0 00:00:00,000 --> 00:00:30,000 Dear viewer, these subtitles were generated by a machine via the service Trint and therefore are (very) buggy. If you are capable, please help us to create good quality subtitles: https://c3subtitles.de/talk/920 Thanks! 1 00:00:16,000 --> 00:00:18,129 So you all know tour, 2 00:00:18,130 --> 00:00:20,199 right? It's a really awesome 3 00:00:20,200 --> 00:00:22,329 tool for anonymous 4 00:00:22,330 --> 00:00:24,399 communication, but 5 00:00:24,400 --> 00:00:26,769 sometimes, sadly, it just 6 00:00:26,770 --> 00:00:29,319 doesn't work for the use case you have. 7 00:00:29,320 --> 00:00:31,059 Maybe you need more bandwidth or 8 00:00:31,060 --> 00:00:32,408 something. 9 00:00:32,409 --> 00:00:34,689 So this is what does talk but 10 00:00:34,690 --> 00:00:36,879 explore other other options 11 00:00:36,880 --> 00:00:39,039 in the realm of and not other 12 00:00:39,040 --> 00:00:41,109 anonymization networks. 13 00:00:41,110 --> 00:00:43,539 So we have Eric here now 14 00:00:45,760 --> 00:00:47,439 a little bit different from what was 15 00:00:47,440 --> 00:00:48,549 announced and the schedule. 16 00:00:48,550 --> 00:00:50,649 But this is Eric now 17 00:00:50,650 --> 00:00:53,139 and he will 18 00:00:53,140 --> 00:00:55,249 give a talk how Alice and Bob meet. 19 00:00:55,250 --> 00:00:57,259 If they don't like onions, please welcome 20 00:00:57,260 --> 00:00:58,260 him. 21 00:01:07,220 --> 00:01:10,039 Hi, my name is Eric. 22 00:01:10,040 --> 00:01:11,299 I welcome you to my talk. 23 00:01:12,620 --> 00:01:15,529 I'm from the University of Hamburg, 24 00:01:15,530 --> 00:01:17,649 from the group Security and Privacy, 25 00:01:17,650 --> 00:01:19,759 and we have a 26 00:01:19,760 --> 00:01:22,669 long tradition and researching and 27 00:01:22,670 --> 00:01:25,219 to anonymization networks, 28 00:01:25,220 --> 00:01:27,469 especially Germany, 29 00:01:27,470 --> 00:01:30,019 where my professor, Professor Faridabad, 30 00:01:30,020 --> 00:01:32,389 has some experience 31 00:01:32,390 --> 00:01:34,789 for about, let's say, 15 to 20 32 00:01:34,790 --> 00:01:35,779 years. 33 00:01:35,780 --> 00:01:37,909 So let's have a look at 34 00:01:37,910 --> 00:01:39,169 the agenda for 35 00:01:40,310 --> 00:01:42,439 this talk. First of all, we 36 00:01:42,440 --> 00:01:45,199 do some basics about anonymity 37 00:01:45,200 --> 00:01:48,589 and strategies to achieve anonymity. 38 00:01:48,590 --> 00:01:51,469 We look at different adversaries. 39 00:01:51,470 --> 00:01:53,659 And afterwards we have 40 00:01:53,660 --> 00:01:55,819 a look at the practical and 41 00:01:55,820 --> 00:01:57,829 anonymous communication networks, 42 00:01:58,880 --> 00:02:01,249 especially at the top, 43 00:02:01,250 --> 00:02:03,799 Freenet, Nonet and Rondonia. 44 00:02:03,800 --> 00:02:06,229 Afterwards, we only 45 00:02:06,230 --> 00:02:08,478 for a short period look into 46 00:02:08,479 --> 00:02:10,638 current research work and 47 00:02:10,639 --> 00:02:12,379 conclude to talk. 48 00:02:12,380 --> 00:02:14,400 So what is anonymity? 49 00:02:15,770 --> 00:02:18,169 Anonymity is the state 50 00:02:18,170 --> 00:02:20,239 that being is 51 00:02:20,240 --> 00:02:22,339 not identifiable within a 52 00:02:22,340 --> 00:02:24,709 certain set within a certain group. 53 00:02:24,710 --> 00:02:27,169 Then anonymity said, 54 00:02:27,170 --> 00:02:29,509 yeah, we see on the left 55 00:02:29,510 --> 00:02:31,609 side alleys and 56 00:02:31,610 --> 00:02:34,249 she is within anonymity 57 00:02:34,250 --> 00:02:36,459 said of us who said 58 00:02:36,460 --> 00:02:38,719 that traffic towards the anonymity 59 00:02:38,720 --> 00:02:41,179 of the ASEAN and 60 00:02:41,180 --> 00:02:42,919 Anonymous Communication Network. 61 00:02:44,740 --> 00:02:47,349 So the same as 62 00:02:47,350 --> 00:02:49,749 or the same as valid for 63 00:02:49,750 --> 00:02:51,819 he is within a send 64 00:02:51,820 --> 00:02:54,190 of potential recipients 65 00:02:55,510 --> 00:02:57,309 and therefore 66 00:02:58,510 --> 00:03:00,669 he also can achieve some recipient 67 00:03:00,670 --> 00:03:02,969 anonymity and then 68 00:03:02,970 --> 00:03:05,349 also the options that both 69 00:03:05,350 --> 00:03:07,869 sides of the HCN 70 00:03:07,870 --> 00:03:08,979 anonymous. 71 00:03:08,980 --> 00:03:11,769 In this case, we speak of 72 00:03:11,770 --> 00:03:13,210 recipient anonymity. 73 00:03:15,510 --> 00:03:17,999 So and there's 74 00:03:18,000 --> 00:03:20,459 also the property 75 00:03:20,460 --> 00:03:22,529 of unlink ability, 76 00:03:22,530 --> 00:03:24,989 which describes that 77 00:03:24,990 --> 00:03:27,269 there are some items of interest, 78 00:03:27,270 --> 00:03:29,399 which Atika 79 00:03:29,400 --> 00:03:30,509 is not able 80 00:03:31,620 --> 00:03:33,839 to sufficiently 81 00:03:33,840 --> 00:03:36,299 distinguish whether these two objects 82 00:03:36,300 --> 00:03:38,280 are linked or related to each other, 83 00:03:39,840 --> 00:03:43,019 because this relationship anonymity 84 00:03:43,020 --> 00:03:45,659 that the out the hat 85 00:03:45,660 --> 00:03:48,629 is not able to distinguish 86 00:03:48,630 --> 00:03:51,479 whether the messages which are 87 00:03:51,480 --> 00:03:54,269 sent by Ellis towards 88 00:03:54,270 --> 00:03:56,579 HCN and received 89 00:03:56,580 --> 00:03:58,829 by BOPE, whether these 90 00:03:58,830 --> 00:04:01,619 are related or not, in this case, 91 00:04:01,620 --> 00:04:03,539 they can be linked. 92 00:04:03,540 --> 00:04:05,879 But that's also the case that they 93 00:04:05,880 --> 00:04:06,880 cannot be linked 94 00:04:08,310 --> 00:04:10,649 and like 95 00:04:10,650 --> 00:04:13,079 this, that he can do some traffic 96 00:04:13,080 --> 00:04:15,329 analysis and 97 00:04:15,330 --> 00:04:17,398 tries to recognize patterns 98 00:04:17,399 --> 00:04:19,708 and the size of the packets on 99 00:04:19,709 --> 00:04:21,898 the timing of the packets, or 100 00:04:21,899 --> 00:04:24,299 like some aggregated 101 00:04:24,300 --> 00:04:26,220 measures like the 102 00:04:28,110 --> 00:04:30,600 bandwidth consumption of antirecession, 103 00:04:31,980 --> 00:04:34,229 one like from the content 104 00:04:34,230 --> 00:04:35,230 of the messages. 105 00:04:36,410 --> 00:04:38,639 So an 106 00:04:38,640 --> 00:04:40,829 important question when we talk 107 00:04:40,830 --> 00:04:42,959 about anonymity is 108 00:04:42,960 --> 00:04:43,980 who do you trust? 109 00:04:45,300 --> 00:04:47,399 And there are different 110 00:04:47,400 --> 00:04:49,170 strategies towards 111 00:04:50,280 --> 00:04:52,469 anonymity which try to 112 00:04:52,470 --> 00:04:53,609 establish trust. 113 00:04:55,690 --> 00:04:58,419 Like, for example, that is 114 00:04:58,420 --> 00:05:00,819 the strategy of covert traffic, 115 00:05:00,820 --> 00:05:02,319 that you send some 116 00:05:04,480 --> 00:05:06,549 random traffic to 117 00:05:06,550 --> 00:05:08,719 hide your real 118 00:05:08,720 --> 00:05:10,000 contender within 119 00:05:12,340 --> 00:05:15,449 quite successful broadcasting messages, 120 00:05:15,450 --> 00:05:17,649 that you send your message not to 121 00:05:17,650 --> 00:05:19,869 one recipient, but 122 00:05:19,870 --> 00:05:22,329 to a lot of recipients, but only 123 00:05:22,330 --> 00:05:24,669 the true recipient. 124 00:05:24,670 --> 00:05:26,859 Let's say Bob is able 125 00:05:26,860 --> 00:05:28,989 to decrypt the message and 126 00:05:30,640 --> 00:05:32,679 then you can also use a trusted third 127 00:05:32,680 --> 00:05:35,049 party, what is 128 00:05:35,050 --> 00:05:37,000 usually a VPN or a proxy. 129 00:05:38,050 --> 00:05:40,329 But you have to 130 00:05:40,330 --> 00:05:42,079 yeah, it depends on your trust model. 131 00:05:42,080 --> 00:05:44,050 If you are fine with trusting your VPN 132 00:05:45,640 --> 00:05:47,829 and then you can achieve some sort 133 00:05:47,830 --> 00:05:49,029 of anonymity this way. 134 00:05:50,230 --> 00:05:52,299 Then later on 135 00:05:52,300 --> 00:05:55,299 we will also have a slide for this, like 136 00:05:55,300 --> 00:05:57,459 the shuffling and delaying of message, 137 00:05:57,460 --> 00:05:59,709 which is done by mics 138 00:05:59,710 --> 00:06:01,819 or mixes with like 139 00:06:01,820 --> 00:06:04,389 an anonymous remailer. 140 00:06:04,390 --> 00:06:07,179 And there are different anonymity 141 00:06:07,180 --> 00:06:09,999 systems that try to distribute 142 00:06:10,000 --> 00:06:12,069 trust that you do not have to 143 00:06:12,070 --> 00:06:14,289 trust a single entity, but you 144 00:06:14,290 --> 00:06:16,479 can trust like different 145 00:06:16,480 --> 00:06:17,480 parties. 146 00:06:18,140 --> 00:06:20,289 And they do it by using 147 00:06:20,290 --> 00:06:22,599 secure multiparty computation. 148 00:06:22,600 --> 00:06:25,269 That is a cryptographic 149 00:06:25,270 --> 00:06:27,999 scheme which is used in 150 00:06:28,000 --> 00:06:29,709 the disinhibits. 151 00:06:29,710 --> 00:06:31,949 Systems for dining were first. 152 00:06:34,150 --> 00:06:36,309 And then a cascade of mixes 153 00:06:37,600 --> 00:06:39,759 which are quite 154 00:06:39,760 --> 00:06:41,230 typical, maybe we will see 155 00:06:42,460 --> 00:06:44,589 that later on and the onion routing and 156 00:06:44,590 --> 00:06:47,649 garlic routing, I'm going to 157 00:06:47,650 --> 00:06:50,499 show that also on an extra slide. 158 00:06:50,500 --> 00:06:52,569 So here we see 159 00:06:52,570 --> 00:06:54,629 the basic principle of 160 00:06:54,630 --> 00:06:55,630 one. 161 00:06:56,550 --> 00:06:58,629 We see that Charlie sends a 162 00:06:58,630 --> 00:07:01,059 message to what's the mix and 163 00:07:01,060 --> 00:07:03,669 sends two messages towards the mix. 164 00:07:03,670 --> 00:07:06,279 And they have a certain order. 165 00:07:06,280 --> 00:07:08,679 The order. It's like Charlie's 166 00:07:08,680 --> 00:07:11,079 message arrives the first 167 00:07:11,080 --> 00:07:13,239 and afterwards it's 168 00:07:13,240 --> 00:07:15,819 blue and orange one. 169 00:07:15,820 --> 00:07:18,189 And and the 170 00:07:18,190 --> 00:07:20,589 mix can have like a threshold 171 00:07:20,590 --> 00:07:23,349 that says, OK, I'm 172 00:07:23,350 --> 00:07:25,839 OK. I'm I'm only able to catch 173 00:07:25,840 --> 00:07:27,429 three messages. 174 00:07:27,430 --> 00:07:29,769 And then he shuffled 175 00:07:29,770 --> 00:07:30,770 the messages 176 00:07:31,930 --> 00:07:33,130 after the 177 00:07:34,210 --> 00:07:36,489 threshold shift and 178 00:07:36,490 --> 00:07:38,799 sends them out in a different 179 00:07:38,800 --> 00:07:40,509 order and different 180 00:07:42,160 --> 00:07:44,259 and and with 181 00:07:44,260 --> 00:07:45,260 some latency. 