Placeholder Image

Subtitles section Play video

  • We've talked about Onion Routing and TOR, and

  • now i'd like to address the prickly subject of

  • hidden services, right? AKA the "dark web".

  • So Max has done a good video on the Dark Web,

  • and so you should definitely watch that one first,

  • so you know what it is. But it's quite a controversial topic,

  • because a lot of what happens on the Dark Web

  • is illegal, right? There's no two ways about it, that is true.

  • Some of it isn't, right, and a lot of what happens on TOR

  • in general--in fact the majority of what happens on TOR

  • in general, you know high Into the 90%

  • and that, and above--is perfectly fine, right?

  • it's just anonymous users browsing the web,

  • doing regular things but the TOR Hidden Services

  • are ones that the debate is about because

  • they're the ones where you sort of say

  • 'well, look, is it worth this bit of encryption?

  • Is it worth, you know, all the criminality that's on there and so on?'

  • So here's my Cloud--my TOR Cloud

  • and in essence, we've got lots of people going into

  • the network. lots of encrypted layers and things

  • happening, bouncing around, and then people

  • coming out of the network to servers, right?

  • Now the issue, from a security standpoint

  • Is what happens if There's someone Sniffing?

  • Here and

  • someone's Sniffing here

  • and They Can Correlate Traffic between the in and The out

  • and Work out what it is that I am Doing

  • Specifically Right then the whole Report the whole Point of Tor Which is Anonymization?

  • Has been defeated, Right? We already have encryption, so that isn't the point of talk,

  • that's just how, They do the anonymous communication

  • so the Dark web. or a hidden service to use the Proper Term, is

  • in Essence Where This server Moves inside this Cloud right so now We have a hidden service Running Inside this Cloud and

  • There is no B that's the Idea right so it Makes it very very difficult to find so there is Now a circuit that goes

  • Somewhere Between A

  • Around the Place

  • To this Hidden Service

  • and at no point has that left the network so there's no traffic correlation that can be done, Right?

  • All of these are just TOR sale messages that all look exacly the same.

  • Now, the way that TOR does this Is very very clever.

  • Euh, and I Look I will look into a little bit of detail on the protocol that it uses

  • But It's managed to form a

  • protocol where neither I nor the server

  • know who each other are, but we can still have a conversation which Is kind of nifty?

  • Okay

  • So then, let's start again with Onion routing

  • So, Onion routing is a protocol that could theoretically be implemented elsewhere.

  • There are other Mixing networks and things and other anonymization networks

  • But Hidden Services Is put predominately in the domain of TOR.

  • And TOR got the most users and the most nodes and it's the biggest and is in the News the most.

  • Let's Draw a little bit of a Network again, so

  • I shouldn't Have Drawn These Boxes Like This Because Now it takes me ages

  • So here's my server

  • Here's my Client and these

  • I'm Just going to Drawn with Boxes Because otherwise it's going to take far too long

  • These are Onion routers, so remember in normal Onion routing

  • The Client will Produce some

  • [Circuits] [or] some Hops and then they will Just Talk to the server but A server will be out on the normal Web Doing normal

  • Server Things

  • and won't be Anonymous what Hidden Services do Is

  • Anonymize This Server so they Allow Both the Server and The Client to talk to each other Despite the fact that

  • No One Knows who each other is Which Is quite Impressive

  • [Now] of Course if You then use [that] service Connection to Log in You're going to know you are but You get the idea

  • The Server Has To lay some Groundwork Down before A client Connects use a hidden Service Right so there's protocols in the Tor

  • Specification for doing This but [what] the server will do when they come online Is they will pick Three Onion Routers at Random and

  • Name Them as Introduction Points so let's Pick Them at Random now These are just normal Onion Routers They're very Likely to be Just doing

  • Regular

  • Normal Routing Tasks Like Circuits Through other Clients Into Servers and Things Some of These might be Exit Nodes

  • Entry Nodes and so on but As far as I know all Onion Routers Can, also act as

  • Introduction Points it's not A big Job [I] didn't Require A Huge Amount of Bandwidth the server will Make Connections

  • Circuits

  • to These introduction Points They've Either Full on tour Circuits with Three hops in Between Them the idea being That These introduction Points Know They're

  • Going to be introducing People to this server

  • But they don't know who it Is

  • Why it's Already the server is Hiding behind A layer of Anonymity here it will send Them a message to say I'd like you to

  • Act As an Introduction Point and Then

  • It will Create something Called A server Hidden Service Descriptor which I was [write] Down here that will Include the service Public key for

  • Occasion Purposes But I won't dwell on that Particularly but

  • Also Crucially the ip Addresses [of] These introduction Points Here Now These are all public Anyway they will Publicly Listed

  • Now it will Publish This Descriptor to something Called a Distributed hash Table that is to [Say] all [of] the Routers on Tor

  • will Hold Some in Some Part of the Information [on] all of These hidden Services

  • And the idea Is that if I try and Look up a hidden Service

  • The [Roots] Are Responsible for it will Give Me Back the Descriptor by including the Addresses

  • [Over] The Introduction Points Now the key for this Hash table is the Onion Address

  • Right so the Onion dress that Everyone Knows about

  • Is actually derived from the public key [of] this Server and Is in Essence the key but Gets

  • These ips Out of the Distributed hash table the whole Point of this Is [that] the Onion Address isn't publicized on the Global Tor Network

  • You Just find it other Ways like on A net

  • On an Internet or your friend tells you or?

