At the KWLUG meeting on October 3 2016 Nik Unger spoke to us about his work emulating the Tor network at UWaterloo as part of the Cryptography, Security, and Privacy (CrySP) Research Group.

• CrySP publishes and contributes to various software projects at https://crysp.uwaterloo.ca/software/
• Nik's research focuses on secure messaging and private web browsing
• he discussed the reasons why privacy is important
  • mentioned the counter-argument "If you have nothing to hide, you have nothing to fear"
  • however, there are many minor and incidental crimes (e.g., unknowingly buying a lobster which is little smaller than legal) which you could be guilty of
  • additional some rule break is necessary for social change. Many social and political changes we value could never have happend with perfect legal enforcement
  • privacy is a collective right as well as an individual right, where a perceived lack of privacy can chill speech and reduce individual autonomy
• Privacy Enhancing Technologies(PET)
• SSL/TLS protects communication content but not metadata
• an anonymity network, like Tor, is intended to provide metadata protection
  • protects the user from their ISP or man-in-the-middle attacks
  • can optionally:
  • protect the identity of the service provider
  • prevent 3rd parties from knowing Tor is being used
• the bigger an anonymity network is the better protection it provides
• there are other anonymity networks too:
  • VPN services
  • I2P, focused on web browsing
  • freenet, focused on storage
  • DC-nets, which are small and experimental
• Nik went through an explanation of a path through the Tor network which consists of 3 relays:
  • Guard (knows the user and the middle relay)
  • Middle (knows the guard and the exit)
  • Exit (knows the middle and the destination
• fewer relays provides obvious places for attack and more does not provide additional security

Virtualizing Tor for research

• researchers want to run modified Tor to collect data or test changes but changing the real network can put real users at risk
• Tor provides guidelines for research which suggestrs using virtual networks whenever possible
• using real nodes can be a problem if researchers bring up a large number of nodes without declaring their ownership, result in a Sybil attack on the network
• NetMirage is the project that Nik is currently working on
  • it is a C++ re-write of an older Tor virtualization system from CrySP, written in Python and Bash to improve performance
  • they found the performance bottle neck was actually the API for the Linux Kernel Namespaces
  • this is currently a hard problem in the kernel, and sovling might be a future part of their research
  • they choose not to use an existing python project called mininet because:
  • it was more complex then they needed
  • and does not communicate directly with the kernel API, which was a performance concern
• Linux Kernel Namespaces (manpage) provide the building blocks for containerization
  • NetMirage uses the network namespace only
• 500 node network is about the limit, due to the performance bottleneck during setup
• once the setup is complete performance is only limited by kernel packet handling, so it is pretty fast
• challenges they have encountered which building NetMirage include:
  • debugging is difficult because valgrind does not support the kernel namespaces
  • using name spaces requires using various kernel APIs which have different conventions