182 00:07:46,520 --> 00:07:48,369 So, yeah. 183 00:07:48,370 --> 00:07:50,649 And then check out who observes 184 00:07:50,650 --> 00:07:53,169 here. The left and the right side has 185 00:07:53,170 --> 00:07:55,539 some difficulties to link the 186 00:07:55,540 --> 00:07:57,690 messages with each other. 187 00:07:59,040 --> 00:08:01,479 And then onion routing 188 00:08:01,480 --> 00:08:03,550 is explained on this scheme. 189 00:08:04,750 --> 00:08:06,909 I think if you are quite familiar with 190 00:08:06,910 --> 00:08:09,099 Twilio, you might already know it. 191 00:08:09,100 --> 00:08:11,529 So you have the send 192 00:08:11,530 --> 00:08:14,199 and the receiver and 193 00:08:14,200 --> 00:08:16,809 it a message which is 194 00:08:16,810 --> 00:08:18,909 encrypted with three 195 00:08:18,910 --> 00:08:20,859 layers of encryption. 196 00:08:20,860 --> 00:08:22,989 And we will see 197 00:08:22,990 --> 00:08:25,719 three nodes and the HCN 198 00:08:25,720 --> 00:08:27,969 and the Peppin or 199 00:08:27,970 --> 00:08:30,399 the message is encrypted towards 200 00:08:30,400 --> 00:08:31,400 the purple 201 00:08:32,740 --> 00:08:34,719 node and the green note and the blue 202 00:08:34,720 --> 00:08:37,298 note. And then while 203 00:08:37,299 --> 00:08:38,299 the packet 204 00:08:40,929 --> 00:08:43,569 propagates through the HCN 205 00:08:43,570 --> 00:08:46,179 and single layers of encryption 206 00:08:46,180 --> 00:08:48,309 are removed by the nodes 207 00:08:48,310 --> 00:08:49,310 so that 208 00:08:50,500 --> 00:08:52,569 it's also getting the message 209 00:08:52,570 --> 00:08:53,570 as expected. 210 00:08:55,570 --> 00:08:58,179 So Garlick routing, 211 00:08:58,180 --> 00:09:00,479 which is used by Tuppy, 212 00:09:00,480 --> 00:09:02,289 it's bits. 213 00:09:03,340 --> 00:09:05,529 Yeah. And that's some parts 214 00:09:05,530 --> 00:09:07,719 in common with onion routing, but they're 215 00:09:07,720 --> 00:09:09,729 also quite some stuff different. 216 00:09:11,110 --> 00:09:13,269 So first of all, in comparison 217 00:09:13,270 --> 00:09:15,879 to the earlier slide, 218 00:09:15,880 --> 00:09:18,759 we have a peer to peer architecture. 219 00:09:18,760 --> 00:09:21,459 That means that Ellis 220 00:09:21,460 --> 00:09:23,529 wants to send a message, can 221 00:09:23,530 --> 00:09:25,419 also be used by other nodes 222 00:09:26,530 --> 00:09:28,719 to relay messages within 223 00:09:28,720 --> 00:09:30,189 the network. 224 00:09:30,190 --> 00:09:32,379 So she is actively 225 00:09:32,380 --> 00:09:34,090 taking part in the AC and 226 00:09:35,830 --> 00:09:37,959 then she has 227 00:09:37,960 --> 00:09:40,179 an outbound tunnel, which 228 00:09:40,180 --> 00:09:41,180 you see there 229 00:09:43,660 --> 00:09:45,429 with the blue lines 230 00:09:46,840 --> 00:09:50,109 and has an inbound tunnel. 231 00:09:50,110 --> 00:09:52,359 So so what we see 232 00:09:52,360 --> 00:09:55,049 is that these tunnels or change 233 00:09:55,050 --> 00:09:57,419 in that they are you need directional 234 00:09:57,420 --> 00:09:59,709 so messages can only go through in 235 00:09:59,710 --> 00:10:00,710 one direction 236 00:10:02,140 --> 00:10:03,140 and 237 00:10:04,570 --> 00:10:06,639 special for 238 00:10:06,640 --> 00:10:08,829 Galica encryption that 239 00:10:08,830 --> 00:10:12,009 messages can be bundled 240 00:10:12,010 --> 00:10:14,499 similar like a garlic clove 241 00:10:14,500 --> 00:10:16,929 where you have like multiple pots. 242 00:10:18,250 --> 00:10:20,529 And so alerts 243 00:10:20,530 --> 00:10:23,079 can enter and encrypt a message 244 00:10:23,080 --> 00:10:25,389 to Bob or like like multiple 245 00:10:25,390 --> 00:10:27,759 messages to Bob, which is 246 00:10:27,760 --> 00:10:30,629 after what saving some benefits 247 00:10:30,630 --> 00:10:33,069 were. When Bob's acknowledged 248 00:10:33,070 --> 00:10:35,289 that he received the message, it only has 249 00:10:35,290 --> 00:10:37,449 to send it for one time and not 250 00:10:37,450 --> 00:10:38,450 multiple times. 251 00:10:40,750 --> 00:10:42,939 So. And the black 252 00:10:42,940 --> 00:10:45,219 link then it's 253 00:10:45,220 --> 00:10:46,220 like, 254 00:10:47,710 --> 00:10:50,709 yeah, it's a connection between 255 00:10:50,710 --> 00:10:52,839 like Ellis 256 00:10:52,840 --> 00:10:55,599 Outbound Tunnel 257 00:10:55,600 --> 00:10:57,759 and Bob's inbound 258 00:10:57,760 --> 00:10:59,829 tunnel gateway that is 259 00:10:59,830 --> 00:11:01,839 like the first node of 260 00:11:03,130 --> 00:11:04,659 Bob's inbound tunnel. 261 00:11:04,660 --> 00:11:06,009 And this node 262 00:11:07,690 --> 00:11:09,849 actually does not know 263 00:11:09,850 --> 00:11:12,219 the real identity 264 00:11:12,220 --> 00:11:14,099 or the real address of Bob. 265 00:11:14,100 --> 00:11:16,179 And she only knows his 266 00:11:16,180 --> 00:11:18,309 inbound gateway, which is 267 00:11:18,310 --> 00:11:20,529 the first node of 268 00:11:20,530 --> 00:11:21,759 the tunnel. 269 00:11:21,760 --> 00:11:24,009 And between then, these 270 00:11:24,010 --> 00:11:26,109 notes of the tunnel and also 271 00:11:26,110 --> 00:11:28,390 onion onion encryption used. 272 00:11:30,430 --> 00:11:32,499 So let's have a look 273 00:11:32,500 --> 00:11:33,580 at the adversaries, 274 00:11:34,810 --> 00:11:37,239 I think maybe you also know 275 00:11:37,240 --> 00:11:40,209 them from your computer science class 276 00:11:40,210 --> 00:11:42,699 so that their 277 00:11:42,700 --> 00:11:45,129 external adversary, who 278 00:11:45,130 --> 00:11:47,259 is not taking part in the network, I 279 00:11:47,260 --> 00:11:49,419 can only observe the traffic 280 00:11:49,420 --> 00:11:51,090 which is going through. 281 00:11:52,760 --> 00:11:55,419 Then we have the internal adversary 282 00:11:55,420 --> 00:11:57,549 which is able to 283 00:11:57,550 --> 00:12:00,459 get that knowledge from the network, 284 00:12:00,460 --> 00:12:03,099 which is participating in some 285 00:12:03,100 --> 00:12:06,339 encryption keys or 286 00:12:06,340 --> 00:12:07,690 whatever he has access to. 287 00:12:08,810 --> 00:12:11,499 And he also 288 00:12:11,500 --> 00:12:13,719 knows which messages 289 00:12:13,720 --> 00:12:16,419 are forwarding that this way. 290 00:12:16,420 --> 00:12:17,420 So. 291 00:12:18,570 --> 00:12:21,649 Then we have to passive adversary, 292 00:12:21,650 --> 00:12:23,869 which is just looking at 293 00:12:23,870 --> 00:12:26,359 the things which are passing by and 294 00:12:26,360 --> 00:12:29,119 we have to act of adversary, which 295 00:12:29,120 --> 00:12:31,309 is able to modify 296 00:12:31,310 --> 00:12:34,039 things like he can delete messages, 297 00:12:34,040 --> 00:12:36,859 you can modify them 298 00:12:36,860 --> 00:12:38,989 or send additional 299 00:12:38,990 --> 00:12:39,990 messages, 300 00:12:41,340 --> 00:12:44,029 and then we have to local adversary, 301 00:12:44,030 --> 00:12:46,459 which is only present 302 00:12:46,460 --> 00:12:47,460 in a small 303 00:12:48,860 --> 00:12:50,869 part of the network. 304 00:12:50,870 --> 00:12:52,939 Well, we have a global adversary 305 00:12:52,940 --> 00:12:53,940 which is 306 00:12:55,250 --> 00:12:57,589 controlling the entire network. 307 00:12:57,590 --> 00:13:00,499 Often we use global 308 00:13:00,500 --> 00:13:02,599 passive observer, which 309 00:13:02,600 --> 00:13:04,789 is like observing all the 310 00:13:04,790 --> 00:13:06,979 traffic which is 311 00:13:06,980 --> 00:13:08,389 flowing within the network. 312 00:13:10,550 --> 00:13:12,799 OK, now let's go to the interesting 313 00:13:12,800 --> 00:13:14,329 part of the talk. 314 00:13:14,330 --> 00:13:15,330 So 315 00:13:16,730 --> 00:13:17,730 then 316 00:13:18,890 --> 00:13:21,289 how did we select 317 00:13:21,290 --> 00:13:22,820 the networks which 318 00:13:24,000 --> 00:13:26,329 which we surveyed? 319 00:13:26,330 --> 00:13:28,579 Like we had a look at 320 00:13:28,580 --> 00:13:31,429 what is there, and we noted 321 00:13:31,430 --> 00:13:33,529 on notice that there are a lot 322 00:13:33,530 --> 00:13:35,929 of things which are either 323 00:13:35,930 --> 00:13:37,669 not implemented or they are not 324 00:13:37,670 --> 00:13:39,349 functioning well. 325 00:13:39,350 --> 00:13:41,419 And they are simply it's 326 00:13:41,420 --> 00:13:43,639 not practical to use them. 327 00:13:43,640 --> 00:13:45,739 And we noticed 328 00:13:45,740 --> 00:13:48,289 that there are four networks 329 00:13:48,290 --> 00:13:50,479 which accept 330 00:13:50,480 --> 00:13:52,729 from their foreign networks, which 331 00:13:52,730 --> 00:13:55,009 are quite, 332 00:13:55,010 --> 00:13:56,059 quite easy to use, 333 00:13:57,380 --> 00:13:58,969 and that they have some active 334 00:13:58,970 --> 00:14:01,099 development, which are name 335 00:14:01,100 --> 00:14:04,129 Freenet Kunhardt and I Tuppy. 336 00:14:04,130 --> 00:14:05,869 And later on. 337 00:14:05,870 --> 00:14:08,069 Yeah, and for 338 00:14:08,070 --> 00:14:10,009 the research project, we just 339 00:14:11,030 --> 00:14:13,099 thought, OK, what might be interesting 340 00:14:13,100 --> 00:14:15,289 that there actually too many of them and 341 00:14:15,290 --> 00:14:17,509 then we just picked some 342 00:14:17,510 --> 00:14:18,590 of which seem 343 00:14:19,670 --> 00:14:21,499 to be interesting to you. 344 00:14:21,500 --> 00:14:22,500 So 345 00:14:24,080 --> 00:14:26,149 first of all, let's 346 00:14:26,150 --> 00:14:28,579 have a look at HP at 347 00:14:28,580 --> 00:14:31,279 its low latency, 348 00:14:31,280 --> 00:14:33,769 low latency peer to peer network 349 00:14:33,770 --> 00:14:36,409 with approximately 350 00:14:36,410 --> 00:14:38,509 seventy thousand nodes in 351 00:14:38,510 --> 00:14:40,639 comparison to the TOR relates 352 00:14:40,640 --> 00:14:43,009 to has around about seven thousand 353 00:14:43,010 --> 00:14:44,010 nodes. 354 00:14:44,390 --> 00:14:46,459 And I. 355 00:14:46,460 --> 00:14:48,669 Tuppy, so it's 356 00:14:48,670 --> 00:14:51,139 regarding the nodes and every 357 00:14:51,140 --> 00:14:53,269 relay or every year or 358 00:14:53,270 --> 00:14:55,070 so like a node in this case. 359 00:14:56,510 --> 00:14:58,909 Yeah, it's larger about 360 00:14:58,910 --> 00:15:01,879 Tor in general has more users, 361 00:15:01,880 --> 00:15:04,019 a few millions 362 00:15:04,020 --> 00:15:05,020 and per day. 363 00:15:06,260 --> 00:15:08,479 So I 364 00:15:08,480 --> 00:15:10,759 Tuppy, that's a focus 365 00:15:10,760 --> 00:15:11,960 on hidden services. 366 00:15:13,310 --> 00:15:15,859 So it's not intended to use 367 00:15:15,860 --> 00:15:17,989 like legacy internet 368 00:15:17,990 --> 00:15:20,090 like you are not 369 00:15:21,880 --> 00:15:24,139 that there are a few out proxies so 370 00:15:24,140 --> 00:15:26,389 you can access some normal 371 00:15:26,390 --> 00:15:28,549 websites which like 372 00:15:28,550 --> 00:15:30,499 Takasawa or whatever, 373 00:15:31,610 --> 00:15:34,039 but actually it's not intended 374 00:15:34,040 --> 00:15:36,139 to be used in that way. 375 00:15:36,140 --> 00:15:39,149 So typical HP applications, 376 00:15:39,150 --> 00:15:41,720 a peer to peer applications, which 377 00:15:43,010 --> 00:15:45,289 includes like file sharing 378 00:15:45,290 --> 00:15:46,290 and BitTorrent 379 00:15:47,600 --> 00:15:50,029 web browsing, then 380 00:15:50,030 --> 00:15:52,459 email, instant messaging, IAC 381 00:15:52,460 --> 00:15:53,460 and search. 382 00:15:54,860 --> 00:15:57,019 The community of HP is quite 383 00:15:57,020 --> 00:15:59,449 active and then they released 384 00:15:59,450 --> 00:16:01,699 during the last year like every 385 00:16:01,700 --> 00:16:03,940 two every three months and. 386 00:16:05,470 --> 00:16:06,619 And you release. 387 00:16:08,480 --> 00:16:10,759 So here we see how 388 00:16:10,760 --> 00:16:13,549 Alice and Bob are meeting 389 00:16:13,550 --> 00:16:16,099 on ITP here, 390 00:16:16,100 --> 00:16:18,469 this pass the north 391 00:16:18,470 --> 00:16:20,449 of the tunnel. 392 00:16:20,450 --> 00:16:22,629 And it's not necessary 393 00:16:22,630 --> 00:16:24,829 that they are just three notes. 394 00:16:24,830 --> 00:16:27,139 Actually, everybody 395 00:16:27,140 --> 00:16:30,409 can decide how many notes 396 00:16:30,410 --> 00:16:33,499 he wants to have or she wants to have. 397 00:16:33,500 --> 00:16:34,690 So we see 398 00:16:35,780 --> 00:16:38,449 and this is the size of the bar shows 399 00:16:38,450 --> 00:16:40,699 you where the encryption layer 400 00:16:40,700 --> 00:16:42,739 is removed or 401 00:16:43,850 --> 00:16:46,489 added. So we see that the outbound tunnel 402 00:16:46,490 --> 00:16:49,159 removes encryption layers, 403 00:16:49,160 --> 00:16:51,589 the inbound tunnel again at 404 00:16:51,590 --> 00:16:52,590 them. 405 00:16:53,420 --> 00:16:55,489 And we see that for garlick 406 00:16:55,490 --> 00:16:58,879 routing, we need like two 407 00:16:58,880 --> 00:16:59,880 to 408 00:17:01,430 --> 00:17:03,679 three lengths of 409 00:17:03,680 --> 00:17:05,749 like every participant needs 410 00:17:05,750 --> 00:17:07,939 at least two tunnels, one inbound tunnel 411 00:17:07,940 --> 00:17:10,969 and one outbound tunnel for a successful 412 00:17:10,970 --> 00:17:13,759 communication similar to 413 00:17:13,760 --> 00:17:16,159 the lifetime of a tunnel. 414 00:17:16,160 --> 00:17:18,469 It's limited or 415 00:17:18,470 --> 00:17:20,689 both limiting the lifetime to 10 416 00:17:20,690 --> 00:17:21,690 minutes. 417 00:17:23,119 --> 00:17:26,269 So I to be 418 00:17:26,270 --> 00:17:28,399 how does it solve the 419 00:17:28,400 --> 00:17:29,450 bootstrapping problem 420 00:17:30,560 --> 00:17:33,319 and puts Peer-to-peer networks 421 00:17:33,320 --> 00:17:35,689 have a problem of 422 00:17:35,690 --> 00:17:38,359 how they find out who's 423 00:17:38,360 --> 00:17:40,639 already participating and the 424 00:17:40,640 --> 00:17:41,959 network. 425 00:17:41,960 --> 00:17:44,149 So I 426 00:17:44,150 --> 00:17:46,319 took P and also Freenet and Lunette, 427 00:17:46,320 --> 00:17:48,379 which we will investigate later. 428 00:17:48,380 --> 00:17:50,989 And they use they download 429 00:17:50,990 --> 00:17:51,990 a public source 430 00:17:53,150 --> 00:17:55,939 which is hardcoded in the software 431 00:17:55,940 --> 00:17:58,099 and they don't load 432 00:17:58,100 --> 00:18:00,409 some active list of 433 00:18:00,410 --> 00:18:01,520 some active piercey. 434 00:18:03,650 --> 00:18:05,209 And afterwards, 435 00:18:07,130 --> 00:18:08,960 yeah. And afterwards they can 436 00:18:10,250 --> 00:18:12,439 take part in the network. 437 00:18:12,440 --> 00:18:14,689 Then special about it 438 00:18:14,690 --> 00:18:17,389 appears that every node 439 00:18:17,390 --> 00:18:19,579 collects a local statistic 440 00:18:19,580 --> 00:18:21,019 about all the other nodes, 441 00:18:23,720 --> 00:18:26,539 which is used 442 00:18:26,540 --> 00:18:28,669 later when he wants to 443 00:18:28,670 --> 00:18:31,329 build his or her tunnel, 444 00:18:31,330 --> 00:18:32,330 and that 445 00:18:33,860 --> 00:18:36,169 yeah, he can choose to 446 00:18:36,170 --> 00:18:39,019 just use the reperforming nodes 447 00:18:39,020 --> 00:18:41,029 to establish his tunnel. 448 00:18:41,030 --> 00:18:43,189 Then beside the inbound and outbound 449 00:18:43,190 --> 00:18:45,019 tunnel, there are also exploratory 450 00:18:45,020 --> 00:18:47,119 tunnels used and I took 451 00:18:47,120 --> 00:18:48,369 P which 452 00:18:49,560 --> 00:18:51,649 which have the purpose to build, manage 453 00:18:51,650 --> 00:18:53,989 and destroy the other tunnels so 454 00:18:53,990 --> 00:18:56,720 that this can be done anonymously 455 00:18:58,520 --> 00:19:01,789 and it's being done by 456 00:19:01,790 --> 00:19:04,069 sending tunnel construction request 457 00:19:04,070 --> 00:19:06,229 over the exploratory tunnel. 458 00:19:06,230 --> 00:19:08,539 And then if 459 00:19:08,540 --> 00:19:10,849 it accepts to take part 460 00:19:10,850 --> 00:19:13,099 in this tunnel, then symmetric 461 00:19:13,100 --> 00:19:14,869 keys are exchanged. 462 00:19:14,870 --> 00:19:17,149 And after and 463 00:19:17,150 --> 00:19:19,369 I found the success 464 00:19:19,370 --> 00:19:21,799 of this note, 465 00:19:21,800 --> 00:19:22,800 she can 466 00:19:23,940 --> 00:19:25,730 ascend to this 467 00:19:26,810 --> 00:19:29,929 node, the successor address 468 00:19:29,930 --> 00:19:31,339 for the tunnel. 469 00:19:31,340 --> 00:19:33,469 So how does a let's 470 00:19:33,470 --> 00:19:35,589 get the contact information of Bob? 471 00:19:36,770 --> 00:19:38,839 And there 472 00:19:38,840 --> 00:19:40,909 is and there are 473 00:19:40,910 --> 00:19:43,219 two data, especially to data 474 00:19:43,220 --> 00:19:45,949 structures from 475 00:19:45,950 --> 00:19:48,019 an HP, which is 476 00:19:48,020 --> 00:19:50,240 the router info and the least set 477 00:19:51,980 --> 00:19:54,319 the router for information 478 00:19:54,320 --> 00:19:57,049 about HP, where 479 00:19:57,050 --> 00:19:59,149 the public key is safe to identify 480 00:19:59,150 --> 00:20:01,489 as a safe. The contact information 481 00:20:01,490 --> 00:20:03,729 like the inbound 482 00:20:03,730 --> 00:20:05,599 internal gateway are safe there. 483 00:20:07,220 --> 00:20:09,949 And the list that is used 484 00:20:09,950 --> 00:20:12,079 when you operate a 485 00:20:12,080 --> 00:20:14,899 service with an eye to a hidden service 486 00:20:14,900 --> 00:20:17,329 and then you can publish 487 00:20:17,330 --> 00:20:19,759 this inbound 488 00:20:19,760 --> 00:20:20,760 address. 489 00:20:22,160 --> 00:20:24,349 Yeah, which I call this that. 490 00:20:24,350 --> 00:20:25,789 And this information is 491 00:20:28,160 --> 00:20:30,949 collected by SuperPower's 492 00:20:30,950 --> 00:20:32,119 flatfooted. 493 00:20:32,120 --> 00:20:35,209 Say I called and I took P and 494 00:20:35,210 --> 00:20:37,459 yeah, this is a distributed hash 495 00:20:37,460 --> 00:20:40,189 table, the network database 496 00:20:40,190 --> 00:20:41,190 on that DB. 497 00:20:43,190 --> 00:20:45,679 So I had to 498 00:20:45,680 --> 00:20:47,959 protect the information which 499 00:20:49,400 --> 00:20:52,849 operates a certain service 500 00:20:52,850 --> 00:20:55,339 and with some previous knowledge 501 00:20:55,340 --> 00:20:57,949 about Bob let's say as well, 502 00:20:57,950 --> 00:21:00,259 and you can contact him 503 00:21:01,340 --> 00:21:03,799 by his Lisetta or you know, some 504 00:21:03,800 --> 00:21:05,929 like his identifier and then you can 505 00:21:05,930 --> 00:21:07,559 request that. 506 00:21:07,560 --> 00:21:10,199 TB and contact him, 507 00:21:10,200 --> 00:21:12,359 so let's have a look at 508 00:21:12,360 --> 00:21:13,360 Freenet, 509 00:21:14,580 --> 00:21:16,139 Freenet, it's also a peer to peer 510 00:21:16,140 --> 00:21:17,579 network. 511 00:21:17,580 --> 00:21:18,809 It's smaller. 512 00:21:18,810 --> 00:21:21,149 It has around about ten thousand 513 00:21:21,150 --> 00:21:23,579 nodes and it's 514 00:21:23,580 --> 00:21:26,279 focuses on distributed information, 515 00:21:26,280 --> 00:21:28,589 information storage. 516 00:21:28,590 --> 00:21:31,139 So it's actively developed 517 00:21:31,140 --> 00:21:33,689 since 2001. 518 00:21:33,690 --> 00:21:36,069 And then there is an 519 00:21:36,070 --> 00:21:38,129 optional friend to friend to 520 00:21:38,130 --> 00:21:39,779 topology so 521 00:21:41,940 --> 00:21:44,199 you can decide whether 522 00:21:44,200 --> 00:21:45,869 you only trust your friends. 523 00:21:45,870 --> 00:21:49,109 And and it's like a whitelist, 524 00:21:49,110 --> 00:21:51,359 the wireless to which 525 00:21:51,360 --> 00:21:53,249 you want to connect. 526 00:21:55,080 --> 00:21:58,119 And typical applications for Freenet 527 00:21:58,120 --> 00:21:59,009 storage. 528 00:21:59,010 --> 00:22:02,129 Static Web page set to email social. 529 00:22:02,130 --> 00:22:03,089 Yeah. 530 00:22:03,090 --> 00:22:05,219 So let's have a look at how 531 00:22:05,220 --> 00:22:06,669 lsm media. 532 00:22:06,670 --> 00:22:09,119 We see that there are no 533 00:22:09,120 --> 00:22:11,219 tunnels and there's 534 00:22:11,220 --> 00:22:13,799 also no encryption involved. 535 00:22:13,800 --> 00:22:14,849 And Freenet. 536 00:22:14,850 --> 00:22:15,850 So 537 00:22:16,980 --> 00:22:18,719 it's like this. 538 00:22:18,720 --> 00:22:21,299 Let's ask a neighbor 539 00:22:21,300 --> 00:22:24,569 for certain information and 540 00:22:24,570 --> 00:22:25,570 the neighbor 541 00:22:26,970 --> 00:22:29,129 like um so she has 542 00:22:29,130 --> 00:22:31,409 a key for information she is 543 00:22:31,410 --> 00:22:33,779 looking for and 544 00:22:33,780 --> 00:22:36,389 then the neighbor 545 00:22:36,390 --> 00:22:38,489 does not and this case doesn't have 546 00:22:38,490 --> 00:22:40,559 the information and the neighbor as 547 00:22:40,560 --> 00:22:41,999 his next neighbor. 548 00:22:42,000 --> 00:22:44,129 But this neighbor has the information 549 00:22:44,130 --> 00:22:46,319 and the neighbor replies, no, I don't 550 00:22:46,320 --> 00:22:47,969 have this information. 551 00:22:47,970 --> 00:22:50,489 And then again, 552 00:22:50,490 --> 00:22:51,490 the 553 00:22:52,720 --> 00:22:55,049 the next 554 00:22:55,050 --> 00:22:57,089 notes are asked. 555 00:22:57,090 --> 00:22:58,950 And here 556 00:23:00,260 --> 00:23:02,529 we see finally after we follow 557 00:23:02,530 --> 00:23:05,519 all the links, we see that Bob 558 00:23:05,520 --> 00:23:08,129 was the only one who replied that 559 00:23:08,130 --> 00:23:10,049 he had this information. 