[redacted] - summer school on real-world crypto and privacy ...[redacted] - summer school on...
TRANSCRIPT
-
[redacted]Summer school on real-world crypto and privacy 2015
Šibenik, Croatia
Jacob Appelbaum
[redacted]
05 June 2015
Jacob Appelbaum ([redacted]) [redacted] 05 June 2015 1 / 35
-
Happy Anniversary
Thank you Edward Snowden!
Jacob Appelbaum ([redacted]) [redacted] 05 June 2015 2 / 35
-
Context
”World War III is a guerrilla information war with no division betweenmilitary and civilian participation.” - Marshall McLuhan in Culture Is OurBusiness
Jacob Appelbaum ([redacted]) [redacted] 05 June 2015 3 / 35
-
Anonymity and Censorship: a cypherpunk history
Jacob Appelbaum ([redacted]) [redacted] 05 June 2015 4 / 35
-
Anonymity and Censorship: an academic history
anonbib: http://www.freehaven.net/anonbib/censorbib: http://www.cs.kau.se/philwint/censorbib/
Jacob Appelbaum ([redacted]) [redacted] 05 June 2015 5 / 35
http://www.freehaven.net/anonbib/http://www.cs.kau.se/philwint/censorbib/
-
Surveillance in context
”But it is just terrorists...”
Jacob Appelbaum ([redacted]) [redacted] 05 June 2015 6 / 35
-
Surveillance in context
”But it is just terrorists...”
Jacob Appelbaum ([redacted]) [redacted] 05 June 2015 6 / 35
-
Surveillance in context
”We Kill People Based on Metadata” - Michael Hayden, Former Directorof the CIA
Jacob Appelbaum ([redacted]) [redacted] 05 June 2015 7 / 35
-
Mass surveillance as an API
Actual XKeyscore rule sample:
// START DEFINITIONr e q u i r e s grammar v e r s i o n 5/∗∗∗ I d e n t i f y c l i e n t s a c c e s s i n g Tor b r i d g e i n f o r m a t i o n .∗/
f i n g e r p r i n t ( ’ anonymizer / t o r / b r i d g e / t l s ’ ) =s s l x 5 0 9 s u b j e c t ( ’ b r i d g e s . t o r p r o j e c t . org ’ ) o rs s l d n s n a m e ( ’ b r i d g e s . t o r p r o j e c t . org ’ ) ;
Jacob Appelbaum ([redacted]) [redacted] 05 June 2015 8 / 35
-
OTR thwarts passive surveillance
Jacob Appelbaum ([redacted]) [redacted] 05 June 2015 9 / 35
-
Tor, Tails, Redphone and more
Jacob Appelbaum ([redacted]) [redacted] 05 June 2015 10 / 35
-
”You never change things by fighting the existing reality. To changesomething, build a new model that makes the existing model obsolete.” -R. Buckminster Fuller
Jacob Appelbaum ([redacted]) [redacted] 05 June 2015 11 / 35
-
Building a new model
We know that cryptography works when applied properly.We need a cryptographic system to protect metadata and content.
Jacob Appelbaum ([redacted]) [redacted] 05 June 2015 12 / 35
-
Tor
An anonymity system for everyone: https://www.torproject.org/
Full details available in our torspechttps://gitweb.torproject.org/torspec.git repository and invarious peer reviewed papers.Tom Ritter produced an incredible overview document:https://ritter.vg/blog-all_about_tor.html
Free Software for Freedom, community run, freely available, etc.
Jacob Appelbaum ([redacted]) [redacted] 05 June 2015 13 / 35
https://www.torproject.org/https://gitweb.torproject.org/torspec.githttps://ritter.vg/blog-all_about_tor.html
-
Tor
An anonymity system for everyone: https://www.torproject.org/Full details available in our torspechttps://gitweb.torproject.org/torspec.git repository and invarious peer reviewed papers.
Tom Ritter produced an incredible overview document:https://ritter.vg/blog-all_about_tor.html
Free Software for Freedom, community run, freely available, etc.
Jacob Appelbaum ([redacted]) [redacted] 05 June 2015 13 / 35
https://www.torproject.org/https://gitweb.torproject.org/torspec.githttps://ritter.vg/blog-all_about_tor.html
-
Tor
An anonymity system for everyone: https://www.torproject.org/Full details available in our torspechttps://gitweb.torproject.org/torspec.git repository and invarious peer reviewed papers.Tom Ritter produced an incredible overview document:https://ritter.vg/blog-all_about_tor.html
Free Software for Freedom, community run, freely available, etc.
Jacob Appelbaum ([redacted]) [redacted] 05 June 2015 13 / 35
https://www.torproject.org/https://gitweb.torproject.org/torspec.githttps://ritter.vg/blog-all_about_tor.html
-
Tor
An anonymity system for everyone: https://www.torproject.org/Full details available in our torspechttps://gitweb.torproject.org/torspec.git repository and invarious peer reviewed papers.Tom Ritter produced an incredible overview document:https://ritter.vg/blog-all_about_tor.html
Free Software for Freedom, community run, freely available, etc.
