Internet Software Technology

Tor: Developer Roger Dingledine is unhappy with the Dark Web

Written by Andy Prosper

Tor developer Roger Dingledine is unhappy about the fact that the network is often only associated with illegal activity, although it does not play a statistical role. And he is convinced that the gate was not infiltrated by secret services.

Roger Dingledine is one of the founders of the Tor project and used his speech as part of the hacker conference to clean up myths around the gate network. Most importantly, Tor is no longer solely associated with Dark-Web offers such as Silk Road or AlphaMarket. Of the more than two million people who use Tor on a daily basis, (previously known as Tor Hidden Services or .onion websites) took over from one to three percent. The rest use gate to access anonymous and unencumbered censors, other government agencies or the advertising industry on normal websites. The most popular onion service is the gate version of Facebook with over a million users.

Furthermore, it is wrong to assume that gate users in the main area are terrorists or criminals who want to protect themselves from prosecution. According to Dingeldine, terrorists have different forms of communication, all of which are easier to use than the gate network. It does not make any sense to put online service on time if only two hands full of terrorists wanted to communicate safely for a few weeks. However, the unscrupulous inhabitants of states such as Iran are dependent on anonymisation services like Tor to be able to surf and communicate without censorship.

One of the rumors reckoned by Dingeldine also belied that one could not trust Tor because it was programmed by the US Navy. Dingeldine replied to this only briefly: “I programmed it.” It also does not agree that NSA & Co. operates half of the relays needed to communicate securely, thus de-anonymizing users. Although the Snowden documents had proved that secret services operated some of the relays – but not enough to be able to get out of the gate. In addition, Dingeldine personally knows two thirds of all the operators of a total of 8,000 relays personally and therefore can rule out that criminal prosecutors and secret services have infiltrated the gate infrastructure.

Gate will be safer

The gate developer also used his speech to announce improvements to the gate network. On the one hand, the procedure is improved by which the IDs (URLs) of the Onion Services are generated: Up to now, the Onion Service generates a 1024-bit key pair (RSA). The public key is subsequently converted into a hash value with the SHA1, which is now classified as unsafe. The first 80 bits of this hash then form the part of the URL that precedes the “.onion”. The new Tor version announced for the end of 2017 is based on a more robust hash algorithm with elliptic curves and also requires longer addresses with 56 characters.

There is also a sort of load distributor for Onion Services. This is thought for onion services with many users or large transfer volumes. Dingeldine can deliver updates for the Linux distribution via different servers operating in the gate network. And also work on a solution to the entry-guard problem. So far, a gate client always connects with the same EntryGuard over days or weeks and can thus be de-anonymized more easily. A new approach (Proposal 271) is intended to reduce this risk drastically.

About the author

Andy Prosper