========================================================================
Tor Weekly News December 4th, 2013
========================================================================
Welcome to the twenty-third issue of Tor Weekly News, the weekly
newsletter that covers what is happening in the Tor community.
Next-Generation Hidden Services reach draft proposal state
----------------------------------------------------------
Nick Mathewson has been working on turning a ârevamp of the hidden
services protocolâ into a formal proposalÂ[1]. Last Saturday, Nick
blessed the tor-dev mailing list with a post of the current draft for
proposal 224Â[2], dubbed âNext-Generation Hidden Services in Torâ.
Nick currently lists 25 different people who made writing the new
proposal possible, and there will be probably some more to add before
the proposal reaches completion. We will spare the reader a full list,
but Tor Weekly Newsâ archivesÂ[3] attest that George Kadianakis deserves
a special mention for his repeated efforts to move things forward.
The proposal aims to replace âthe current rend-spec.txtÂ[4], rewritten
for clarity and for improved design.â The most user visible change from
the current hidden services protocol is the new address format. In order
to prevent the enumeration of hidden services, the new protocol derives
a âblinded keyâ (section 1.3) from an Ed25519 master identity key. The
blinding operation operates on the full key (and not just a truncated
hash, as before). With a base 32 encoding of the entire 256 bits
(section 1.2), âa new name following this specification might look like:
a1uik0w1gmfq3i5ievxdm9ceu27e88g6o7pe0rffdw9jmntwkdsd.onionâ. Other
encodings might still be worth consideration as long as they make valid
hostnames.
Less visible changes include the departure from RSA1024, DH1024, and
SHA1 to prefer Ed25519, Curve25519, and SHA256 as the cryptographic
primitives (section 0.3).
The selection of directories responsible for a hidden service will now
depend on a periodic âcollaboratively generated random valueâ provided
by the Tor directory authorities. This way the directories of a hidden
service are not predictable in advance, which prevents targeted denial
of service attacks (see ticket #8244Â[5] and proposal 225 for a possible
schemeÂ[6]).
The new proposal also introduces the possibility of keeping the master
identity key offline (section 1.7).
The proposal is completely unfinished when it comes to scaling hidden
services to multiple hosts (section 1.5). There have been discussions on
this topicÂ[7], but there is no final decision on what the final scheme
should be. The problem with naive scaling schemes is that information
about the number of hidden service nodes can leak to adversarial clients
or introduction points.
In order to move the proposal forward from the current draft, Nick
Mathewson told the readers: âIâd like to know what doesnât make sense,
what I need to explain better, and what I need to design better. Iâd
like to fill in the gaps and turn this into a more full document. Iâd
like to answer the open questions. Comments are most welcome, especially
if they grow into improvements.â The document is still sprinkled with
many TODO items, so feel free to jump in if you want to help!
[1]Âhttps://gitweb.torproject.org/torspec.git/blob_plain/HEAD:/proposals/001-process.txt
[2]Âhttps://lists.torproject.org/pipermail/tor-dev/2013-November/005877.html
[3]Âhttps://blog.torproject.org/category/tags/tor-weekly-news
[4]Âhttps://gitweb.torproject.org/torspec.git/blob/refs/heads/master:/rend-spec.txt
[5]Âhttps://bugs.torproject.org/8244
[6]Âhttps://gitweb.torproject.org/torspec.git/blob/HEAD:/proposals/225-strawman-shared-rand.txt
[7]Âhttps://lists.torproject.org/pipermail/tor-dev/2013-October/005556.html
Tor relay operators meeting at 30C3
-----------------------------------
Moritz Bartl announcedÂ[8] that a meeting of Tor relay operators and
organizations will be held as part of the first day of the 30th Chaos
Communication Congress in Hamburg on the 27th December. He asked major
relay operators and Torservers.net partner organizations to prepare some
slides explaining their activities; the German partner organization,
Zwiebelfreunde e.V., will hold its own meeting directly afterwards.
[8]Âhttps://lists.torproject.org/pipermail/tor-relays/2013-December/003449.html
Monthly status reports for November 2013
----------------------------------------
The wave of regular monthly reports from Tor project members for the
month of November has begun. Pearl Crescent released their report
firstÂ[9], followed by reports from Sherief AlaaÂ[10], LunarÂ[11],
Colin C.Â[12], Nick MathewsonÂ[13], George KadianakisÂ[14],
Arlo BreaultÂ[15], and Ximin LuoÂ[16].
[9]Âhttps://lists.torproject.org/pipermail/tor-reports/2013-November/000387.html
[10]Âhttps://lists.torproject.org/pipermail/tor-reports/2013-December/000388.html
[11]Âhttps://lists.torproject.org/pipermail/tor-reports/2013-December/000389.html
[12]Âhttps://lists.torproject.org/pipermail/tor-reports/2013-December/000390.html
[13]Âhttps://lists.torproject.org/pipermail/tor-reports/2013-December/000391.html
[14]Âhttps://lists.torproject.org/pipermail/tor-reports/2013-December/000393.html
[15]Âhttps://lists.torproject.org/pipermail/tor-reports/2013-December/000394.html
[16]Âhttps://lists.torproject.org/pipermail/tor-reports/2013-December/000395.html
Miscellaneous news
------------------
The first release candidate for Tails 0.22Â[17] is out. The new version
features a browser based on Firefox 24 and has reached beta stage for
incremental updates, among other things. Tests are most welcome, as
always!
