now i'd like to address the prickly subject of

hidden services, right? AKA the "dark web".

So Max has done a good video on the Dark Web,

and so you should definitely watch that one first,

so you know what it is. But it's quite a controversial topic,

because a lot of what happens on the Dark Web

is illegal, right? There's no two ways about it, that is true.

Some of it isn't, right, and a lot of what happens on TOR

in general--in fact the majority of what happens on TOR

in general, you know high Into the 90%

and that, and above--is perfectly fine, right?

it's just anonymous users browsing the web,

doing regular things but the TOR Hidden Services

are ones that the debate is about because

they're the ones where you sort of say

'well, look, is it worth this bit of encryption?

Is it worth, you know, all the criminality that's on there and so on?'

So here's my Cloud--my TOR Cloud

and in essence, we've got lots of people going into

the network. lots of encrypted layers and things

happening, bouncing around, and then people

coming out of the network to servers, right?

Now the issue, from a security standpoint

Is what happens if There's someone Sniffing?

Here and

someone's Sniffing here

and They Can Correlate Traffic between the in and The out

and Work out what it is that I am Doing

Specifically Right then the whole Report the whole Point of Tor Which is Anonymization?

Has been defeated, Right? We already have encryption, so that isn't the point of talk,

that's just how, They do the anonymous communication

so the Dark web. or a hidden service to use the Proper Term, is

in Essence Where This server Moves inside this Cloud right so now We have a hidden service Running Inside this Cloud and

There is no B that's the Idea right so it Makes it very very difficult to find so there is Now a circuit that goes

Somewhere Between A

Around the Place

To this Hidden Service

and at no point has that left the network so there's no traffic correlation that can be done, Right?

All of these are just TOR sale messages that all look exacly the same.

Now, the way that TOR does this Is very very clever.

Euh, and I Look I will look into a little bit of detail on the protocol that it uses

But It's managed to form a

protocol where neither I nor the server

know who each other are, but we can still have a conversation which Is kind of nifty?

Okay

So then, let's start again with Onion routing

So, Onion routing is a protocol that could theoretically be implemented elsewhere.

There are other Mixing networks and things and other anonymization networks

But Hidden Services Is put predominately in the domain of TOR.

And TOR got the most users and the most nodes and it's the biggest and is in the News the most.

Let's Draw a little bit of a Network again, so

I shouldn't Have Drawn These Boxes Like This Because Now it takes me ages

So here's my server

Here's my Client and these

I'm Just going to Drawn with Boxes Because otherwise it's going to take far too long

These are Onion routers, so remember in normal Onion routing

The Client will Produce some

[Circuits] [or] some Hops and then they will Just Talk to the server but A server will be out on the normal Web Doing normal

Server Things

and won't be Anonymous what Hidden Services do Is

Anonymize This Server so they Allow Both the Server and The Client to talk to each other Despite the fact that

No One Knows who each other is Which Is quite Impressive

[Now] of Course if You then use [that] service Connection to Log in You're going to know you are but You get the idea

The Server Has To lay some Groundwork Down before A client Connects use a hidden Service Right so there's protocols in the Tor

Specification for doing This but [what] the server will do when they come online Is they will pick Three Onion Routers at Random and

Name Them as Introduction Points so let's Pick Them at Random now These are just normal Onion Routers They're very Likely to be Just doing

Regular

Normal Routing Tasks Like Circuits Through other Clients Into Servers and Things Some of These might be Exit Nodes

Entry Nodes and so on but As far as I know all Onion Routers Can, also act as

Introduction Points it's not A big Job [I] didn't Require A Huge Amount of Bandwidth the server will Make Connections

Circuits

to These introduction Points They've Either Full on tour Circuits with Three hops in Between Them the idea being That These introduction Points Know They're

Going to be introducing People to this server

But they don't know who it Is

Why it's Already the server is Hiding behind A layer of Anonymity here it will send Them a message to say I'd like you to

Act As an Introduction Point and Then

It will Create something Called A server Hidden Service Descriptor which I was [write] Down here that will Include the service Public key for

Occasion Purposes But I won't dwell on that Particularly but

Also Crucially the ip Addresses [of] These introduction Points Here Now These are all public Anyway they will Publicly Listed

Now it will Publish This Descriptor to something Called a Distributed hash Table that is to [Say] all [of] the Routers on Tor

will Hold Some in Some Part of the Information [on] all of These hidden Services

And the idea Is that if I try and Look up a hidden Service

The [Roots] Are Responsible for it will Give Me Back the Descriptor by including the Addresses

[Over] The Introduction Points Now the key for this Hash table is the Onion Address

Right so the Onion dress that Everyone Knows about

Is actually derived from the public key [of] this Server and Is in Essence the key but Gets

These ips Out of the Distributed hash table the whole Point of this Is [that] the Onion Address isn't publicized on the Global Tor Network

You Just find it other Ways like on A net

On an Internet or your friend tells you or?

in an Email or something like this the [Waiver] [the] Distributed hash Table Is

Programmed The vast Majority of Nodes Won't know what the description Is for A given Key I?

Only want more Probably or couple so there's an Inherent Security here it doesn't until Recently it's

Also Made it Quite difficult to Work at how Many Hidden services There were so this Is all set up now the server sits There

And Waits for [Internet] [Connections] [Or] People to ask for A, web web file Now

and These Onion Routers These ips the

Introduction Points Just sit There Being in Being normal Routed and Waiting here me I want to connect to this Hidden Service and Someone gave

Me the Onion Address so that's Really, what I need so what I do is I?