560 00:23:10,050 --> 00:23:12,509 And with number 10, 561 00:23:12,510 --> 00:23:15,419 he is sending this information 562 00:23:15,420 --> 00:23:17,729 towards Ellis' and he's not sending 563 00:23:17,730 --> 00:23:19,979 this information directly, but 564 00:23:19,980 --> 00:23:22,139 he's sending us this 565 00:23:22,140 --> 00:23:24,719 about the dark matter and the green 566 00:23:24,720 --> 00:23:25,720 note. 567 00:23:26,730 --> 00:23:28,859 And what is 568 00:23:28,860 --> 00:23:29,860 special about 569 00:23:31,020 --> 00:23:33,269 Freenet. You might assume, OK, 570 00:23:33,270 --> 00:23:34,919 this is rather ineffective. 571 00:23:34,920 --> 00:23:37,379 It would be much more effective 572 00:23:37,380 --> 00:23:40,079 if you would send it straight to Alice. 573 00:23:40,080 --> 00:23:42,419 But this is also a plausible 574 00:23:42,420 --> 00:23:43,319 deniability. 575 00:23:43,320 --> 00:23:45,269 It's a shift that, 576 00:23:47,430 --> 00:23:48,869 like the dark red node 577 00:23:50,850 --> 00:23:53,199 network, like 578 00:23:53,200 --> 00:23:55,709 it's a he also gets 579 00:23:55,710 --> 00:23:57,509 the information and 580 00:23:59,010 --> 00:24:00,010 then. 581 00:24:01,910 --> 00:24:04,159 You have one, Atika, it's 582 00:24:04,160 --> 00:24:06,019 more difficult to decide, OK? 583 00:24:06,020 --> 00:24:08,239 Where did this information come 584 00:24:08,240 --> 00:24:10,429 from and where did it has been sent 585 00:24:10,430 --> 00:24:11,789 to since? 586 00:24:11,790 --> 00:24:14,719 Also, a lot of other 587 00:24:14,720 --> 00:24:17,089 notes are getting this information. 588 00:24:17,090 --> 00:24:19,969 The anonymity said, 589 00:24:19,970 --> 00:24:22,400 like the potential recipients 590 00:24:23,450 --> 00:24:25,759 in this way increased 591 00:24:25,760 --> 00:24:28,669 and and 592 00:24:28,670 --> 00:24:30,980 this peer-to-peer network does, 593 00:24:32,390 --> 00:24:35,449 and that distributed information storage. 594 00:24:35,450 --> 00:24:38,149 And if you request information 595 00:24:38,150 --> 00:24:40,369 and it was the 596 00:24:40,370 --> 00:24:42,619 reply as successful, then 597 00:24:42,620 --> 00:24:45,169 the notes on the green part, 598 00:24:45,170 --> 00:24:47,359 that they are cashing that information 599 00:24:49,130 --> 00:24:51,399 so that when else 600 00:24:51,400 --> 00:24:54,229 for the next time ask, 601 00:24:54,230 --> 00:24:56,479 for example, the green note. 602 00:24:56,480 --> 00:24:58,139 Do you have this information? 603 00:24:58,140 --> 00:25:00,499 Then this note can already serve 604 00:25:00,500 --> 00:25:01,759 this information. 605 00:25:01,760 --> 00:25:03,979 And by this method, 606 00:25:03,980 --> 00:25:06,139 this information which 607 00:25:06,140 --> 00:25:08,839 is once sent 608 00:25:08,840 --> 00:25:11,929 to the Freenet, it's 609 00:25:11,930 --> 00:25:14,329 like censorship resistant, 610 00:25:14,330 --> 00:25:16,430 cached by the notes and 611 00:25:17,900 --> 00:25:20,059 like and it would be the 612 00:25:20,060 --> 00:25:22,369 publisher. He would have no option 613 00:25:22,370 --> 00:25:24,439 to delete this message after 614 00:25:24,440 --> 00:25:26,599 what messages are 615 00:25:26,600 --> 00:25:28,789 only deleted like if they 616 00:25:28,790 --> 00:25:31,129 are if they are too old, 617 00:25:31,130 --> 00:25:33,559 but when they have not been requested 618 00:25:33,560 --> 00:25:34,939 for a long time. 619 00:25:34,940 --> 00:25:37,399 And so the cache 620 00:25:37,400 --> 00:25:39,589 and they are removed from the cache 621 00:25:41,420 --> 00:25:43,729 and each node in the Freenet 622 00:25:43,730 --> 00:25:47,089 provides a few gigabyte 623 00:25:47,090 --> 00:25:49,549 roundabout and talk to 624 00:25:49,550 --> 00:25:51,619 the network to store 625 00:25:51,620 --> 00:25:52,620 such information. 626 00:25:53,870 --> 00:25:56,239 It is very similar 627 00:25:56,240 --> 00:25:57,240 to Freenet, 628 00:25:59,560 --> 00:26:02,329 but that there's also 629 00:26:02,330 --> 00:26:05,509 some pattern that a new net foundation, 630 00:26:05,510 --> 00:26:08,089 which also intends to 631 00:26:08,090 --> 00:26:10,349 develop an alternative network 632 00:26:10,350 --> 00:26:12,589 stack where you 633 00:26:12,590 --> 00:26:15,739 also have this Oppikoppi architecture 634 00:26:15,740 --> 00:26:17,269 topology. 635 00:26:17,270 --> 00:26:19,759 So the primary 636 00:26:19,760 --> 00:26:21,829 application of net is also 637 00:26:21,830 --> 00:26:24,079 for storage and sharing. 638 00:26:24,080 --> 00:26:25,910 It's similar to Freenet, 639 00:26:27,470 --> 00:26:29,719 but has an economically inspired 640 00:26:29,720 --> 00:26:30,720 trust model. 641 00:26:31,580 --> 00:26:33,559 So Relais is 642 00:26:34,850 --> 00:26:35,850 a can 643 00:26:36,950 --> 00:26:37,950 can 644 00:26:39,470 --> 00:26:41,929 decide whether they want to forward 645 00:26:41,930 --> 00:26:44,029 a message two to one 646 00:26:44,030 --> 00:26:46,159 node or to multiple nodes, 647 00:26:46,160 --> 00:26:48,409 and also the option 648 00:26:48,410 --> 00:26:50,479 to trade anonymity versus 649 00:26:50,480 --> 00:26:53,239 efficiency identical 650 00:26:53,240 --> 00:26:55,399 to Freenet that also 651 00:26:55,400 --> 00:26:57,919 the friend to friend option 652 00:26:57,920 --> 00:27:00,469 available where you only trust 653 00:27:00,470 --> 00:27:01,809 the friends you already know. 654 00:27:03,560 --> 00:27:05,629 So have a look at how 655 00:27:05,630 --> 00:27:06,630 this works. 656 00:27:07,280 --> 00:27:09,559 Yeah, we say 657 00:27:09,560 --> 00:27:11,949 see that a little 658 00:27:11,950 --> 00:27:14,059 sending request to the 659 00:27:14,060 --> 00:27:16,159 purple node and the purple 660 00:27:16,160 --> 00:27:18,649 node like 661 00:27:18,650 --> 00:27:21,449 this is a 662 00:27:21,450 --> 00:27:23,629 pink link, the pink 663 00:27:23,630 --> 00:27:25,999 link and the spot 664 00:27:26,000 --> 00:27:28,099 and that she she is sending a 665 00:27:28,100 --> 00:27:29,899 request to the purple node. 666 00:27:29,900 --> 00:27:32,029 The purple node for what 667 00:27:32,030 --> 00:27:34,069 this request to the orange node 668 00:27:36,080 --> 00:27:38,509 and what the purple note that 669 00:27:38,510 --> 00:27:40,579 is that he replaced 670 00:27:40,580 --> 00:27:43,189 the reply address, which is 671 00:27:43,190 --> 00:27:45,469 sent to her own address 672 00:27:45,470 --> 00:27:48,199 at the reply address by 673 00:27:48,200 --> 00:27:50,569 the address of the purple node. 674 00:27:51,620 --> 00:27:53,960 We see that the orange node, 675 00:27:55,460 --> 00:27:56,689 it's not doing this. 676 00:27:56,690 --> 00:27:59,689 And this is why the link is 677 00:27:59,690 --> 00:28:00,690 purple. 678 00:28:01,910 --> 00:28:04,009 He does not touch 679 00:28:04,010 --> 00:28:04,999 the reply address. 680 00:28:05,000 --> 00:28:07,669 And so but that does 681 00:28:07,670 --> 00:28:09,889 send the message not to 682 00:28:09,890 --> 00:28:12,049 the orange node, but to 683 00:28:12,050 --> 00:28:13,009 the purple node. 684 00:28:13,010 --> 00:28:14,570 And in this way 685 00:28:16,190 --> 00:28:17,349 we have one 686 00:28:19,160 --> 00:28:20,509 we have from one 687 00:28:21,650 --> 00:28:23,189 one node less. 688 00:28:23,190 --> 00:28:26,419 And this path and 689 00:28:26,420 --> 00:28:28,549 this way we can trade 690 00:28:28,550 --> 00:28:31,160 anonymity for this efficiency. 691 00:28:32,450 --> 00:28:35,419 So generally 692 00:28:35,420 --> 00:28:37,250 it's another network. 693 00:28:38,300 --> 00:28:40,939 It focuses on 694 00:28:40,940 --> 00:28:43,159 the Internet so that there are no hidden 695 00:28:43,160 --> 00:28:45,370 services available within Germany, 696 00:28:46,500 --> 00:28:49,039 Germany, also known as Chavanel 697 00:28:49,040 --> 00:28:52,119 Proxy or the map, and 698 00:28:52,120 --> 00:28:55,339 has been research by the project. 699 00:28:55,340 --> 00:28:56,340 So 700 00:28:57,620 --> 00:28:59,689 and it's a mixed 701 00:28:59,690 --> 00:29:01,799 base. ASEAN, 702 00:29:01,800 --> 00:29:02,800 and 703 00:29:04,200 --> 00:29:06,299 especially about you must provide 704 00:29:06,300 --> 00:29:08,379 a model that and 705 00:29:08,380 --> 00:29:11,099 there's on the one side a premium service 706 00:29:11,100 --> 00:29:13,709 where you have to pay for it 707 00:29:13,710 --> 00:29:16,339 for all the other networks, 708 00:29:16,340 --> 00:29:17,459 it's for free, 709 00:29:19,770 --> 00:29:22,019 like the usage of those 710 00:29:22,020 --> 00:29:23,789 networks for free. 711 00:29:23,790 --> 00:29:26,639 Or you can choose also 712 00:29:26,640 --> 00:29:29,279 to have a free 713 00:29:29,280 --> 00:29:31,349 access to journalism, 714 00:29:31,350 --> 00:29:33,839 but that you only have to 715 00:29:33,840 --> 00:29:36,059 relate to Hoppes and 716 00:29:36,060 --> 00:29:36,959 Kaskade. 717 00:29:36,960 --> 00:29:39,369 And for 718 00:29:39,370 --> 00:29:41,669 the premium model, you would have three. 719 00:29:41,670 --> 00:29:43,829 But and what is 720 00:29:43,830 --> 00:29:46,409 different regarding the provider model is 721 00:29:46,410 --> 00:29:48,659 that the operators 722 00:29:48,660 --> 00:29:51,029 are known and that they are 723 00:29:51,030 --> 00:29:53,309 approved by, by 724 00:29:53,310 --> 00:29:54,569 and by the company. 725 00:29:54,570 --> 00:29:57,029 Germany and Germany 726 00:29:57,030 --> 00:29:58,940 has five thousand paying users. 727 00:29:59,970 --> 00:30:02,129 So let's have a 728 00:30:02,130 --> 00:30:03,479 look at John M. 729 00:30:03,480 --> 00:30:04,469 John Newnam. 730 00:30:04,470 --> 00:30:07,139 Use a few cascade's 731 00:30:07,140 --> 00:30:10,499 and the path is predetermined. 732 00:30:10,500 --> 00:30:12,779 So either you use 733 00:30:12,780 --> 00:30:15,119 the Gray Kaskade, the Green Kaskade 734 00:30:15,120 --> 00:30:17,699 or the Black Kaskade, and there's no 735 00:30:17,700 --> 00:30:19,679 other option to 736 00:30:20,690 --> 00:30:22,769 buy the sender, decide which 737 00:30:22,770 --> 00:30:24,959 route he or 738 00:30:24,960 --> 00:30:27,089 she wants to take like it would 739 00:30:27,090 --> 00:30:29,230 be possible. And I topi and 740 00:30:30,240 --> 00:30:31,380 an end to 741 00:30:32,870 --> 00:30:35,819 end journalism has 742 00:30:35,820 --> 00:30:38,429 to services and the info service, 743 00:30:38,430 --> 00:30:40,619 which is providing the user with 744 00:30:40,620 --> 00:30:42,779 some performance information about 745 00:30:42,780 --> 00:30:43,739 the Cascades. 746 00:30:43,740 --> 00:30:46,289 How many users you using 747 00:30:46,290 --> 00:30:47,369 and this cascade, 748 00:30:48,480 --> 00:30:50,910 how many benefits is still available. 749 00:30:51,960 --> 00:30:54,269 And that's 750 00:30:54,270 --> 00:30:55,859 the billing service. 