[17]Âhttps://tails.boum.org/news/test_0.22-rc1/
The Tails team called for translators to help with the strings both for
Tails 0.22Â[18], as well as for the new incremental upgrade
softwareÂ[19]. The strings for translation are now available in the
Tails Git repositoryÂ[20], and hopefully should also be up on
TransifexÂ[21] soon.
[18]Âhttps://mailman.boum.org/pipermail/tails-l10n/2013-December/000774.html
[19]Âhttps://mailman.boum.org/pipermail/tails-l10n/2013-November/000771.html
[20]Âhttps://git-tails.immerda.ch/iuk/
[21]Âhttps://www.transifex.com/projects/p/torproject/
Damian Johnson sent out a link to a recording of his talk on the Tor
ecosystem at TA3M in SeattleÂ[22].
[22]Âhttps://lists.torproject.org/pipermail/tor-dev/2013-November/005867.html
David Goulet called for assistance with the code-review process for the
Torsocks 2.0 release candidate, and offered some guidance on where to
beginÂ[23].
[23]Âhttps://lists.torproject.org/pipermail/tor-dev/2013-November/005870.html
Erinn Clark and Peter Palfrader upgraded the Tor Bug Tracker & Wiki to
Trac version 1.0Â[24].
[24]Âhttps://lists.torproject.org/pipermail/tor-dev/2013-November/005871.html
intrigeri beganÂ[25] compiling a glossaryÂ[26] of words that Tails and
its developers use for particular concepts, to assist contributors who
might not be familiar with these special meanings.
[25]Âhttps://mailman.boum.org/pipermail/tails-dev/2013-November/004353.html
[26]Âhttps://tails.boum.org/contribute/glossary/
In order to remove âa full database of relays on our already overloaded
metrics machineâ, Karsten Loesing is asking for those using the
ârelay-search serviceâ to speak upÂ[27] before the decommissioning of
the service by the end of the year.
[27]Âhttps://lists.torproject.org/pipermail/tor-talk/2013-December/031310.html
Philipp Winter followed up on his experiments in exit scanningÂ[28] and
released exitmapÂ[29], which uses Stem to control the tor daemon in
creating circuits to all exit nodes.
[28]Âhttps://lists.torproject.org/pipermail/tor-dev/2013-November/005863.html
[29]Âhttps://github.com/NullHypothesis/exitmap
OrchidÂ[30], a Tor client implementation written in pure Java, silently
reached the 1.0 milestone on November 27th. Nathan Freitas is looking
for comment from the communityÂ[31] as he is âthinking about having
Orbot use it by default, and then offering ARM and x86 binaries as
add-on enhancements.â His main argument is that it âwould make the core
Tor on Android experience more lightweight for client only use.â
[30]Âhttp://www.subgraph.com/orchid.html
[31]Âhttps://lists.torproject.org/pipermail/tor-dev/2013-November/005884.html
The Electronic Frontier Foundation helped a student group in Iowa
convince their university that they should be allowed to hold
discussions about Tor on campus. The EFFâs open letter to
universitiesÂ[32] and their âMyths and Facts About TorâÂ[33] document
make useful advocacy material.
[32]Âhttps://www.eff.org/deeplinks/2013/12/open-letter-urging-universities-encourage-conversation-about-online-privacy
[33]Âhttps://www.eff.org/document/tor-myths-and-facts
Tor help desk roundup
---------------------
Multiple users asked about using Tor for PC gaming. Tor can only
transport TCP, which is how web pages are transmitted. Many video games
rely on UDP or other protocols to transport data because of the lower
latency. Information these games transport over protocols besides TCP
would not be sent over Tor. Also any software used with Tor needs to be
tested for proxy obedience. Untested applications might send information
without using Tor even if they appear to be configured correctly, and
without the user realizing it.
Upcoming events
---------------
Dec 27-30 | Tor @ 30th Chaos Communication Congress
| Hamburg, Germany
| https://events.ccc.de/congress/2013/
This issue of Tor Weekly News has been assembled by Lunar, harmony,
Matt Pagan, dope457, George Kadianakis, Nick Mathewson, and
Roger Dingledine.
Want to continue reading TWN? Please help us create this newsletter.
We still need more volunteers to watch the Tor community and report
important news. Please see the project pageÂ[34], write down your
name and subscribe to the team mailing listÂ[35] if you want to
get involved!
[34]Âhttps://trac.torproject.org/projects/tor/wiki/TorWeeklyNews
[35]Âhttps://lists.torproject.org/cgi-bin/mailman/listinfo/news-team
Attachment:
signature.asc
Description: Digital signature
-- tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk