Onion RouterTOR: The Onion Router
TOR: The Onion RouterVolodymyr Ostapiv
 
Secure shell ppt
Secure shell pptSecure shell ppt
Secure shell pptsravya raju
 
Internet Relay Chat Forensics
Internet Relay Chat ForensicsInternet Relay Chat Forensics
Internet Relay Chat ForensicsIJSRD
 
Reverse shell
Reverse shellReverse shell
Reverse shellIlan Mindel
 
Ports and services
Ports and servicesPorts and services
Ports and servicesIlan Mindel
 
Tunneling
TunnelingTunneling
TunnelingIlan Mindel
 
osint + python: extracting information from tor network and darkweb
osint + python: extracting information from tor network and darkweb osint + python: extracting information from tor network and darkweb
osint + python: extracting information from tor network and darkweb Jose Manuel Ortega Candel
 

Recommandé

Tor
TorTor
TorBharat Sabne
 
TOR: The Onion Router
TOR: The Onion RouterTOR: The Onion Router
TOR: The Onion RouterVolodymyr Ostapiv
 
Secure shell ppt
Secure shell pptSecure shell ppt
Secure shell pptsravya raju
 
Internet Relay Chat Forensics
Internet Relay Chat ForensicsInternet Relay Chat Forensics
Internet Relay Chat ForensicsIJSRD
 
Reverse shell
Reverse shellReverse shell
Reverse shellIlan Mindel
 
Ports and services
Ports and servicesPorts and services
Ports and servicesIlan Mindel
 
Tunneling
TunnelingTunneling
TunnelingIlan Mindel
 
osint + python: extracting information from tor network and darkweb
osint + python: extracting information from tor network and darkweb osint + python: extracting information from tor network and darkweb
osint + python: extracting information from tor network and darkweb Jose Manuel Ortega Candel
 
.Onion
.Onion.Onion
.OnionKajolPatel17
 
Responder PPT
Responder PPTResponder PPT
Responder PPTIlan Mindel
 
crypto2ssh
crypto2sshcrypto2ssh
crypto2sshHasan Sharif
 
Introduction to foot printing
Introduction to foot printingIntroduction to foot printing
Introduction to foot printingCHETAN THAKRE
 
(130727) #fitalk anonymous network concepts and implementation
(130727) #fitalk anonymous network concepts and implementation(130727) #fitalk anonymous network concepts and implementation
(130727) #fitalk anonymous network concepts and implementationINSIGHT FORENSIC
 
Darkweb + Python: discover, analyze and extract information from hidden services
Darkweb + Python: discover, analyze and extract information from hidden servicesDarkweb + Python: discover, analyze and extract information from hidden services
Darkweb + Python: discover, analyze and extract information from hidden servicesJose Manuel Ortega Candel
 
Module 8 System Hacking
Module 8 System HackingModule 8 System Hacking
Module 8 System Hackingleminhvuong
 
Os 2
Os 2Os 2
Os 2university of Gujrat, pakistan
 
Hacking Fundamentals - Jen Johnson , Miria Grunick
Hacking Fundamentals - Jen Johnson , Miria GrunickHacking Fundamentals - Jen Johnson , Miria Grunick
Hacking Fundamentals - Jen Johnson , Miria Grunickamiable_indian
 
The Network Protocol Stack Revisited
The Network Protocol Stack RevisitedThe Network Protocol Stack Revisited
The Network Protocol Stack Revisitedinbroker
 
tor
tortor
torSunil Agarwal
 
network protocol | Networking by Nitasha Chaturvedi
network protocol | Networking by Nitasha Chaturvedinetwork protocol | Networking by Nitasha Chaturvedi
network protocol | Networking by Nitasha Chaturvedinitashach22
 
Sinnreich Henry Johnston Alan Pt 1
Sinnreich Henry Johnston Alan Pt 1Sinnreich Henry Johnston Alan Pt 1
Sinnreich Henry Johnston Alan Pt 1Carl Ford
 
class12_Networking2
class12_Networking2class12_Networking2
class12_Networking2T. J. Saotome
 
Http Vs Https .
Http Vs Https . Http Vs Https .
Http Vs Https . simplyharshad
 
Lesson 17 fundamental of internet (88 kb)
Lesson 17 fundamental of internet (88 kb)Lesson 17 fundamental of internet (88 kb)
Lesson 17 fundamental of internet (88 kb)IMRAN KHAN
 
Onion routing and tor: Fundamentals and Anonymity
Onion routing and tor: Fundamentals and AnonymityOnion routing and tor: Fundamentals and Anonymity
Onion routing and tor: Fundamentals and Anonymityanurag singh
 
