Genuine onion: Simple, Fast, Flexible, and Cheap Website - - PowerPoint PPT Presentation

genuine onion simple fast flexible and cheap website
SMART_READER_LITE
LIVE PREVIEW

Genuine onion: Simple, Fast, Flexible, and Cheap Website - - PowerPoint PPT Presentation

Feb 07, 2023 183 likes •540 views

Genuine onion: Simple, Fast, Flexible, and Cheap Website Authentication Paul Syverson a U.S. Naval Research Laboratory f joint work with Griffin Boyce Open Internet Tools Project IEEE Web 2.0 Security and

slide-1
SLIDE 1

Genuine onion: Simple, Fast, Flexible, and Cheap Website Authentication

Paul Syverson a

U.S. Naval Research Laboratory f

joint work with

Griffin Boyce Open Internet Tools Project

IEEE Web 2.0 Security and Privacy Workshop May 21, 2015

slide-2
SLIDE 2

Onionsites: Not just for confidentiality

  • f server network location
  • Also useful for site integrity and

authentication

2

slide-3
SLIDE 3

3

slide-4
SLIDE 4

Why didn’t they use SSL Certs?

4

slide-5
SLIDE 5

5

Tor is a system for traffic-secure communication.

What is Tor?

slide-6
SLIDE 6

Users Destinations Onion Routers

6

Background: Onion Routing

slide-7
SLIDE 7

Users Destinations Onion Routers

7

Background: Onion Routing

slide-8
SLIDE 8

Users Destinations Onion Routers

8

Background: Onion Routing

slide-9
SLIDE 9

Users Destinations Onion Routers

9

Background: Onion Routing

slide-10
SLIDE 10

Users Destinations Onion Routers

10

Background: Onion Routing

slide-11
SLIDE 11
  • 1. Server Bob creates onion routes to Introduction Points (IP)

(All routes in these pictures are onion routed through Tor) Bob's Server Introduction Points

The image cannot be displayed. Your computer may not have enough memory to open the image, or the image may have been corrupted. Restart your computer, and then open the file again. If the red x still appears, you may have to delete the image and then insert it again.

1 1 1

Onionsites

11

slide-12
SLIDE 12

Alice's Client

  • 1. Server Bob creates onion routes to Introduction Points (IPo)
  • 2. Bob publishes his xyz.onion address and puts Service Descriptor
  • incl. Intro Pt. and public key listed under xyz.onion

Bob's Server Introduction Points Service Lookup Server

XYZ Service

2 1 1 1

Onionsites

12

slide-13
SLIDE 13

Alice's Client 2'. Alice uses xyz.onion to get Service Descriptor (including Intro Pt. address and Publlic Key) at Lookup Server Alice checks XYZ = H( PK( )) Service Lookup Server Bob's Server Introduction Points

XYZ Service

2'

2 1 1 1

Onionsites

13

slide-14
SLIDE 14

Alice's Client 2'. Alice uses xyz.onion to get Service Descriptor (including Intro Pt. address and Publlic Key) at Lookup Server Alice checks XYZ = H( PK( ))

T h e i m a g e c a n n
  • t

Service Lookup Server Bob's Server Introduction Points

XYZ Service

2'

2 1 1 1

.onions are Self-Authenticating

14

slide-15
SLIDE 15

Alice's Client

  • 3. Client Alice creates onion route to Rendezvous Point (RP)
T h e i m a g e c a n n
  • t

Bob's Server Introduction Points Rendezvous Point Service Lookup Server 3 2'

1 1 1 2

Onionsites

15

slide-16
SLIDE 16

Alice's Client

  • 3. Client Alice creates onion route to Rendezvous Point (RP)
  • 4. Alice sends RP address and any authorization through IPo to Bob
T h e i m a g e c a n n
  • t

Bob's Server Introduction Points Rendezvous Point Service Lookup Server 4 2'

1 1 1 2

Onionsites

3

16

slide-17
SLIDE 17

Alice's Client

  • 5. If Bob chooses to talk to Alice, connects to Rendezvous Point
  • 6. Rendezvous Point mates the circuits from Alice and Bob
T h e i m a g e c a n n
  • t

Bob's Server Introduction Points Rendezvous Point Service Lookup Server 6 5

2

2' 4

Onionsites

3

1 1 1

17

slide-18
SLIDE 18

Alice's Client Bob's Server Rendezvous Point Final resulting communication channel

