BCOS Monero Village - An Introduction to Kovri

Video thumbnail (Frame 0) Video thumbnail (Frame 10791) Video thumbnail (Frame 21582) Video thumbnail (Frame 32373) Video thumbnail (Frame 44434) Video thumbnail (Frame 47956) Video thumbnail (Frame 61352) Video thumbnail (Frame 63764) Video thumbnail (Frame 70017) Video thumbnail (Frame 72829) Video thumbnail (Frame 77025) Video thumbnail (Frame 91375) Video thumbnail (Frame 97210)
Video in TIB AV-Portal: BCOS Monero Village - An Introduction to Kovri

Formal Metadata

Title
BCOS Monero Village - An Introduction to Kovri
Title of Series
Author
License
CC Attribution 3.0 Unported:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor.
Identifiers
Publisher
Release Date
2018
Language
English

Content Metadata

Subject Area
Point (geometry) Existence Multiplication sign 1 (number) Information privacy Disk read-and-write head Food energy Field (computer science) Term (mathematics) Entropie <Informationstheorie> Nichtlineares Gleichungssystem Metropolitan area network Identity management Alpha (investment) Fingerprint Dissipation Covering space Inheritance (object-oriented programming) Projective plane Planning Measurement System call Physicist Quantum mechanics Statement (computer science) Thermodynamics output Right angle Figurate number Spacetime
Group action Code Multiplication sign Direction (geometry) 1 (number) Information privacy Food energy Perspective (visual) Formal language Emulator Mechanism design Mathematics Peer-to-peer Single-precision floating-point format Endliche Modelltheorie Identity management Physical system Area Physicalism Database transaction Public-key cryptography Proof theory Funktor Order (biology) Quantum mechanics Quantum Right angle Identical particles Spacetime Point (geometry) Perfect group Observational study Divisor Real number Branch (computer science) Event horizon Field (computer science) Wave packet Term (mathematics) Bridging (networking) Energy level Nichtlineares Gleichungssystem Information Paradox Mathematical physics Line (geometry) Approximation Vector potential Chaos theory Physicist Interpreter (computing) Gravitation Codec
Web page Point (geometry) Socket-Schnittstelle Digital electronics Multiplication sign 1 (number) Control flow Fault-tolerant system Disk read-and-write head IP address Food energy Revision control Medical imaging Latent heat Hooking Different (Kate Ryan album) Endliche Modelltheorie Router (computing) Proxy server Address space God Physical system Overlay-Netz Covering space Arm Software developer Projective plane Interactive television Independence (probability theory) Cryptography Cartesian coordinate system Public-key cryptography Tangent Type theory Wind tunnel Message passing Software Personal digital assistant Physicist Right angle Routing Advanced Encryption Standard Spacetime Library (computing)
Multiplication Software developer Projective plane Generic programming Information privacy IP address Facebook Latent heat Software Internetworking Personal digital assistant Different (Kate Ryan album) Operator (mathematics) Chain Proxy server Tunis
Group action Transportation theory (mathematics) Ferry Corsten Java applet Multiplication sign Direction (geometry) Set (mathematics) Information privacy Fault-tolerant system Food energy Formal language Web 2.0 Hooking Different (Kate Ryan album) Circle Endliche Modelltheorie Physical system God Covering space Bit Electronic signature Hand fan Band matrix Message passing Process (computing) Ring (mathematics) Website Right angle Video game console Freeware Asynchronous Transfer Mode Spacetime Point (geometry) Game controller Service (economics) Control flow Web browser Prime ideal Revision control Internetworking Hacker (term) Authorization Nichtlineares Gleichungssystem Router (computing) Netzwerkdatenbanksystem Proxy server Metropolitan area network Plug-in (computing) Default (computer science) Addition Interface (computing) Projective plane Database Denial-of-service attack Line (geometry) Directory service Cartesian coordinate system Cryptography Software Personal digital assistant Statement (computer science)
Web page Email 12 (number) Server (computing) Pay television Service (economics) Codierung <Programmierung> Multiplication sign Image resolution 1 (number) Web browser Client (computing) Mereology Public key certificate IP address Side channel attack Metadata Dressing (medical) Time domain Direct numerical simulation Hooking Hash function Moving average Local ring Proxy server Error message Address space Form (programming) Identity management Window Default (computer science) Key (cryptography) Computer network Client (computing) Instance (computer science) Web browser File Transfer Protocol Sign (mathematics) Uniform boundedness principle Software Hash function Addressing mode Configuration space Simulation Identity management Local ring
Default (computer science) Email Server (computing) Randomization Service (economics) Computer file Multiplication sign Projective plane Electronic mailing list Set (mathematics) Database transaction Client (computing) Goodness of fit Wind tunnel Software Right angle Address space Metropolitan area network Surjective function