Apple Facetime Protocol
Apple Facetime ProtocolApple Facetime Protocol
Apple Facetime Protocolkshitijmehta23
 
Published on IST 554 (httpsonline.ist.psu.eduist554).docx
Published on IST 554 (httpsonline.ist.psu.eduist554).docxPublished on IST 554 (httpsonline.ist.psu.eduist554).docx
Published on IST 554 (httpsonline.ist.psu.eduist554).docxamrit47
 
Oss web application and network security
Oss web application and network securityOss web application and network security
Oss web application and network securityRishabh Mehan
 
Ch4 Protocols.pptx
Ch4 Protocols.pptxCh4 Protocols.pptx
Ch4 Protocols.pptxkebeAman
 
#Morecrypto (with tis) - version 2.2
#Morecrypto (with tis) - version 2.2#Morecrypto (with tis) - version 2.2
#Morecrypto (with tis) - version 2.2Olle E Johansson
 

Contenu connexe

Tendances

Introduction to foot printing
Introduction to foot printingIntroduction to foot printing
Introduction to foot printingCHETAN THAKRE
 
(130727) #fitalk anonymous network concepts and implementation
(130727) #fitalk anonymous network concepts and implementation(130727) #fitalk anonymous network concepts and implementation
(130727) #fitalk anonymous network concepts and implementationINSIGHT FORENSIC
 
Darkweb + Python: discover, analyze and extract information from hidden services
Darkweb + Python: discover, analyze and extract information from hidden servicesDarkweb + Python: discover, analyze and extract information from hidden services
Darkweb + Python: discover, analyze and extract information from hidden servicesJose Manuel Ortega Candel
 
Module 8 System Hacking
Module 8 System HackingModule 8 System Hacking
Module 8 System Hackingleminhvuong
 

Tendances (8)

.Onion
.Onion.Onion
.Onion
 
Responder PPT
Responder PPTResponder PPT
Responder PPT
 
crypto2ssh
crypto2sshcrypto2ssh
crypto2ssh
 
Introduction to foot printing
Introduction to foot printingIntroduction to foot printing
Introduction to foot printing
 
(130727) #fitalk anonymous network concepts and implementation
(130727) #fitalk anonymous network concepts and implementation(130727) #fitalk anonymous network concepts and implementation
(130727) #fitalk anonymous network concepts and implementation
 
Darkweb + Python: discover, analyze and extract information from hidden services
Darkweb + Python: discover, analyze and extract information from hidden servicesDarkweb + Python: discover, analyze and extract information from hidden services
Darkweb + Python: discover, analyze and extract information from hidden services
 
Module 8 System Hacking
Module 8 System HackingModule 8 System Hacking
Module 8 System Hacking
 
Os 2
Os 2Os 2
Os 2
 

Similaire à Tor: How it works to keep you safe online. PhutureCon 2014

Hacking Fundamentals - Jen Johnson , Miria Grunick
Hacking Fundamentals - Jen Johnson , Miria GrunickHacking Fundamentals - Jen Johnson , Miria Grunick
Hacking Fundamentals - Jen Johnson , Miria Grunickamiable_indian
 
The Network Protocol Stack Revisited
The Network Protocol Stack RevisitedThe Network Protocol Stack Revisited
The Network Protocol Stack Revisitedinbroker
 
network protocol | Networking by Nitasha Chaturvedi
network protocol | Networking by Nitasha Chaturvedinetwork protocol | Networking by Nitasha Chaturvedi
network protocol | Networking by Nitasha Chaturvedinitashach22
 
Sinnreich Henry Johnston Alan Pt 1
Sinnreich Henry Johnston Alan Pt 1Sinnreich Henry Johnston Alan Pt 1
Sinnreich Henry Johnston Alan Pt 1Carl Ford
 
Lesson 17 fundamental of internet (88 kb)
Lesson 17 fundamental of internet (88 kb)Lesson 17 fundamental of internet (88 kb)
Lesson 17 fundamental of internet (88 kb)IMRAN KHAN
 
Onion routing and tor: Fundamentals and Anonymity
Onion routing and tor: Fundamentals and AnonymityOnion routing and tor: Fundamentals and Anonymity
Onion routing and tor: Fundamentals and Anonymityanurag singh
 
Apple Facetime Protocol
Apple Facetime ProtocolApple Facetime Protocol
Apple Facetime Protocolkshitijmehta23
 
Published on IST 554 (httpsonline.ist.psu.eduist554).docx
Published on IST 554 (httpsonline.ist.psu.eduist554).docxPublished on IST 554 (httpsonline.ist.psu.eduist554).docx
Published on IST 554 (httpsonline.ist.psu.eduist554).docxamrit47
 