751 00:30:55,860 --> 00:30:57,509 And. 752 00:30:57,510 --> 00:30:59,609 Yeah, and what 753 00:30:59,610 --> 00:31:00,630 is special about the 754 00:31:01,770 --> 00:31:04,079 is that 755 00:31:04,080 --> 00:31:06,599 there the wall you see and 756 00:31:06,600 --> 00:31:08,729 this is like for for example, 757 00:31:08,730 --> 00:31:10,829 the Great Firewall of China 758 00:31:10,830 --> 00:31:13,079 that you are 759 00:31:13,080 --> 00:31:15,569 at, that somebody censors your connection 760 00:31:15,570 --> 00:31:17,719 and you are not allowed to go 761 00:31:17,720 --> 00:31:19,949 on your own to connect to John 762 00:31:19,950 --> 00:31:20,950 Lennon. 763 00:31:21,450 --> 00:31:24,019 And you see that there 764 00:31:24,020 --> 00:31:26,399 above the blue dice. 765 00:31:26,400 --> 00:31:28,599 And there is 766 00:31:28,600 --> 00:31:30,629 and there are some black arrows. 767 00:31:30,630 --> 00:31:31,650 And this 768 00:31:33,220 --> 00:31:35,729 and the GUI of this 769 00:31:35,730 --> 00:31:37,949 job application, you have the 770 00:31:37,950 --> 00:31:40,229 option that you allow other 771 00:31:40,230 --> 00:31:41,549 users to, 772 00:31:42,650 --> 00:31:45,119 that you share your bed with other users 773 00:31:45,120 --> 00:31:47,159 in case they are censored. 774 00:31:47,160 --> 00:31:49,289 And so now 775 00:31:49,290 --> 00:31:50,290 the. 776 00:31:52,640 --> 00:31:53,640 And the 777 00:31:55,640 --> 00:31:57,949 blue dice with 778 00:31:57,950 --> 00:32:01,099 the arrows above its proxy 779 00:32:01,100 --> 00:32:03,229 and the other use towards 780 00:32:03,230 --> 00:32:05,479 the cascade and so that 781 00:32:05,480 --> 00:32:07,609 they can avoid 782 00:32:07,610 --> 00:32:08,650 that censorship, 783 00:32:09,680 --> 00:32:12,049 so because it's 784 00:32:12,050 --> 00:32:14,599 quite unique to to have 785 00:32:14,600 --> 00:32:15,799 a payment service. 786 00:32:15,800 --> 00:32:16,969 I have a look at this. 787 00:32:18,020 --> 00:32:19,720 So you see. 788 00:32:21,970 --> 00:32:24,519 And that Alice 789 00:32:24,520 --> 00:32:26,679 needs to buy 790 00:32:26,680 --> 00:32:29,139 some traffic and then 791 00:32:29,140 --> 00:32:31,359 this information is provided to 792 00:32:31,360 --> 00:32:32,499 add to the mix Cascade 793 00:32:33,690 --> 00:32:36,269 Mix, Cascade checks, 794 00:32:36,270 --> 00:32:39,009 the billing service, whether Alice had 795 00:32:39,010 --> 00:32:41,259 paid and 796 00:32:41,260 --> 00:32:42,670 the billing methods 797 00:32:45,070 --> 00:32:47,380 like an anonymous Pasiphae card, 798 00:32:48,460 --> 00:32:50,739 or you can send the cash 799 00:32:50,740 --> 00:32:53,289 by me, but also some 800 00:32:53,290 --> 00:32:55,659 not anonymous 801 00:32:55,660 --> 00:32:58,239 forms like bank transfer as 802 00:32:58,240 --> 00:33:00,369 possible, but might be not in 803 00:33:00,370 --> 00:33:02,379 the interest of somebody who wants to 804 00:33:02,380 --> 00:33:04,319 stay anonymous. 805 00:33:04,320 --> 00:33:06,430 And yeah, 806 00:33:07,930 --> 00:33:10,599 so let's compare 807 00:33:10,600 --> 00:33:12,669 the services or 808 00:33:12,670 --> 00:33:14,919 anonymity systems so 809 00:33:14,920 --> 00:33:17,379 we can state that of these practical 810 00:33:17,380 --> 00:33:19,599 anonymity systems, including 811 00:33:19,600 --> 00:33:20,499 tor. 812 00:33:20,500 --> 00:33:22,989 None of these protect 813 00:33:22,990 --> 00:33:25,299 against a global passive observer. 814 00:33:25,300 --> 00:33:27,459 But since the Snowden revelations that 815 00:33:27,460 --> 00:33:29,859 we are aware, at least since the Snowden 816 00:33:29,860 --> 00:33:32,859 revelations, that we are aware that 817 00:33:32,860 --> 00:33:35,349 secret services cooperate 818 00:33:35,350 --> 00:33:36,729 with each other. 819 00:33:36,730 --> 00:33:39,129 So at least that this 820 00:33:39,130 --> 00:33:40,130 somehow 821 00:33:41,230 --> 00:33:43,449 a realistic 822 00:33:43,450 --> 00:33:45,669 threat that 823 00:33:45,670 --> 00:33:48,159 the access to global passive observer. 824 00:33:48,160 --> 00:33:49,160 So. 825 00:33:50,950 --> 00:33:53,169 Then we 826 00:33:53,170 --> 00:33:56,019 saw that each HCN 827 00:33:56,020 --> 00:33:58,839 has also some method 828 00:33:58,840 --> 00:34:01,359 to resist internal, local 829 00:34:01,360 --> 00:34:03,659 and active adversaries 830 00:34:03,660 --> 00:34:05,979 to some extent, 831 00:34:05,980 --> 00:34:08,289 and what 832 00:34:08,290 --> 00:34:10,448 especially for Gounod and Freenet, 833 00:34:10,449 --> 00:34:13,059 is that they additionally 834 00:34:13,060 --> 00:34:14,649 provide the host with 835 00:34:16,300 --> 00:34:18,849 plausible deniability in case 836 00:34:18,850 --> 00:34:19,988 that they identified 837 00:34:22,330 --> 00:34:24,819 compared to I to 2p and to their 838 00:34:24,820 --> 00:34:27,279 if you operate a hidden service 839 00:34:27,280 --> 00:34:29,619 and you identify it, 840 00:34:29,620 --> 00:34:32,319 then yeah, 841 00:34:32,320 --> 00:34:34,509 it's it's more you 842 00:34:34,510 --> 00:34:36,479 don't have plausible deniability. 843 00:34:38,690 --> 00:34:39,690 So. 844 00:34:41,699 --> 00:34:44,329 Then we can also compare 845 00:34:44,330 --> 00:34:46,519 by the use cases, 846 00:34:46,520 --> 00:34:49,049 we see that 847 00:34:49,050 --> 00:34:51,459 if you want to achieve anonymity 848 00:34:51,460 --> 00:34:53,519 and legacy Internet, you can do 849 00:34:53,520 --> 00:34:54,509 this better. 850 00:34:54,510 --> 00:34:56,879 Journalism and patchily also by 851 00:34:56,880 --> 00:34:59,099 top in 852 00:34:59,100 --> 00:35:00,100 services 853 00:35:01,290 --> 00:35:04,379 can be upper. 854 00:35:04,380 --> 00:35:05,699 If you want to operate the hidden 855 00:35:05,700 --> 00:35:07,909 service, you can do this with two. 856 00:35:07,910 --> 00:35:09,570 I pay Freenet a unit, 857 00:35:11,820 --> 00:35:13,349 then phone unit. 858 00:35:13,350 --> 00:35:15,719 You have the option and that when 859 00:35:15,720 --> 00:35:17,819 your unit and frenette 860 00:35:17,820 --> 00:35:20,489 you can publish information and 861 00:35:20,490 --> 00:35:22,619 go offline and never show up in the 862 00:35:22,620 --> 00:35:23,609 network again. 863 00:35:23,610 --> 00:35:25,640 And the information remains a 864 00:35:27,180 --> 00:35:28,819 different case. 865 00:35:28,820 --> 00:35:31,439 Like if you operate a hidden service 866 00:35:31,440 --> 00:35:33,629 until I Tuppy, you 867 00:35:33,630 --> 00:35:35,609 have to stay online to send those 868 00:35:35,610 --> 00:35:38,189 information. But it's also changing 869 00:35:38,190 --> 00:35:40,260 the tech service in this regard. 870 00:35:42,160 --> 00:35:44,519 So and then 871 00:35:44,520 --> 00:35:46,979 anonymous file sharing is 872 00:35:46,980 --> 00:35:49,679 possible with I to pay Freenet 873 00:35:49,680 --> 00:35:51,969 unit and you have 874 00:35:51,970 --> 00:35:53,809 an patchily in. 875 00:35:53,810 --> 00:35:56,219 But it's not 876 00:35:56,220 --> 00:35:58,289 that they usually dislike it 877 00:35:58,290 --> 00:35:59,309 so. 878 00:35:59,310 --> 00:36:01,589 But for my impression, 879 00:36:01,590 --> 00:36:04,139 I got the impression that it's 880 00:36:04,140 --> 00:36:06,329 quite a popular application with an eye 881 00:36:06,330 --> 00:36:08,909 to at least. 882 00:36:08,910 --> 00:36:11,370 So then 883 00:36:12,420 --> 00:36:14,040 let's compare the provider models 884 00:36:15,210 --> 00:36:17,159 that we see. 885 00:36:17,160 --> 00:36:19,859 And the provider model is 886 00:36:19,860 --> 00:36:21,929 finally the question who do you trust 887 00:36:23,200 --> 00:36:24,269 for Tooya? 888 00:36:24,270 --> 00:36:27,029 You have volunteers 889 00:36:27,030 --> 00:36:28,889 who operate a relay 890 00:36:30,060 --> 00:36:31,049 for Torontonian. 891 00:36:31,050 --> 00:36:32,610 You have like 892 00:36:34,790 --> 00:36:37,079 a few relay 893 00:36:37,080 --> 00:36:40,199 operators which has somehow 894 00:36:40,200 --> 00:36:41,999 approved by John name. 895 00:36:42,000 --> 00:36:44,219 But yeah, 896 00:36:44,220 --> 00:36:46,379 and for I to be 897 00:36:46,380 --> 00:36:48,549 Freenet and that you have 898 00:36:48,550 --> 00:36:50,909 and the fact that 899 00:36:50,910 --> 00:36:52,979 every which is participating 900 00:36:52,980 --> 00:36:55,499 in the network is also 901 00:36:55,500 --> 00:36:58,439 a provider to them for the network. 902 00:36:58,440 --> 00:37:00,330 So and then 903 00:37:01,980 --> 00:37:04,439 other properties where we 904 00:37:04,440 --> 00:37:06,739 might compare usability 905 00:37:06,740 --> 00:37:08,949 size of the anonymity set 906 00:37:08,950 --> 00:37:11,129 and active community, and this 907 00:37:11,130 --> 00:37:13,289 regret's certainly 908 00:37:13,290 --> 00:37:16,109 to its considered 909 00:37:16,110 --> 00:37:18,509 considerably better 910 00:37:18,510 --> 00:37:22,169 than the other 911 00:37:22,170 --> 00:37:25,199 alternatives we investigated. 912 00:37:25,200 --> 00:37:27,689 So let's have a look at 913 00:37:27,690 --> 00:37:30,209 some research work there 914 00:37:30,210 --> 00:37:32,389 is on the one 915 00:37:32,390 --> 00:37:34,709 of the sets, 916 00:37:34,710 --> 00:37:37,109 for example, the next project 917 00:37:37,110 --> 00:37:39,179 where they investigate the 918 00:37:39,180 --> 00:37:42,629 options of zero effort, anonymity, 919 00:37:42,630 --> 00:37:44,789 which might be achieved 920 00:37:44,790 --> 00:37:47,069 by shuffling of 921 00:37:47,070 --> 00:37:49,469 IP addresses. 922 00:37:49,470 --> 00:37:51,659 And this assumes that you 923 00:37:51,660 --> 00:37:53,759 trust your ISP, the 924 00:37:53,760 --> 00:37:55,110 Internet service provider, 925 00:37:56,550 --> 00:37:58,799 and that he might provide 926 00:37:58,800 --> 00:38:00,959 you some anonymity. 927 00:38:00,960 --> 00:38:02,130 And yeah, 928 00:38:04,470 --> 00:38:05,519 then there 929 00:38:06,570 --> 00:38:08,819 is some work going on, improving 930 00:38:08,820 --> 00:38:10,799 and sharing the noon agenda. 931 00:38:10,800 --> 00:38:13,229 Numerous at the moment, not 932 00:38:13,230 --> 00:38:15,689 a real mixed network so 933 00:38:15,690 --> 00:38:18,209 that they do know do not 934 00:38:18,210 --> 00:38:20,429 shuffle their messages 935 00:38:20,430 --> 00:38:23,249 of latency reasons. 936 00:38:23,250 --> 00:38:24,250 So, 937 00:38:26,130 --> 00:38:28,439 yeah, and the idea is to 938 00:38:28,440 --> 00:38:31,289 have a real mix 939 00:38:31,290 --> 00:38:32,290 net 940 00:38:33,840 --> 00:38:34,849 then. 941 00:38:34,850 --> 00:38:37,589 And if a free application 942 00:38:37,590 --> 00:38:39,859 specific and only look at 943 00:38:39,860 --> 00:38:42,009 the messages, there is 944 00:38:42,010 --> 00:38:43,010 a vuvuzela 945 00:38:44,250 --> 00:38:47,369 as a research project 946 00:38:47,370 --> 00:38:48,370 which tries 947 00:38:49,450 --> 00:38:51,539 to hide those messages and 948 00:38:51,540 --> 00:38:53,699 use a lot of noise 949 00:38:53,700 --> 00:38:56,369 for this to obscure the meta data. 950 00:38:56,370 --> 00:38:57,419 And there is. 951 00:38:58,710 --> 00:39:00,769 Yeah, and there you see that 952 00:39:00,770 --> 00:39:03,569 the messages I send towards that drops. 