Manufacturing execution system Transportation theory (mathematics) Java applet View (database) Multiplication sign Direction (geometry) Source code Client (computing) Disk read-and-write head Information privacy IP address Food energy Side channel attack Mechanism design Hooking Semiconductor memory Encryption Videoconferencing Endliche Modelltheorie Office suite Constraint (mathematics) Software developer Moment (mathematics) Bit Database transaction Instance (computer science) Public-key cryptography Connected space Band matrix Message passing Funktor Chain Website output MiniDisc Right angle Sinc function Slide rule Server (computing) Statistics Game controller Overhead (computing) Perfect group Divisor Maxima and minima 3 (number) Branch (computer science) Wave packet Goodness of fit Term (mathematics) Internetworking Energy level Router (computing) Netzwerkdatenbanksystem Proxy server Booting Address space Software development kit Default (computer science) Key (cryptography) Cryptography Wind tunnel Software Personal digital assistant Mixed reality Physicist Routing Communications protocol Local ring Resolvent formalism Library (computing)
Laptop Point (geometry) Information Firewall (computing) Multiplication sign Projective plane Data recovery 1 (number) Bit Client (computing) Cartesian coordinate system Mereology Food energy Theory Type theory Graphical user interface Object-oriented programming Internetworking Internet service provider Alphabet (computer science) Operator (mathematics) Statement (computer science) Quicksort Physical system
Logical constant Axiom of choice Group action Presentation of a group Java applet Source code Real-time operating system Chaos (cosmogony) Open set Information privacy Perspective (visual) Different (Kate Ryan album) Computer configuration Core dump Data compression Physical system Personal identification number Software developer Database transaction Maxima and minima Unit testing P (complexity) Complete metric space Telecommunication Chain Pattern language Quicksort Arithmetic progression Annihilator (ring theory) Computer file Similarity (geometry) Control flow Microcontroller Student's t-test Event horizon Rule of inference Element (mathematics) Frequency Alphabet (computer science) Computer hardware Authorization Lie group Router (computing) Computer-assisted translation Firmware Address space Form (programming) Alpha (investment) Personal area network Authentication Default (computer science) Focus (optics) Standard deviation Demo (music) Pseudonymization Weight Uniqueness quantification Deep Web Directory service System call Uniform resource locator Word Software Mixed reality Library (computing) Ferry Corsten Euler angles Multiplication sign Direction (geometry) Decision theory Combinational logic Design by contract Mereology IP address Facebook Programmer (hardware) Very-high-bit-rate digital subscriber line File system Cuboid Endliche Modelltheorie Extension (kinesiology) Flow separation Public-key cryptography Connected space output System identification Right angle Whiteboard Freeware Asynchronous Transfer Mode Classical physics Ocean current Trail Mobile app Implementation Server (computing) Functional (mathematics) Divisor Link (knot theory) Web browser Revision control Internetworking Operator (mathematics) Mobile Web Shift operator Leak Peer-to-peer Commitment scheme Point cloud Document Type Definition Routing Android (robot) Dynamical system Context awareness Client (computing) Dimensional analysis Neuroinformatik Direct numerical simulation Roundness (object) Encryption System on a chip Information security Identity management Arm Constraint (mathematics) Channel capacity Block (periodic table) Binary code Sound effect Bit Arithmetic mean Message passing Virtuelles privates Netzwerk Process (computing) Hash function Order (biology) Spacetime Point (geometry) Open source Letterpress printing Vermaschtes Netz Branch (computer science) Declarative programming Product (business) Number Hacker (term) Profil (magazine) Business model Traffic reporting Scaling (geometry) Information Duplex (telecommunications) Physical law Total S.A. Basis <Mathematik> Limit (category theory) Cartesian coordinate system File Transfer Protocol Integrated development environment Personal digital assistant HTTP cookie Code 1 (number) Image registration Function (mathematics) Public key certificate Web 2.0 Synchronization Semiconductor memory Series (mathematics) Algebra Vulnerability (computing) Area Predictability Software engineering File format Moment (mathematics) Data mining Vector space Website Metric system Game controller Service (economics) Transport Layer Security Login Theory Power (physics) Software testing Module (mathematics) Dependent and independent variables Multiplication Radon transform Projective plane Interactive television Sphere Password Internet der Dinge Communications protocol
all right everybody if you are out there you don't want to be out there you want to be in here because we're gonna be talking about one of the most anticipated things of Manero just recently launched alpha some people say Cauvery some people take Bovary some people who speak Esperanto actually say covertly you don't like it kind of should be said so we've got an autumn oh here he's the man he's the plan he's the everything if he dies we're screwed let's give it up for him he's gonna be presenting to us Cauvery an introduction all right everyone inside here we go I hope you like improv you know Miles Davis Coltrane bill efficient improv okay so Cobre what is Cobra before I even wanted to get into that I wanted to tackle the problem that we're trying to solve many physicists in the room Oh all right cool at least one okay so Zen even familiar with anonymity okay got a couple of hands there for an enemy and familiar enough with Manero to know that it's a privacy project okay so let's see I don't want to tell you what covert is until we established a problem but I'm also kind of trapped in my head after working on this all these years that I'm trying to also you know meet you halfway from