Oss web application and network security
Oss web application and network securityOss web application and network security
Oss web application and network securityRishabh Mehan
 
Ch4 Protocols.pptx
Ch4 Protocols.pptxCh4 Protocols.pptx
Ch4 Protocols.pptxkebeAman
 
#Morecrypto (with tis) - version 2.2
#Morecrypto (with tis) - version 2.2#Morecrypto (with tis) - version 2.2
#Morecrypto (with tis) - version 2.2Olle E Johansson
 
BlueHat v17 || Dyre to Trickbot: An Inside Look at TLS-Encrypted Command-And-...
BlueHat v17 || Dyre to Trickbot: An Inside Look at TLS-Encrypted Command-And-...BlueHat v17 || Dyre to Trickbot: An Inside Look at TLS-Encrypted Command-And-...
BlueHat v17 || Dyre to Trickbot: An Inside Look at TLS-Encrypted Command-And-...BlueHat Security Conference
 
Computer Seminar.pptx
Computer Seminar.pptxComputer Seminar.pptx
Computer Seminar.pptxMelvinShaji12
 
Network tunneling techniques
Network tunneling techniquesNetwork tunneling techniques
Network tunneling techniquesinbroker
 
Ch4 Protocols.pptx
Ch4 Protocols.pptxCh4 Protocols.pptx
Ch4 Protocols.pptxazmerawAnna1
 

Similaire à Tor: How it works to keep you safe online. PhutureCon 2014 (20)

Hacking Fundamentals - Jen Johnson , Miria Grunick
Hacking Fundamentals - Jen Johnson , Miria GrunickHacking Fundamentals - Jen Johnson , Miria Grunick
Hacking Fundamentals - Jen Johnson , Miria Grunick
 
The Network Protocol Stack Revisited
The Network Protocol Stack RevisitedThe Network Protocol Stack Revisited
The Network Protocol Stack Revisited
 
tor
tortor
tor
 
network protocol | Networking by Nitasha Chaturvedi
network protocol | Networking by Nitasha Chaturvedinetwork protocol | Networking by Nitasha Chaturvedi
network protocol | Networking by Nitasha Chaturvedi
 
Sinnreich Henry Johnston Alan Pt 1
Sinnreich Henry Johnston Alan Pt 1Sinnreich Henry Johnston Alan Pt 1
Sinnreich Henry Johnston Alan Pt 1
 
class12_Networking2
class12_Networking2class12_Networking2
class12_Networking2
 
Http Vs Https .
Http Vs Https . Http Vs Https .
Http Vs Https .
 
Lesson 17 fundamental of internet (88 kb)
Lesson 17 fundamental of internet (88 kb)Lesson 17 fundamental of internet (88 kb)
Lesson 17 fundamental of internet (88 kb)
 
Onion routing and tor: Fundamentals and Anonymity
Onion routing and tor: Fundamentals and AnonymityOnion routing and tor: Fundamentals and Anonymity
Onion routing and tor: Fundamentals and Anonymity
 
Apple Facetime Protocol
Apple Facetime ProtocolApple Facetime Protocol
Apple Facetime Protocol
 
Published on IST 554 (httpsonline.ist.psu.eduist554).docx
Published on IST 554 (httpsonline.ist.psu.eduist554).docxPublished on IST 554 (httpsonline.ist.psu.eduist554).docx
Published on IST 554 (httpsonline.ist.psu.eduist554).docx
 
Oss web application and network security
Oss web application and network securityOss web application and network security
Oss web application and network security
 
Ch4 Protocols.pptx
Ch4 Protocols.pptxCh4 Protocols.pptx
Ch4 Protocols.pptx
 
#Morecrypto (with tis) - version 2.2
#Morecrypto (with tis) - version 2.2#Morecrypto (with tis) - version 2.2
#Morecrypto (with tis) - version 2.2
 
BlueHat v17 || Dyre to Trickbot: An Inside Look at TLS-Encrypted Command-And-...
BlueHat v17 || Dyre to Trickbot: An Inside Look at TLS-Encrypted Command-And-...BlueHat v17 || Dyre to Trickbot: An Inside Look at TLS-Encrypted Command-And-...
BlueHat v17 || Dyre to Trickbot: An Inside Look at TLS-Encrypted Command-And-...
 