Jacob Appelbaum ([redacted]) [redacted] 05 June 2015 13 / 35
https://www.torproject.org/https://gitweb.torproject.org/torspec.githttps://ritter.vg/blog-all_about_tor.html
-
How does Tor work?
The basic idea is conceptually simple: compartmentalize information
Currently the network has ˜6500 nodes for Tor ˜2m active daily users
Jacob Appelbaum ([redacted]) [redacted] 05 June 2015 14 / 35
-
How does Tor work?
The basic idea is conceptually simple: compartmentalize informationCurrently the network has ˜6500 nodes for Tor ˜2m active daily users
Jacob Appelbaum ([redacted]) [redacted] 05 June 2015 14 / 35
-
User interface
Two primary interfaces:
Tor as a SOCKS proxy
Tor (as a) Browser
Jacob Appelbaum ([redacted]) [redacted] 05 June 2015 15 / 35
-
Tor circuit
Jacob Appelbaum ([redacted]) [redacted] 05 June 2015 16 / 35
-
Tor circuit
Jacob Appelbaum ([redacted]) [redacted] 05 June 2015 17 / 35
-
Tor circuit
Jacob Appelbaum ([redacted]) [redacted] 05 June 2015 18 / 35
-
Tor circuits
Constrained by various parameters tuned by members of the networkitself.
Source routed
Compartmentalized with cryptography
Jacob Appelbaum ([redacted]) [redacted] 05 June 2015 19 / 35
-
The Tor Network
The Tor network assigns various flags and details to nodes:
Dir
Directory Authority
Fast
Guard
HSDir
Stable
Jacob Appelbaum ([redacted]) [redacted] 05 June 2015 20 / 35
-
The Tor Network
Directory Authorities produce a consensus document
Jacob Appelbaum ([redacted]) [redacted] 05 June 2015 21 / 35
-
The consensus
A document cryptographically binding together various details about nodes
Observed bandwidth
IP and port information
cryptographic details
...
Jacob Appelbaum ([redacted]) [redacted] 05 June 2015 22 / 35
-
The consensus
A document cryptographically binding together various details about nodes
Observed bandwidth
IP and port information
cryptographic details
...
Jacob Appelbaum ([redacted]) [redacted] 05 June 2015 22 / 35
-
The consensus
A document cryptographically binding together various details about nodes
Observed bandwidth
IP and port information
cryptographic details
...
Jacob Appelbaum ([redacted]) [redacted] 05 June 2015 22 / 35
-
Hidden Services
See rend-spec.txt in torspec
Also seehttps://www.torproject.org/docs/hidden-services.html
End to End Encrypted, anonymized connections
Used to host TCP services
Jacob Appelbaum ([redacted]) [redacted] 05 June 2015 23 / 35
https://www.torproject.org/docs/hidden-services.html
-
Tor Hidden Services
Jacob Appelbaum ([redacted]) [redacted] 05 June 2015 24 / 35
-
Tor Hidden Services
Jacob Appelbaum ([redacted]) [redacted] 05 June 2015 25 / 35
-
Tor Hidden Services
Jacob Appelbaum ([redacted]) [redacted] 05 June 2015 26 / 35
-
Tor Hidden Services
Jacob Appelbaum ([redacted]) [redacted] 05 June 2015 27 / 35
-
Tor Hidden Services
Jacob Appelbaum ([redacted]) [redacted] 05 June 2015 28 / 35
-
Tor Hidden Services
Jacob Appelbaum ([redacted]) [redacted] 05 June 2015 29 / 35
-
An example built on anonymity technology
The Tor Browser on Tails visiting a normal journalistic website:
Jacob Appelbaum ([redacted]) [redacted] 05 June 2015 30 / 35
-
The internet is more than the world wide web
Jabber offered over Tor Hidden Services composed with OTR
Pond: https://pond.imperialviolet.org/
Tails: https://tails.boum.org/
Jacob Appelbaum ([redacted]) [redacted] 05 June 2015 31 / 35
https://pond.imperialviolet.org/https://tails.boum.org/
-
making the existing model obsolete
Privacy Enhancing Technologies change the playing field.
Jacob Appelbaum ([redacted]) [redacted] 05 June 2015 32 / 35
-
History provides a model for change
Russell-Einstein Manifesto - issued July 9, 1955 in London
Jacob Appelbaum ([redacted]) [redacted] 05 June 2015 33 / 35
-
History provides a model for change
”Remember your humanity, and forget the rest.”
Jacob Appelbaum ([redacted]) [redacted] 05 June 2015 34 / 35
-
Questions?
I encourage you to become the next Chelsea Manning, Thomas Drake,Jesselyn Radack, William Binney, Mark Klein, J. Kirk Wiebe, EdwardSnowden, Daniel Ellsberg - a long line of heroic people whose sacrificeshave brought us here today.
Jacob Appelbaum ([redacted]) [redacted] 05 June 2015 35 / 35