953 00:39:03,570 --> 00:39:05,069 And later they are 954 00:39:06,300 --> 00:39:08,969 they are retrieved by, 955 00:39:08,970 --> 00:39:11,129 for example, Bubp when else wants to 956 00:39:11,130 --> 00:39:13,349 send it. And this approach actually 957 00:39:13,350 --> 00:39:16,949 scales quite well with 958 00:39:16,950 --> 00:39:19,230 an increase of the number of users. 959 00:39:20,850 --> 00:39:23,099 So if you are interested in it, you might 960 00:39:23,100 --> 00:39:24,179 have a look at it. 961 00:39:24,180 --> 00:39:26,579 And then before today, there was 962 00:39:26,580 --> 00:39:28,789 also talk about Lympics. 963 00:39:28,790 --> 00:39:30,989 Lympics has been presented 964 00:39:30,990 --> 00:39:32,429 this year. 965 00:39:32,430 --> 00:39:34,529 So it's an 966 00:39:34,530 --> 00:39:36,239 approach where they 967 00:39:37,380 --> 00:39:39,449 use some covert traffic and. 968 00:39:41,250 --> 00:39:43,539 Also mixed nut based, 969 00:39:43,540 --> 00:39:45,969 and at least they aim 970 00:39:45,970 --> 00:39:48,789 to resist powerful adversaries 971 00:39:48,790 --> 00:39:50,829 such as global passive observers and 972 00:39:50,830 --> 00:39:51,830 active attackers. 973 00:39:53,290 --> 00:39:55,659 Yeah, but I think 974 00:39:55,660 --> 00:39:57,809 that the yeah, 975 00:39:59,670 --> 00:40:01,929 it's not an easy 976 00:40:01,930 --> 00:40:04,149 task to achieve. 977 00:40:04,150 --> 00:40:06,849 So and they have the security 978 00:40:06,850 --> 00:40:09,999 goals of the receiver 979 00:40:10,000 --> 00:40:11,199 and likability 980 00:40:12,440 --> 00:40:14,679 and receive unthinkable 981 00:40:14,680 --> 00:40:16,119 by a third party. 982 00:40:16,120 --> 00:40:19,219 It's an online observability 983 00:40:19,220 --> 00:40:21,819 so that nobody can identify 984 00:40:21,820 --> 00:40:24,459 whether the Senate is online 985 00:40:24,460 --> 00:40:25,869 or offline 986 00:40:27,550 --> 00:40:30,759 and receive an observability. 987 00:40:30,760 --> 00:40:33,069 So my conclusion 988 00:40:33,070 --> 00:40:35,619 is that is good. 989 00:40:35,620 --> 00:40:38,019 But there are certainly other options 990 00:40:38,020 --> 00:40:40,489 which you might want to explore. 991 00:40:41,500 --> 00:40:44,289 Then there is no practical 992 00:40:44,290 --> 00:40:46,359 anonymity system out there 993 00:40:46,360 --> 00:40:48,729 which actually resists 994 00:40:48,730 --> 00:40:51,009 a global passive observer. 995 00:40:51,010 --> 00:40:52,010 And 996 00:40:54,070 --> 00:40:56,379 yeah, we want to achieve 997 00:40:56,380 --> 00:40:57,699 anonymity. 998 00:40:57,700 --> 00:40:59,859 This will not be possible without 999 00:40:59,860 --> 00:41:01,099 security. 1000 00:41:01,100 --> 00:41:02,100 So 1001 00:41:03,160 --> 00:41:05,349 I think it's very much appreciated. 1002 00:41:05,350 --> 00:41:07,899 If you go ahead and test this system, 1003 00:41:07,900 --> 00:41:10,029 report back and send patches 1004 00:41:10,030 --> 00:41:11,829 to improve them. 1005 00:41:11,830 --> 00:41:14,529 And your participation 1006 00:41:14,530 --> 00:41:16,659 in these networks does not 1007 00:41:16,660 --> 00:41:18,909 only improve your own 1008 00:41:18,910 --> 00:41:20,979 personal privacy, but you 1009 00:41:20,980 --> 00:41:23,179 will increase the anonymity said, 1010 00:41:23,180 --> 00:41:25,749 and in this regard, also improve 1011 00:41:25,750 --> 00:41:27,669 the privacy of others. 1012 00:41:27,670 --> 00:41:28,900 So thank you. 1013 00:41:41,440 --> 00:41:42,849 Thank you for this talk. 1014 00:41:42,850 --> 00:41:44,919 So we have a good amount of time 1015 00:41:44,920 --> 00:41:47,109 left for questions so you can come 1016 00:41:47,110 --> 00:41:49,919 to the microphones if you have one. 1017 00:41:49,920 --> 00:41:52,059 So, yeah, I see 1018 00:41:52,060 --> 00:41:53,589 someone with microphone for. 1019 00:41:53,590 --> 00:41:56,919 So can I ask the question. 1020 00:41:56,920 --> 00:41:58,759 Thanks for your talk. 1021 00:41:58,760 --> 00:42:01,049 We've got one question for regarding 1022 00:42:01,050 --> 00:42:03,339 Gunite and Frien 1023 00:42:03,340 --> 00:42:04,480 Freenet. Yeah. 1024 00:42:06,220 --> 00:42:08,359 Or as far as I understood, it 1025 00:42:08,360 --> 00:42:10,989 is quite similar to IPTF s 1026 00:42:10,990 --> 00:42:13,299 in the respect that is 1027 00:42:13,300 --> 00:42:15,789 giving some some uncensored real data 1028 00:42:15,790 --> 00:42:17,229 which can be retrieved through the 1029 00:42:17,230 --> 00:42:17,979 network. 1030 00:42:17,980 --> 00:42:20,919 And as far as I understood, IPF s 1031 00:42:20,920 --> 00:42:23,169 that is achieved with a block chain 1032 00:42:23,170 --> 00:42:25,599 algorithm. How is it achieved in 1033 00:42:25,600 --> 00:42:27,609 the caching part and the other two 1034 00:42:27,610 --> 00:42:28,719 networks. 1035 00:42:28,720 --> 00:42:29,720 Yeah, 1036 00:42:32,340 --> 00:42:34,569 and OK, 1037 00:42:34,570 --> 00:42:37,059 we have a successful 1038 00:42:37,060 --> 00:42:39,339 request like 1039 00:42:39,340 --> 00:42:42,139 the request is forwarded 1040 00:42:42,140 --> 00:42:45,639 and finally the link No.9 1041 00:42:45,640 --> 00:42:47,859 there neighbor sent 1042 00:42:47,860 --> 00:42:49,999 this request to us and 1043 00:42:50,000 --> 00:42:52,359 said this information and 1044 00:42:52,360 --> 00:42:54,519 afterwards this information 1045 00:42:54,520 --> 00:42:56,739 is stored by the 1046 00:42:56,740 --> 00:42:58,959 nodes on the green line, 1047 00:42:58,960 --> 00:43:00,249 on the green path. 1048 00:43:00,250 --> 00:43:02,529 So the ductwork node 1049 00:43:02,530 --> 00:43:03,530 and every node 1050 00:43:04,930 --> 00:43:06,190 saving this information. 1051 00:43:07,370 --> 00:43:09,579 Does that answer your question or 1052 00:43:09,580 --> 00:43:10,479 not? Really. 1053 00:43:10,480 --> 00:43:12,789 Is it is it cached for 1054 00:43:12,790 --> 00:43:14,649 for eternity? Is a cache with a block 1055 00:43:14,650 --> 00:43:16,389 chain algorithm or the catch for a 1056 00:43:16,390 --> 00:43:18,909 certain time? And you said that the 1057 00:43:18,910 --> 00:43:20,169 provider of the information can go 1058 00:43:20,170 --> 00:43:22,239 offline and the information will still be 1059 00:43:22,240 --> 00:43:24,639 there. So there's a time limit or 1060 00:43:24,640 --> 00:43:26,499 and the limit of the cache 1061 00:43:28,540 --> 00:43:30,669 when the cache is full, then 1062 00:43:30,670 --> 00:43:33,249 then he deletes those messages, 1063 00:43:33,250 --> 00:43:35,329 which are the oldest like or 1064 00:43:35,330 --> 00:43:36,939 I have not been requested for a long 1065 00:43:36,940 --> 00:43:37,940 time. 1066 00:43:38,590 --> 00:43:40,389 Sorry. Can you please, if you're leaving 1067 00:43:40,390 --> 00:43:42,409 the room room, be a bit more quiet. 1068 00:43:42,410 --> 00:43:44,869 So everybody wants to focus 1069 00:43:44,870 --> 00:43:46,749 to focus on the questions. 1070 00:43:46,750 --> 00:43:47,750 Yes. 1071 00:43:48,860 --> 00:43:51,199 That question answered then 1072 00:43:51,200 --> 00:43:53,509 I would ask the signal angel, 1073 00:43:53,510 --> 00:43:55,280 if there's anything from the Internet. 1074 00:43:59,140 --> 00:44:00,929 Yes, there is, and 1075 00:44:01,930 --> 00:44:04,419 would you prefer it to be an avatar 1076 00:44:04,420 --> 00:44:06,699 for a hidden service if latency was not 1077 00:44:06,700 --> 00:44:07,700 a problem? 1078 00:44:10,750 --> 00:44:12,010 And that is 1079 00:44:13,180 --> 00:44:15,100 difficult, like. 1080 00:44:18,260 --> 00:44:20,659 Yeah, and 1081 00:44:20,660 --> 00:44:21,660 like the 1082 00:44:22,760 --> 00:44:25,429 different security assumptions and 1083 00:44:25,430 --> 00:44:27,529 it's difficult to decide which 1084 00:44:27,530 --> 00:44:29,689 system is more secure than 1085 00:44:29,690 --> 00:44:32,509 the other, certainly 1086 00:44:32,510 --> 00:44:34,909 Tooya is more actively developed 1087 00:44:34,910 --> 00:44:36,829 and more actively researched and more 1088 00:44:36,830 --> 00:44:38,479 actively tested. 1089 00:44:38,480 --> 00:44:40,010 So this 1090 00:44:41,150 --> 00:44:43,969 might be something which indicates 1091 00:44:43,970 --> 00:44:46,189 that it's reasonable to decide 1092 00:44:46,190 --> 00:44:47,959 to use tor about. 1093 00:44:50,210 --> 00:44:52,389 Yeah, maybe it also 1094 00:44:52,390 --> 00:44:54,989 depends on the specific services 1095 00:44:54,990 --> 00:44:56,889 and which should be operated. 1096 00:44:58,610 --> 00:45:00,119 But the No. 1097 00:45:00,120 --> 00:45:02,459 Yeah, OK, 1098 00:45:02,460 --> 00:45:04,829 so don't you people make someone 1099 00:45:04,830 --> 00:45:05,880 so Borgo, 1100 00:45:07,770 --> 00:45:09,929 of the solutions you presented how 1101 00:45:09,930 --> 00:45:12,089 well to this today scale or more 1102 00:45:12,090 --> 00:45:14,699 specifically, would it be feasible to run 1103 00:45:14,700 --> 00:45:16,979 all Internet traffic on top of Tor hidden 1104 00:45:16,980 --> 00:45:19,049 services? Right. To be and what 1105 00:45:19,050 --> 00:45:20,969 that actually make the Internet a better 1106 00:45:20,970 --> 00:45:22,449 place? 1107 00:45:22,450 --> 00:45:24,189 Mm hmm. 1108 00:45:24,190 --> 00:45:25,190 Yeah. 1109 00:45:28,240 --> 00:45:30,489 And we 1110 00:45:30,490 --> 00:45:32,170 can have a look at the provider model. 1111 00:45:36,120 --> 00:45:38,340 I would say, and that 1112 00:45:39,660 --> 00:45:41,729 requires volunteers to run the 1113 00:45:41,730 --> 00:45:43,829 relay to pay for 1114 00:45:43,830 --> 00:45:46,259 the traffic and this 1115 00:45:46,260 --> 00:45:48,419 that does not scale as well as 1116 00:45:48,420 --> 00:45:50,849 every which is joining 1117 00:45:50,850 --> 00:45:53,939 the network also. 1118 00:45:53,940 --> 00:45:55,689 Yeah, relaying traffic. 1119 00:45:55,690 --> 00:45:58,079 It depends on where the toy 1120 00:45:58,080 --> 00:46:00,419 can grow as fast 1121 00:46:00,420 --> 00:46:02,499 as to to 1122 00:46:04,450 --> 00:46:05,839 this scale that. 1123 00:46:05,840 --> 00:46:06,840 Well. 1124 00:46:07,800 --> 00:46:09,960 Yeah. I typifying that that may. 1125 00:46:12,660 --> 00:46:15,149 All right, we have microphone 1126 00:46:15,150 --> 00:46:16,360 three, I think, over there. 