Computer Seminar.pptx
Computer Seminar.pptxComputer Seminar.pptx
Computer Seminar.pptx
 
Network tunneling techniques
Network tunneling techniquesNetwork tunneling techniques
Network tunneling techniques
 
Ch4 Protocols.pptx
Ch4 Protocols.pptxCh4 Protocols.pptx
Ch4 Protocols.pptx
 
Cn file
Cn fileCn file
Cn file
 
Application Layer
Application LayerApplication Layer
Application Layer
 

Dernier

Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Victor Rentea
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusZilliz
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxRemote DBA Services
 
JohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptxJohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptxJohnPollard37
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Jeffrey Haguewood
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024The Digital Insurer
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
AI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by AnitarajAI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by AnitarajAnitaRaj43
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWERMadyBayot
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native ApplicationsWSO2
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamUiPathCommunity
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesrafiqahmad00786416
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 

Dernier (20)

Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
JohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptxJohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptx
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
AI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by AnitarajAI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by Anitaraj
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 

Tor: How it works to keep you safe online. PhutureCon 2014

  • 1. How it works to keep you safe online Phuturecon 2014 IceQUICK ParkBenchIndustries.com
  • 2. Who am I  Former USAF NOC admin (Active Duty and Contractor)  Windows/Solaris/Linux admin  IT process architect (ITIL)  Not a developer (Tor is written in C)  Tor Experience  User for 10+ years  Relay node admin for ~3 years
  • 3. This presentation Combined from a variety of sources No tricks, vulnerabilities, hacks Not ‘breaking news’ Why I trust the network Why you should contribute
  • 4. What is Tor?  Network of virtual tunnels  Privately Browse Internet  FREE!  Used by…  Journalists  Activists  Censorship circumventing citizens  Military intel analysts  Law enforcement  Whistleblowers  Bloggers  http://www.torproject.org/ Privacy-contious
  • 5. Tor History  ~1995 - Naval Research Lab as “Onion Routing”  2002 - Converted to TOR “The Onion Router”  Code open-sourced  2006 – Tor Project Formed  501(c)(3) research-educational non-profit  Today: 60%+ of funding still from US Government
  • 6.
  • 7.
  • 8.
  • 9. Technologies Used  PKI  Public/Private Keys  Hashing / Signing  Diffie-Hellman key exchange  PFS – Perfect Forward Secrecy  DHT – Distributed Hash Table  For hidden services /.onions
  • 10. Life of a session  Client to Node 1(Guard)  Perform DH Key Exchange  Acquire PFS Session Key  Use Node 1(Guard) to repeat process to Node 2(Relay)  Use Node 2(Relay) to repeat process to Node 3 (Exit)  Use Node 3 to contact internet resource  Create new path every 10 minutes  Will route existing TCP sessions through existing paths  Repeat…
  • 11. DH Key Exchange  Key Exchange  Client gets the node’s public key from directory  Client sends the first half of DH handshake encrypted with node’s public key  Node receives, decrypts it, using its private key  Node has first half (client’s) of two-way DH handshake  Node completes second half of the handshake, creating session key  Hashes the resulting session key and signs it with it private key  Node sends to client – both parties now have the session key  Verify Session Key  Client believes session key came from the router  Client decrypts session key using router's public key  Will only work if session key was signed with the router's private key
  • 12. Uses  Web Browsing  DNS  Most services using TCP  Chat, Mail, etc.  Hidden Services  E.g. http://j8hlg2sh2hoasdh8.onion/
  • 13. What can you do?  Run a Relay  Exit node or not  Home cable modem  VPS  Tor Cloud – Amazon  Help Develop  C, C++, Python, Java  OnionTip.com  BTC to node operators  Defend its use

Notes de l'éditeur

  1. Start Router 1 (aka Guard) DH Exchange client gets the first onion router's public key sends the first half of this Diffie-Hellman handshake encrypted under that first router's public key So the first router receives that. It decrypts it, using its private key. And then it has the first half of this two-way handshake. It finishes the handshake, sends back the second half of the handshake to the client, and hashes the resulting session key and signs it with it So when it finishes the handshake, now it has the session key. Session Key for first link Once the client receives that second half of the handshake, the client also will have the matching session key for the encryption. To prove that the onion router also has it, the onion router hashes that key and then signs it with its private key Verify Session Key So the client now receives that, which it believes came from the onion router that it's trying to establish a connection to. It decrypts that using that router's public key, which will only work if it was signed with the router's private key. That returns - that finishes the handshake, allows it to establish the secret pseudorandom session key that they will be using to communicate henceforth, and it's able to verify that they both had the same session key by decrypting the hash of the key. Securely and with authentication of the onion router established a connection, sort of the first link. Second Node (aka Relay) Pick second node from directory Repeat steps, but sending all communication through Node 1/Guard Third Node (aka Exit) Pick third node from directory Repeat steps, but sending all communication through Node 2/Relay, via Node 1/Guard Destination Service D