The image cannot be
  • displayed. Your
computer may not have enough memory to open the image, or the image may have been corrupted. Restart your computer, and then
  • pen the file again. If
the red x still appears, you may The image cannot be
  • displayed. Your
computer may not have enough memory to open the image, or the image may have been corrupted. Restart your computer, and then
  • pen the file again. If
the red x still appears, you may

Onionsites

18

slide-19
SLIDE 19

.onions are not Human Meaningful

3g2upl4pq6kufc4m.onion

19

slide-20
SLIDE 20

.onions are not Human Meaningful

3g2upl4pq6kufc4m.onion

20

slide-21
SLIDE 21

Zooko’s Triangle for Names

  • Can generally obtain any two out of three

21

Human Meaningful Decentralized Secure

slide-22
SLIDE 22

Zooko’s Triangle for Names

  • Can generally obtain any two out of three

22

Human Meaningful Decentralized Secure Duck DuckGo 3g2upl4pq6kufc4m.onion

slide-23
SLIDE 23

Zooko’s Triangle for Names

23

Human Meaningful Decentralized Secure Duck DuckGo 3g2upl4pq6kufc4m.onion

TLS Certificate

slide-24
SLIDE 24

Problems with TLS Certs

Can be:

  • Costly
  • Time consuming
  • Hard to set up
  • Not typically available for .onion (EV only)

24

slide-25
SLIDE 25

Problems with TLS Certs

Can be:

  • Costly
  • Time consuming
  • Hard to set up
  • Not typically available for .onion (EV only)
  • Let’s Encrypt: Free, Easy, Fast CA w/

backing of Mozilla, EFF, Akamai, Cisco, etc.

25

slide-26
SLIDE 26

Problems with TLS Certs

Can be:

  • Costly
  • Time consuming
  • Hard to set up
  • Not typically available for .onion (EV only)
  • Let’s Encrypt: Free, Easy, Fast CA w/

backing of Mozilla, EFF, Akamai, Cisco, etc.

  • Not available for a few months yet

26

slide-27
SLIDE 27

More problems with TLS Certs

  • Subject to hijacking
  • HTTPS Observatory, Certificate

Transparency, Perspectives, reveal shenanigans

27

slide-28
SLIDE 28

More problems with TLS Certs

  • Subject to hijacking
  • Trust relations opaque to users
  • HTTPS Observatory, Certificate

Transparency, Perspectives, reveal shenanigans

28

slide-29
SLIDE 29

Our solution

  • Set up onionsite corresponding to clearnet

website

– Might or might not be identical site or even on single

web service instance

  • Place GPG signature binding onionsite and

clearnet website

29

slide-30
SLIDE 30

30

slide-31
SLIDE 31

31

slide-32
SLIDE 32

Advantages of PGP/GPG binding

  • f onionsites to ordinary URL sites
  • Can be done by anyone right now using

existing software

  • Site trust is based on known established trust

relations (web of trust)

– Seymour’s Bay Chamber of Commerce signs Bob’s

Burgers website cert

  • Not subject to MitM or hijacking
  • Can be used instead of/until various

proposals for web of trust with novel name system or TLS cert infrastructure grow

32

slide-33
SLIDE 33

Current Limitations of PGP/GPG binding of onionsites to ordinary URL sites

  • Not currently automated

– should be straightforward to do so (Monkeysphere) – Ahmia (onionsite search engine) suggests providing

results linking clearnet to onion sites and signature

  • validation. Simple plugin could check.
  • Not as widely familiar as TLS and not

integrated with traditional browser TLS encryption and authentication

– could support both X.509 certs and GPG certs

(Monkeysphere)

33

slide-34
SLIDE 34

More advantages of using

  • nionsites for authentication
  • Don’t need to register a domain name at all

to have recognizable, secure, webpage

– post signed onion address on Facebook Page,

Wordpress Blog, etc.

– Facebook’s Cert not much use here for personal

content assurance

  • Route security & server hiding still useful for

– personal (or minimally shared) cloud services – Integrity protection for personal RSS feeds

(especially from non-TLS feed sources)

34

slide-35
SLIDE 35

Questions? Talk Points

  • Onionsites are self-authenticating but not

human meaningful

  • GPG binding of plain domain names and onions

permits authentication that is

– to a meaningful name – backed by existing human trust relations – avoids problems of existing TLS Cert infrastructure – available to use right now

  • Readily automatable
  • Complements rather than replaces existing

mechanisms

35