Request The descriptor off the hash Table and it gives it back that has the Three ip

And i pick one At random right let's Say This Top

One here what I'm going to do in Essence The Short Version

Is i'm going to ask this ip to Introduce me to a server and Then

We're Going to meet in The Middle at someone [debut] Point that's the idea so let's Work out How it Works

I'Ve Sort of run out of colors so i'm going to go?

Over the Orange Pen Here it's A bit bright I choose A

Rendezvous Point at Random and I create A [tour] Circuit to that Rendezvous Point Remember that Essentially all of These Arrows are the full

Connections This One has Two Hops on it not Three Because the Rendezvous Point is a third Hop

So it Goes on like this Now I send a message to the one 7-Point Saying I'd like you to Introduce me [to] the server

By This Introduction Point and I want you to send it the word

Cookie Right now that Could Be Any string [it's] not Important [the] point Is sort of like a One-Time Password Kind of Thing to verify

but no One Else has got Involved in This Conversation the Rendezvous Point Creates a circuit to this IP and sends it the Word Cookie it

Also sends its Own Address Because of Course this, doesn't know it because the Circuit and We [need] to be at a rendezvous Here

so this ip

Forwards The Cookie On to the Server and At this Point the Server Can Either Accept it and Decide to try and Make a Connection

Or do Nothing right so you Can Imagine a situation where Instead of A cookie Some kind of special Password

But you need to be able to connect to this Website and

The Server Just Does Nothing that's that's One Thing that Could happen right They Have an Authentication Token I think but at

This Point the Introduction Points Job is done There is no more

These Would be the serve Their Purpose all they do is Forward the Cookie [Onto] the server right

Bear in Mind, We don't know where it Is and

Eat the server Decides Whether it's going to connect

Let's Assume because Otherwise this will

Be a much Shorter Video that the server does want to talk said he to the Rendezvous Point so it creates

Another Circuit I don't know How Many 1 2 3 4 5 but at

[5] we've got [Six] Circuit right Across the Tor Network to the one David point Which is the cookie of The Wrong very Important Details

yes That Rendezvous Point Details will be

Well [it] be attached to the same message with the Cookie and yes Good Question now

The Server Sends The One They've Appoint A

Rendezvous Please Essentially Message [Weave] the Cookie in it and the Mod Labelled Point Looks at These Two cookies and Goes

Well I was requested of [One] They [blew] by this guy With this Cookie I've Received a Connection from some server

Also with the cookie They must be Talking About each other right that's the Idea it Could be doing Lots of on the Moves at

The Same Time With Different Cookies and it will then

Act as Just Another Hop on This Network and Connect These two up so this Comes over here like this and

This Comes Down Here and They Kind of get Bridged by this Rendezvous Point here Convened

On the Rendezvous Point [Acts] like A normal [Onion] mu 2 and Just decrypt Messages

Passes Them out the other Side like Always

so

for Anyone That's Sort of Lost count

There are at

Least six Hops here Right There Two intermediate Node on this Circuit then the Rendezvous Point in Three Intermediate Nodes on

This Circuit Right it's Just Part of the Protocol [that] There's only [Two] this Side that's Obviously going to be quite A lot slower than

Normal Talk These Could

Be all over the World like this it's going to Take quite a long Time

But There is no real Way of getting in on this Conversation

Right if You're Sniffing here or sniffing here all you're Seeing Is encrypted [tor] cells all of 512 bytes Long Jumping Around this Place

She's got, no Idea what any of Them are right very very difficult to track that's why, it's so difficult to find

Hidden Services okay Because They're Hidden yeah kind of the Point they, wouldn't Have Couldn't They?

[did] Something Else no they did in Term

They Didn't Name it Incorrectly to Say

Sometimes Were Vulnerabilities Found in The Protocol right or Compromised knows Which Allow Hidden Services to be Found this happened for example Silk Road -

But that's not [That] Common right and There's the bigger the Network Gets The more beautiful no Combinations are The heart of That Process Gets

Now as an Aside

Some Servers don't need Anonymity and this Many hops is too slow [all] right so they want to protect Their Clients but

They don't Care About but if People know who they are Facebook for example so Facebook Work

Foot-Tall Recently to Introduce Something Called Single Onion in That case the only Difference is the bit Server

Doesn't bother With These Three hops it just goes straight to the Rendezvous Point

Now That Obviously [Forgoes]

Servers Anonymity Because [The] One Living Point knows what it Is but it Takes a puppy

We know [Whether] servers are I think right so they don't mind about that Their Business Is protecting Their Customers

They don't Care but We know Where Their servers are so that's an Alternative and you it's quite A lot faster because you've Removed Three

Possibly Global Hops from There What Benefit Is [that] Facebook - you know some of Just using A normal tor

Connection Facebook There's a small Chance if You're using a normal tor Connection that some will be Sniffing Here and Sniffing Here and do Traffic

Correlation and Work out what's going on?

Right [There's] no chance About happening when it's a hidden server it Never leaves the Tor Network that's the thing if you Imagine that Cloud

You're Talking to Facebook Entirely Inside That Cloud very Hard to get in but on the other Hand

Facebook Server Location is Actually Known because if you

Were Operating the Rendezvous Point and Facebook said we'd like to connect back to the Client you'd immediately know that Because it's [Facebook's] Server so

it's like a Halfway Compromise

And i think a fairly reasonable Compromise so it's Facebook Putting one Foot, Inside the Cloud yeah yeah one Foot

Inside did to Talk Loud

With messages Encrypted Once With K3 it's encrypted Another Time with K2 and

When it's encrypted a final Time

With K1 Now Let's Think about what that means it Means that only This Routes are Here