  • in an Email or something like this the [Waiver] [the] Distributed hash Table Is

  • Programmed The vast Majority of Nodes Won't know what the description Is for A given Key I?

  • Only want more Probably or couple so there's an Inherent Security here it doesn't until Recently it's

  • Also Made it Quite difficult to Work at how Many Hidden services There were so this Is all set up now the server sits There

  • And Waits for [Internet] [Connections] [Or] People to ask for A, web web file Now

  • and These Onion Routers These ips the

  • Introduction Points Just sit There Being in Being normal Routed and Waiting here me I want to connect to this Hidden Service and Someone gave

  • Me the Onion Address so that's Really, what I need so what I do is I?

  • Request The descriptor off the hash Table and it gives it back that has the Three ip

  • And i pick one At random right let's Say This Top

  • One here what I'm going to do in Essence The Short Version

  • Is i'm going to ask this ip to Introduce me to a server and Then

  • We're Going to meet in The Middle at someone [debut] Point that's the idea so let's Work out How it Works

  • I'Ve Sort of run out of colors so i'm going to go?

  • Over the Orange Pen Here it's A bit bright I choose A

  • Rendezvous Point at Random and I create A [tour] Circuit to that Rendezvous Point Remember that Essentially all of These Arrows are the full

  • Connections This One has Two Hops on it not Three Because the Rendezvous Point is a third Hop

  • So it Goes on like this Now I send a message to the one 7-Point Saying I'd like you to Introduce me [to] the server

  • By This Introduction Point and I want you to send it the word

  • Cookie Right now that Could Be Any string [it's] not Important [the] point Is sort of like a One-Time Password Kind of Thing to verify

  • but no One Else has got Involved in This Conversation the Rendezvous Point Creates a circuit to this IP and sends it the Word Cookie it

  • Also sends its Own Address Because of Course this, doesn't know it because the Circuit and We [need] to be at a rendezvous Here

  • so this ip

  • Forwards The Cookie On to the Server and At this Point the Server Can Either Accept it and Decide to try and Make a Connection

  • Or do Nothing right so you Can Imagine a situation where Instead of A cookie Some kind of special Password

  • But you need to be able to connect to this Website and

  • The Server Just Does Nothing that's that's One Thing that Could happen right They Have an Authentication Token I think but at

  • This Point the Introduction Points Job is done There is no more

  • These Would be the serve Their Purpose all they do is Forward the Cookie [Onto] the server right

  • Bear in Mind, We don't know where it Is and

  • Eat the server Decides Whether it's going to connect

  • Let's Assume because Otherwise this will

  • Be a much Shorter Video that the server does want to talk said he to the Rendezvous Point so it creates

  • Another Circuit I don't know How Many 1 2 3 4 5 but at

  • [5] we've got [Six] Circuit right Across the Tor Network to the one David point Which is the cookie of The Wrong very Important Details

  • yes That Rendezvous Point Details will be

  • Well [it] be attached to the same message with the Cookie and yes Good Question now

  • The Server Sends The One They've Appoint A

  • Rendezvous Please Essentially Message [Weave] the Cookie in it and the Mod Labelled Point Looks at These Two cookies and Goes

  • Well I was requested of [One] They [blew] by this guy With this Cookie I've Received a Connection from some server

  • Also with the cookie They must be Talking About each other right that's the Idea it Could be doing Lots of on the Moves at

  • The Same Time With Different Cookies and it will then

  • Act as Just Another Hop on This Network and Connect These two up so this Comes over here like this and

  • This Comes Down Here and They Kind of get Bridged by this Rendezvous Point here Convened

  • On the Rendezvous Point [Acts] like A normal [Onion] mu 2 and Just decrypt Messages

  • Passes Them out the other Side like Always

  • so

  • for Anyone That's Sort of Lost count

  • There are at

  • Least six Hops here Right There Two intermediate Node on this Circuit then the Rendezvous Point in Three Intermediate Nodes on

  • This Circuit Right it's Just Part of the Protocol [that] There's only [Two] this Side that's Obviously going to be quite A lot slower than

  • Normal Talk These Could

  • Be all over the World like this it's going to Take quite a long Time

  • But There is no real Way of getting in on this Conversation

  • Right if You're Sniffing here or sniffing here all you're Seeing Is encrypted [tor] cells all of 512 bytes Long Jumping Around this Place

  • She's got, no Idea what any of Them are right very very difficult to track that's why, it's so difficult to find

  • Hidden Services okay Because They're Hidden yeah kind of the Point they, wouldn't Have Couldn't They?

  • [did] Something Else no they did in Term

  • They Didn't Name it Incorrectly to Say

  • Sometimes Were Vulnerabilities Found in The Protocol right or Compromised knows Which Allow Hidden Services to be Found this happened for example Silk Road -

  • But that's not [That] Common right and There's the bigger the Network Gets The more beautiful no Combinations are The heart of That Process Gets

  • Now as an Aside

  • Some Servers don't need Anonymity and this Many hops is too slow [all] right so they want to protect Their Clients but

  • They don't Care About but if People know who they are Facebook for example so Facebook Work

  • Foot-Tall Recently to Introduce Something Called Single Onion in That case the only Difference is the bit Server

  • Doesn't bother With These Three hops it just goes straight to the Rendezvous Point

  • Now That Obviously [Forgoes]

  • Servers Anonymity Because [The] One Living Point knows what it Is but it Takes a puppy

  • We know [Whether] servers are I think right so they don't mind about that Their Business Is protecting Their Customers

  • They don't Care but We know Where Their servers are so that's an Alternative and you it's quite A lot faster because you've Removed