1127 00:46:18,060 --> 00:46:19,919 I was wondering, from what I understand, 1128 00:46:19,920 --> 00:46:22,109 Freenet and you act like some kind 1129 00:46:22,110 --> 00:46:24,209 of distributed store and 1130 00:46:24,210 --> 00:46:26,939 so senders are protected by the cash. 1131 00:46:26,940 --> 00:46:28,319 Is there any way of having some kind of 1132 00:46:28,320 --> 00:46:30,659 dynamic content in these kind of networks 1133 00:46:30,660 --> 00:46:31,559 or, you know, something which kind of 1134 00:46:31,560 --> 00:46:32,560 mixes both? 1135 00:46:33,850 --> 00:46:36,379 Dynamic contact is difficult, and 1136 00:46:36,380 --> 00:46:38,669 that is like a reason 1137 00:46:38,670 --> 00:46:39,689 to go to. 1138 00:46:39,690 --> 00:46:43,019 I took or four for these 1139 00:46:43,020 --> 00:46:44,669 hidden services like that. 1140 00:46:44,670 --> 00:46:46,919 You have static content, but 1141 00:46:46,920 --> 00:46:49,049 but there are some 1142 00:46:49,050 --> 00:46:51,269 like static websites, 1143 00:46:51,270 --> 00:46:53,639 like the free sites, how they're called 1144 00:46:53,640 --> 00:46:54,639 and Freenet. 1145 00:46:54,640 --> 00:46:56,899 Maybe this can fit 1146 00:46:56,900 --> 00:46:58,989 for this purpose, but not 1147 00:46:58,990 --> 00:47:01,340 a real dynamic content. 1148 00:47:03,990 --> 00:47:06,269 OK, I see one more 1149 00:47:06,270 --> 00:47:08,429 microphone one thank 1150 00:47:08,430 --> 00:47:11,159 you. I think you mentioned that all 1151 00:47:11,160 --> 00:47:13,439 networks are vulnerable to global passive 1152 00:47:13,440 --> 00:47:15,869 observer. Can you explain a little 1153 00:47:15,870 --> 00:47:18,209 more about this type of 1154 00:47:18,210 --> 00:47:20,729 vulnerability, this type of attack? 1155 00:47:20,730 --> 00:47:21,859 Yeah. 1156 00:47:21,860 --> 00:47:23,969 Uh, let's 1157 00:47:23,970 --> 00:47:24,970 say. 1158 00:47:31,300 --> 00:47:33,459 Well, actually, we 1159 00:47:35,500 --> 00:47:38,019 if we can observe all links 1160 00:47:38,020 --> 00:47:39,369 in the network 1161 00:47:41,020 --> 00:47:43,299 and if we observe for links 1162 00:47:43,300 --> 00:47:45,489 in the network, then we 1163 00:47:45,490 --> 00:47:46,869 know exactly 1164 00:47:48,250 --> 00:47:50,799 which network Sentenza 1165 00:47:50,800 --> 00:47:52,989 or which node sent the traffic to 1166 00:47:52,990 --> 00:47:53,589 the other. 1167 00:47:53,590 --> 00:47:55,719 And we if we 1168 00:47:55,720 --> 00:47:58,329 observe this over a long time, 1169 00:47:58,330 --> 00:47:59,439 then we can 1170 00:48:00,970 --> 00:48:03,219 drastically reduce anonymity 1171 00:48:03,220 --> 00:48:05,739 said because we see that 1172 00:48:05,740 --> 00:48:08,079 maybe the Ellis' 1173 00:48:08,080 --> 00:48:10,389 sending the message to the 1174 00:48:10,390 --> 00:48:13,269 first node and the first node, 1175 00:48:13,270 --> 00:48:15,799 maybe sending some messages to 1176 00:48:15,800 --> 00:48:17,199 two or three nodes. 1177 00:48:17,200 --> 00:48:19,329 And the next node is also sending 1178 00:48:19,330 --> 00:48:21,339 the messages to two or three node. 1179 00:48:21,340 --> 00:48:23,649 But over a long period 1180 00:48:23,650 --> 00:48:24,730 where we can 1181 00:48:25,990 --> 00:48:28,569 pretty well correlate this traffic 1182 00:48:28,570 --> 00:48:30,459 is as practical now or difficult 1183 00:48:32,590 --> 00:48:35,139 and practical for 1184 00:48:35,140 --> 00:48:36,820 global passive observer to 1185 00:48:38,530 --> 00:48:41,739 I don't know about their capabilities, 1186 00:48:41,740 --> 00:48:43,950 but like 1187 00:48:45,640 --> 00:48:48,219 for John Dunoon, where you have like 1188 00:48:48,220 --> 00:48:49,859 very few relays. 1189 00:48:51,490 --> 00:48:53,859 Yeah. Let's say that they have 20 1190 00:48:53,860 --> 00:48:55,539 relays or something like this. 1191 00:48:55,540 --> 00:48:57,699 And this is even if they 1192 00:48:57,700 --> 00:48:58,700 are in different 1193 00:49:00,250 --> 00:49:03,099 jurisdictions, it's actually 1194 00:49:03,100 --> 00:49:05,319 able for for Secret Service to observe 1195 00:49:05,320 --> 00:49:08,199 exactly the traffic of 20 relays. 1196 00:49:08,200 --> 00:49:10,569 So it's 1197 00:49:10,570 --> 00:49:13,029 certainly more difficult 1198 00:49:13,030 --> 00:49:15,429 if you have 70 nodes, 1199 00:49:15,430 --> 00:49:17,379 70000 nodes. 1200 00:49:17,380 --> 00:49:20,229 But yeah, 1201 00:49:20,230 --> 00:49:22,389 and for some networks, 1202 00:49:22,390 --> 00:49:23,939 it seems reasonable. 1203 00:49:25,820 --> 00:49:27,949 OK, the signal angel again, please, 1204 00:49:29,000 --> 00:49:31,309 and Rafi wants to know whether 1205 00:49:31,310 --> 00:49:33,010 you have looked into the rifle and 1206 00:49:34,130 --> 00:49:36,439 network by Adani, which 1207 00:49:36,440 --> 00:49:38,749 is currently still in a research project, 1208 00:49:38,750 --> 00:49:40,529 as far as he knows. 1209 00:49:40,530 --> 00:49:41,749 Did you get the question? 1210 00:49:41,750 --> 00:49:43,079 Because I couldn't hear it. 1211 00:49:43,080 --> 00:49:44,749 But can you read it again, please? 1212 00:49:44,750 --> 00:49:46,009 Yes. And sorry. 1213 00:49:46,010 --> 00:49:47,839 Rafi wants to know whether you have 1214 00:49:47,840 --> 00:49:49,969 looked into the rifle and on 1215 00:49:49,970 --> 00:49:52,189 and on and on the military network 1216 00:49:52,190 --> 00:49:53,429 bike. Not that need. 1217 00:49:54,560 --> 00:49:56,989 Yeah, we we looked into it 1218 00:49:56,990 --> 00:49:59,329 and I rifle. 1219 00:49:59,330 --> 00:50:01,579 It's a different approach 1220 00:50:01,580 --> 00:50:03,829 where they use 1221 00:50:03,830 --> 00:50:05,320 that disinhibits 1222 00:50:06,440 --> 00:50:08,539 dining, cryptography 1223 00:50:08,540 --> 00:50:10,939 now cryptograph and that's 1224 00:50:10,940 --> 00:50:11,940 and 1225 00:50:13,160 --> 00:50:15,949 yeah they are actually 1226 00:50:15,950 --> 00:50:17,599 because they use secure multiparty 1227 00:50:17,600 --> 00:50:19,879 computation and they can 1228 00:50:19,880 --> 00:50:22,369 resist. Enoteca, if 1229 00:50:22,370 --> 00:50:25,339 only one member of 1230 00:50:25,340 --> 00:50:27,139 the of the 1231 00:50:29,820 --> 00:50:31,939 of the relay for only one 1232 00:50:31,940 --> 00:50:34,099 relay is trustworthy, 1233 00:50:34,100 --> 00:50:36,499 then, then they can provide the 1234 00:50:36,500 --> 00:50:37,609 anonymity. 1235 00:50:37,610 --> 00:50:39,799 So yeah, this is also 1236 00:50:39,800 --> 00:50:40,999 certainly interesting. 1237 00:50:42,680 --> 00:50:45,049 And they also have another approach which 1238 00:50:45,050 --> 00:50:46,669 is quite verified. 1239 00:50:46,670 --> 00:50:48,769 Shuffle, where you also can 1240 00:50:48,770 --> 00:50:51,769 prove that a shuffle really 1241 00:50:51,770 --> 00:50:52,969 or that a mix 1242 00:50:54,770 --> 00:50:56,929 shuffle to the order 1243 00:50:56,930 --> 00:50:57,930 of the method not. 1244 00:51:00,530 --> 00:51:02,389 OK, then we have microphone one. 1245 00:51:03,530 --> 00:51:06,379 Hi, thanks for for the talk 1246 00:51:06,380 --> 00:51:08,629 as part of the research, did you 1247 00:51:08,630 --> 00:51:10,699 look at that and the 1248 00:51:10,700 --> 00:51:11,719 resiliency to 1249 00:51:12,950 --> 00:51:16,129 the resiliency to censorship? 1250 00:51:16,130 --> 00:51:18,799 I mean, in many places, many enterprises 1251 00:51:18,800 --> 00:51:20,959 using these tools is considered a 1252 00:51:20,960 --> 00:51:21,960 security risk. 1253 00:51:23,120 --> 00:51:24,559 So did you give 1254 00:51:25,700 --> 00:51:27,589 any attention to that as part of the 1255 00:51:27,590 --> 00:51:29,719 survey? Which one of them is more 1256 00:51:29,720 --> 00:51:30,769 resilient? 1257 00:51:30,770 --> 00:51:31,770 Not. 1258 00:51:35,690 --> 00:51:38,179 Yeah, OK, we 1259 00:51:38,180 --> 00:51:40,279 can have a look at it 1260 00:51:40,280 --> 00:51:42,739 like a peer to peer networks 1261 00:51:42,740 --> 00:51:45,079 there, and I would say that they are very 1262 00:51:45,080 --> 00:51:47,209 resilient then 1263 00:51:49,350 --> 00:51:52,189 because there are so many different 1264 00:51:52,190 --> 00:51:54,559 apps which are 1265 00:51:54,560 --> 00:51:56,509 different, which you connected, that it's 1266 00:51:56,510 --> 00:51:58,909 difficult for the center to censor 1267 00:51:58,910 --> 00:52:01,519 all those addresses. 1268 00:52:01,520 --> 00:52:02,520 And 1269 00:52:03,830 --> 00:52:05,419 for the center, it might even be 1270 00:52:05,420 --> 00:52:08,149 difficult to receive the informations 1271 00:52:08,150 --> 00:52:10,249 which are actually 1272 00:52:10,250 --> 00:52:13,249 involved in this peer to peer network 1273 00:52:13,250 --> 00:52:15,379 so that there's not a list of 1274 00:52:15,380 --> 00:52:17,659 all connecting 1275 00:52:17,660 --> 00:52:20,849 which are involved for 1276 00:52:20,850 --> 00:52:21,850 to 1277 00:52:22,910 --> 00:52:25,579 the information of 1278 00:52:25,580 --> 00:52:27,889 of the relays, but the data also 1279 00:52:27,890 --> 00:52:30,319 and so on, that also I 1280 00:52:30,320 --> 00:52:32,129 like the list of release. 1281 00:52:32,130 --> 00:52:35,329 It's public, but there are also 1282 00:52:35,330 --> 00:52:36,330 some secret 1283 00:52:37,700 --> 00:52:39,589 and some secret that they call the 1284 00:52:39,590 --> 00:52:41,959 bridges where you 1285 00:52:41,960 --> 00:52:44,239 can achieve the access 1286 00:52:44,240 --> 00:52:46,609 to it, to the network so that 1287 00:52:46,610 --> 00:52:48,909 it's also and 1288 00:52:48,910 --> 00:52:51,049 then new we looked at 1289 00:52:51,050 --> 00:52:53,629 it like there another user 1290 00:52:53,630 --> 00:52:55,699 is promising that information to 1291 00:52:55,700 --> 00:52:58,299 achieve senatorship resistance. 1292 00:52:58,300 --> 00:52:59,360 Yeah. And 1293 00:53:00,950 --> 00:53:01,950 thanks. Yeah. 1294 00:53:03,290 --> 00:53:04,970 So microphone for place. 1295 00:53:05,990 --> 00:53:08,149 Did you look at the encryption 1296 00:53:08,150 --> 00:53:10,579 algorithm of all this network 1297 00:53:10,580 --> 00:53:13,429 use and what's your analysis, please? 1298 00:53:13,430 --> 00:53:16,129 No, we we didn't 1299 00:53:16,130 --> 00:53:18,619 looked at all the details, 1300 00:53:18,620 --> 00:53:19,620 so. 1301 00:53:20,150 --> 00:53:22,219 Yeah, but we, we 1302 00:53:22,220 --> 00:53:23,900 looked like some 1303 00:53:24,980 --> 00:53:26,959 onion encryption or onion style 1304 00:53:26,960 --> 00:53:27,759 encryption. 1305 00:53:27,760 --> 00:53:29,929 Others only encrypt from hub 1306 00:53:29,930 --> 00:53:32,269 to hub. So yeah but 1307 00:53:32,270 --> 00:53:34,879 but we didn't looked into 1308 00:53:34,880 --> 00:53:37,159 specific specific encryption 1309 00:53:37,160 --> 00:53:38,960 ciphers or something like that. 1310 00:53:42,390 --> 00:53:44,839 I see the Internet has another question. 