Unconfusing the Darknet

1ac2c4814bd15fef1f0bc108279042dd?s=47 nwokedi
August 02, 2016

Unconfusing the Darknet

Abstract:
When you hear the world “darknet,” what do you think of? I’ve found that if I ask 3 different people this question, I’ll get 3 different answers—all with different assumptions. Encountering this phenomena made me curious to find out the cause. And, the cause I came up with was (drum roll please): confusion. Big and small. Thus, to do my little part in righting this wrong, this presentation will walk through common misconceptions about the darknet (hopefully leaving attendees *less* confused :-).

Duration: ~17 minutes
Event: SF.rb
Date: August 2, 2016

1ac2c4814bd15fef1f0bc108279042dd?s=128

nwokedi

August 02, 2016
Tweet

Transcript

  1. UNCONFUSING THE DARKNET Nwokedi C. Idika, Ph.D.

  2. TOR IS THE DARKNET MISCONCEPTION 1

  3. DARKNET Anonymous Overlay Network

  4. ANONYMOUS “without a name” Pseudonymity + Unlinkability

  5. DARKNET ANONYMITY Unlinkability

  6. DARKNET Anonymous Overlay Network

  7. OVERLAY NETWORK “a network built on top of another”

  8. DARKNET Anonymous Overlay Network

  9. None
  10. WHICH TOR? Tor the Network The Tor Project 1990’s: Onion

    Routing 2002: Tor Project Development Begins 2004: “Tor: The Second-Generation Onion Router” 2006: 501(c)3 Official A collection of clients and volunteer-run servers Destination or Proxy Designed to protect privacy of ultimate source and destination IPs
  11. DARKNET Anonymous Overlay Network unlinkable source IP + destination IP

    Internet Tor
  12. TOR IS THE DARKNET MISCONCEPTION 1

  13. TOR IS AN EXAMPLE OF A DARKNET MISCONCEPTION 1 CORRECTION

  14. DARKNET IS DARK WEB IS DEEP WEB MISCONCEPTION 2

  15. WHEN I SEARCH FOR “WEB”

  16. WHEN I SEARCH FOR “INTERNET”

  17. TCP/IP MODEL Application Transport Internet Network Access INTERNET WEB

  18. DARKNET Provides an anonymity service HTTP servers that are findable

    and accessible through the Darknet DARK WEB Anything not indexed by “standard” Web crawlers DEEP WEB
  19. DARKNET IS DARK WEB IS DEEP WEB MISCONCEPTION 2

  20. DARKNET SERVES THE DARK WEB WHICH IS PART OF THE

    DEEP WEB MISCONCEPTION 2 CORRECTION
  21. TOR IS SECURE MISCONCEPTION 3

  22. None
  23. WHAT’S SECURITY

  24. WHAT’S SECURITY Mechanism Policy Adversary upholds in the presence of

  25. “Hello?” Adele Beyonce

  26. “Hello?” Adele Beyonce Adversary: Eddie Policy: Only Beyonce can interpret

    Adele’s messages Mechanism: Encryption
  27. None
  28. TOR Mechanism Policy Adversary upholds in the presence of Tor

    Protocol “frustrate attackers from linking communication partners, or from linking multiple communications to or from a single user” Goal: Traffic analysis (NOT confirmation attacks) Capabilities: Active/Passive (NO global view)
  29. PARTIAL SECURITY ANALYSIS Observing user traffic patterns End-to-end timing correlation

    “Observing a user’s connection will not reveal her destination or data, but it will reveal traffic patterns (both sent and received).” “Tor only minimally hides such correlations. An attacker watching patterns of traffic at the initiator and the responder will be able to confirm the correspondence with high probability.”
  30. TOR IS SECURE MISCONCEPTION 3

  31. TOR IS SECURE UNDER CAREFULLY CHOSEN ASSUMPTIONS MISCONCEPTION 3 CORRECTION

  32. TOR IS SECURE UNDER CAREFULLY CHOSEN ASSUMPTIONS DARKNET SERVES THE

    DARK WEB WHICH IS PART OF THE DEEP WEB TOR IS AN EXAMPLE OF A DARKNET ALL THE CORRECTIONS TWITTER: @NWOKEDI MEDIUM: MEDIUM.COM/@NWOKEDI