1311 00:53:47,100 --> 00:53:49,499 Yes, well, it's interesting 1312 00:53:49,500 --> 00:53:51,899 and interested in what do you think about 1313 00:53:51,900 --> 00:53:54,179 research in the field of onion routing 1314 00:53:54,180 --> 00:53:56,249 of a Web RTC in terms of 1315 00:53:56,250 --> 00:53:58,079 accessibility and possible spread? 1316 00:53:58,080 --> 00:53:59,659 He finds it quite interesting. 1317 00:54:02,940 --> 00:54:05,979 I think we need some clarification. 1318 00:54:05,980 --> 00:54:08,779 OK, can you please repeat the question? 1319 00:54:08,780 --> 00:54:11,209 Yes, and it's 1320 00:54:11,210 --> 00:54:13,309 about the research in the field 1321 00:54:13,310 --> 00:54:15,409 of Onion routing over to see 1322 00:54:16,480 --> 00:54:18,919 it because of the 1323 00:54:18,920 --> 00:54:21,109 question here are things 1324 00:54:21,110 --> 00:54:23,329 that this field is in terms 1325 00:54:23,330 --> 00:54:25,399 of accessibility and 1326 00:54:25,400 --> 00:54:27,319 possible spread. Quite an interesting 1327 00:54:27,320 --> 00:54:28,320 approach. 1328 00:54:30,240 --> 00:54:32,499 Actually, I didn't looked into it, 1329 00:54:32,500 --> 00:54:34,989 but I attended like a party 1330 00:54:34,990 --> 00:54:37,089 so that it's done within 1331 00:54:37,090 --> 00:54:39,639 the browser. Oh yeah, 1332 00:54:39,640 --> 00:54:41,949 actually no, I cannot answer 1333 00:54:41,950 --> 00:54:44,139 that question, so. 1334 00:54:44,140 --> 00:54:45,249 OK, then. 1335 00:54:45,250 --> 00:54:46,300 Microphone three. 1336 00:54:47,610 --> 00:54:50,019 Uh, hello. You my question is about 1337 00:54:50,020 --> 00:54:52,399 you said that they're all like 1338 00:54:52,400 --> 00:54:54,519 they can kind of defend themselves 1339 00:54:54,520 --> 00:54:56,709 against global passive provider, but how 1340 00:54:56,710 --> 00:54:58,839 do they scale the ability that you can be 1341 00:54:58,840 --> 00:55:00,999 found with the number of with 1342 00:55:01,000 --> 00:55:03,369 a number of contaminated notes? 1343 00:55:03,370 --> 00:55:04,599 Like which of those 1344 00:55:05,740 --> 00:55:08,169 four which of those networks to 1345 00:55:08,170 --> 00:55:10,029 watch is the max number of notes that can 1346 00:55:10,030 --> 00:55:12,639 be contaminated with you probably 1347 00:55:12,640 --> 00:55:14,769 being like with you being 50 percent 1348 00:55:14,770 --> 00:55:16,210 secure or something along those lines. 1349 00:55:18,250 --> 00:55:19,250 Mm 1350 00:55:21,050 --> 00:55:22,050 hmm. 1351 00:55:22,910 --> 00:55:23,910 Yeah. 1352 00:55:24,640 --> 00:55:26,879 OK, let's try 1353 00:55:26,880 --> 00:55:28,939 it that way. Um, 1354 00:55:28,940 --> 00:55:30,399 yeah, yeah, yeah. 1355 00:55:31,630 --> 00:55:33,789 OK, usually if you 1356 00:55:33,790 --> 00:55:35,989 have this set up 1357 00:55:35,990 --> 00:55:38,139 that the entry node 1358 00:55:38,140 --> 00:55:40,419 and the exit node, like if you know 1359 00:55:40,420 --> 00:55:42,669 that there are three nodes within 1360 00:55:42,670 --> 00:55:44,590 the router or within 1361 00:55:46,090 --> 00:55:48,199 the path and you know the 1362 00:55:48,200 --> 00:55:50,949 data entry node and the exit nodes 1363 00:55:50,950 --> 00:55:53,109 which you are using malicious 1364 00:55:53,110 --> 00:55:55,809 and they are cooperating with each other, 1365 00:55:55,810 --> 00:55:58,249 then it's 1366 00:55:58,250 --> 00:56:00,309 very, very difficult 1367 00:56:00,310 --> 00:56:02,859 to to have a traffic pattern 1368 00:56:02,860 --> 00:56:04,989 which does not 1369 00:56:04,990 --> 00:56:06,249 identify you. 1370 00:56:06,250 --> 00:56:08,879 And this would be 1371 00:56:08,880 --> 00:56:09,880 like 1372 00:56:11,470 --> 00:56:12,810 valid for for 1373 00:56:14,710 --> 00:56:16,960 for, um, tor and 1374 00:56:18,400 --> 00:56:19,400 and 1375 00:56:21,400 --> 00:56:23,589 so and for 1376 00:56:23,590 --> 00:56:25,299 the Peer-to-peer networks. 1377 00:56:25,300 --> 00:56:28,269 It depends on your neighbors. 1378 00:56:28,270 --> 00:56:30,339 Like if I took 1379 00:56:30,340 --> 00:56:32,449 the south node, but 1380 00:56:32,450 --> 00:56:34,659 but your your neighbors are 1381 00:56:34,660 --> 00:56:35,799 not malicious. 1382 00:56:35,800 --> 00:56:38,109 So the day is to protect 1383 00:56:38,110 --> 00:56:39,110 you. 1384 00:56:39,930 --> 00:56:42,069 And I took and 1385 00:56:42,070 --> 00:56:44,499 the assistance 1386 00:56:44,500 --> 00:56:46,659 and the length of the 1387 00:56:46,660 --> 00:56:49,129 tunnel is also not fixed. 1388 00:56:49,130 --> 00:56:51,429 Well they're not that specifically known 1389 00:56:52,630 --> 00:56:54,999 and each 1390 00:56:55,000 --> 00:56:57,039 can decide how long this tunnel should 1391 00:56:57,040 --> 00:56:58,040 be. 1392 00:56:59,140 --> 00:57:01,659 And then that's 1393 00:57:01,660 --> 00:57:03,819 quite difficult for for an 1394 00:57:03,820 --> 00:57:06,399 attacker to know that 1395 00:57:06,400 --> 00:57:08,739 this the entry point and that 1396 00:57:08,740 --> 00:57:10,959 besides him, it's the, 1397 00:57:10,960 --> 00:57:13,719 uh, the real entity 1398 00:57:13,720 --> 00:57:14,950 like besides him 1399 00:57:16,020 --> 00:57:18,549 allows for an entry guard 1400 00:57:18,550 --> 00:57:20,579 or for an entry node. 1401 00:57:20,580 --> 00:57:22,009 Uh, yeah. 1402 00:57:22,010 --> 00:57:24,309 It's it's more dangerous because 1403 00:57:24,310 --> 00:57:27,369 he knows that the PSM is 1404 00:57:27,370 --> 00:57:28,840 like the real person. 1405 00:57:31,370 --> 00:57:33,499 OK, last person, I think, is 1406 00:57:33,500 --> 00:57:34,500 that microphone one, 1407 00:57:36,020 --> 00:57:38,959 you talked about plausible deniability 1408 00:57:38,960 --> 00:57:42,649 of that and 1409 00:57:42,650 --> 00:57:44,899 Freenet can 1410 00:57:44,900 --> 00:57:47,059 can you say what you can deny and what 1411 00:57:47,060 --> 00:57:49,549 not, for example? 1412 00:57:49,550 --> 00:57:52,879 And you say that I part of the network. 1413 00:57:52,880 --> 00:57:54,089 Mm. Um. 1414 00:58:00,420 --> 00:58:02,679 Like, usually you 1415 00:58:02,680 --> 00:58:04,929 can deny that. 1416 00:58:06,250 --> 00:58:07,919 Mm hmm. 1417 00:58:10,090 --> 00:58:12,879 And laugh, 1418 00:58:12,880 --> 00:58:14,109 OK, in this case 1419 00:58:15,890 --> 00:58:18,159 and and Atika does 1420 00:58:18,160 --> 00:58:20,529 not know whether you are the last hope 1421 00:58:20,530 --> 00:58:22,869 and whether you really receive 1422 00:58:22,870 --> 00:58:25,029 this information or whether they 1423 00:58:25,030 --> 00:58:27,339 end up afterwards. 1424 00:58:27,340 --> 00:58:29,889 So if you send this information 1425 00:58:29,890 --> 00:58:31,929 to somebody, then he can deny. 1426 00:58:31,930 --> 00:58:34,299 No, I only propagated or 1427 00:58:34,300 --> 00:58:36,399 transmitted this information to 1428 00:58:36,400 --> 00:58:38,289 somebody else. And this is quite 1429 00:58:38,290 --> 00:58:39,279 plausible. 1430 00:58:39,280 --> 00:58:41,859 So and if you 1431 00:58:41,860 --> 00:58:44,019 have the information 1432 00:58:44,020 --> 00:58:45,519 and then actually 1433 00:58:46,720 --> 00:58:49,209 him, I would say, and 1434 00:58:49,210 --> 00:58:51,549 then that the 1435 00:58:51,550 --> 00:58:52,550 green note 1436 00:58:53,680 --> 00:58:55,779 does not know whether this 1437 00:58:55,780 --> 00:58:58,149 information was hosted 1438 00:58:58,150 --> 00:59:00,219 by the red node 1439 00:59:00,220 --> 00:59:01,839 or the blue note. 1440 00:59:01,840 --> 00:59:03,669 So I just know it's OK. 1441 00:59:03,670 --> 00:59:05,649 And this information was somewhere over 1442 00:59:05,650 --> 00:59:07,479 there and the network and is now coming 1443 00:59:07,480 --> 00:59:08,259 to me. 1444 00:59:08,260 --> 00:59:10,359 Then another thing which I 1445 00:59:10,360 --> 00:59:12,549 didn't mention that you 1446 00:59:12,550 --> 00:59:15,519 stole the information, as 1447 00:59:15,520 --> 00:59:17,799 I said, and 1448 00:59:17,800 --> 00:59:19,959 the information you store is encrypted 1449 00:59:19,960 --> 00:59:22,419 and you actually do not know what 1450 00:59:22,420 --> 00:59:24,309 is inside these files. 1451 00:59:24,310 --> 00:59:26,679 So you are storing information, 1452 00:59:26,680 --> 00:59:28,779 but you can deny that, you 1453 00:59:28,780 --> 00:59:31,149 know, that this specific 1454 00:59:31,150 --> 00:59:32,049 information. 1455 00:59:32,050 --> 00:59:34,179 So this is also something which 1456 00:59:34,180 --> 00:59:35,469 you can plausibly deny. 1457 00:59:39,360 --> 00:59:41,669 OK, I don't see any 1458 00:59:41,670 --> 00:59:43,679 more questions, do you have another one 1459 00:59:43,680 --> 00:59:45,700 or have another question? 1460 00:59:47,220 --> 00:59:49,650 You said none of these networks 1461 00:59:51,120 --> 00:59:52,120 provide 1462 00:59:54,930 --> 00:59:56,010 protection against 1463 00:59:57,540 --> 00:59:59,280 global passive observer 1464 01:00:01,560 --> 01:00:04,049 or I to be think 1465 01:00:04,050 --> 01:00:05,780 if you have this, 1466 01:00:07,410 --> 01:00:08,829 like, I totally bought it. 1467 01:00:08,830 --> 01:00:10,170 Where is no connection 1468 01:00:13,680 --> 01:00:15,539 to, you know, any attack against that? 1469 01:00:15,540 --> 01:00:18,179 Because face it can provide 1470 01:00:20,790 --> 01:00:21,790 a protection 1471 01:00:23,130 --> 01:00:24,979 against such attacks. 1472 01:00:28,250 --> 01:00:31,129 OK, to be bored, it's 1473 01:00:31,130 --> 01:00:34,249 like the email application. 1474 01:00:34,250 --> 01:00:36,359 OK, for 1475 01:00:36,360 --> 01:00:38,659 emails, it 1476 01:00:38,660 --> 01:00:41,929 might be easier to to provide this 1477 01:00:41,930 --> 01:00:43,999 because sometimes they only send 1478 01:00:44,000 --> 01:00:46,879 a single message and then 1479 01:00:46,880 --> 01:00:48,589 it can be possible. 1480 01:00:48,590 --> 01:00:50,689 But if, like, you have 1481 01:00:50,690 --> 01:00:53,689 a hidden service and need to be and 1482 01:00:53,690 --> 01:00:56,089 you are, you are able to 1483 01:00:56,090 --> 01:00:58,279 request some information from it and 1484 01:00:58,280 --> 01:01:00,469 this sending 1485 01:01:00,470 --> 01:01:02,539 the information to you, then 1486 01:01:02,540 --> 01:01:04,669 you can correlate 1487 01:01:04,670 --> 01:01:05,629 this information. 1488 01:01:05,630 --> 01:01:08,419 But for a single message, it's 1489 01:01:08,420 --> 01:01:09,909 sometimes more difficult. 1490 01:01:11,270 --> 01:01:12,270 Thank you. 1491 01:01:14,800 --> 01:01:17,199 OK, I think we have answered 1492 01:01:17,200 --> 01:01:19,029 all the questions I don't see anymore, 1493 01:01:19,030 --> 01:01:20,689 and that also fits well with time. 1494 01:01:20,690 --> 01:01:22,420 So thank you again for talk.