the very beginning well so we need to understand that basically everything is public and I mean everything I mean existence says you know it okay so I'll just start off four things I want to talk about let's see privacy and anonymity never existed it cannot exist and may never exist within the realm of some realistic and in quantum mechanics I know that's kind of heavy or not but it's important because it defines what we're doing secondly I'd like to talk about identity because it all relates it's all relative and then third I'd like to talk about what we are doing like what we are really trying to do I'm talking Manero - you're walking down the street - here we are now and fourthly I'd like to a solution to all of that and then actually get you know forward to this you know this actual stuff you can use right now before you leave so I'd like to open with a question so so what what is this anyone you can speak out and and it's not a finger it's not a fingerprint necessarily I mean what is this like right there anyone this isn't like Plato's cave kind of retort it's not like philosophical it's like it's like flat-out what is that this is clearly definable it's essentially what we're basing our whole existence around at least when we're engineering things okay so I'll call this it's a point in space-time now how did you how do you know that this is a point in space-time sentience is not a requisite you don't need to have consciousness to prove this how do you know that this point is right here because you can see it okay but seeing isn't the same as measuring we know observing is not the same as measuring so how do you know I mean how do you really know that this is a point space-time it's really simple it's because you are in space-time right now you are varied points in space-time you can measure this you know you know whatever sensory inputs away so who the hell cares why does this what does this have to do with that enemy well the point is I'm trying to prove to you that there is no such thing as privacy and anonymity it's just it cannot happen and I it we just proved it right now okay so you're in space-time here okay so what do you mean by that nutjob okay so let's try to cover right let's try to you know cover this point in space-time I mean can you prove that this point space-time still exists yes you can indirectly or directly you will given enough time and energy you can prove that something is here you can speculate you know that there might be a black hole there but it's highly doubtful and essentially you can you can measure eventually you will measure with absolute certainty that something is in here and all its quality is all it's wonderful matter and what have you so you say okay well that's just like 20,000 layers of that you know hands upon hand upon hand well I mean with absolute certainty you know it's in space-time because without it nothing would exist there and we'll we'll go down that rabbit hole but literally you can't measure it given enough tools and time you will be able to measure why am i wrapping this around what is this well that's the whole essence of layered routing as you see in TOR as you see in ITP in Cobre it is the constant of just wrapping things up with math and and hoping someone doesn't you know figure it out essentially okay so I mean how about simple terms okay here's something you can take and talk to your parents or you know whoever loved ones so you want privacy you go to the bathroom what do you do thank you you close the door right because you want because we want privacy but I hate to break it to you are now public to everything within that room see it's all relative you close that door okay sure sir the the door you know everyone outside the door may not be able to know you're there right now but given enough time and energy they can measure you heat dissipation entropy thermodynamics I mean it is not some mystery you will be found given enough time and energy so you close the door okay you got some privacy but then you go to use you know the facilities and you take off some layers of clothing right because that was your a private still right well now your public to the air your skin is public to the air and it is there is no such thing as privacy I know that's a bold statement and I'd put trust me I've lost a lot of sleep and I've really tried to prove myself wrong here and I want people that's get involved in the discussion prove this wrong physicist everyone just if you can solve any of like behind sighted field equations without space time I mean from a Kowski to care if you can just anything Andy if you can prove any of this please come to me and get involved so privacy doesn't exist anonymity so how do you define anonymity you know I'm actually sorry I should have asked you how do you define first of all I kind of jumped the gun and assumed a lot of things does anyone have any other definitions of privacy that I didn't cover no okay now add an enemy an enemy does anyone have definition what is being anonymous I mean textbook it's to not have a name but that's kind of silly because you just gave this a name it's because you can acknowledge I won't communicate I'll say because you could acknowledge this points in space-time you have essentially assigned it in identity so
I'm sorry you can't not have a name so long as you are measurable and observable you have an identity so the concept of anonymity is just it's not possible within the mechanics that we are engineering these systems right now to the best of our ability okay why does that matter to all that again that's the foundation of Alice and Bob how do you know Bob how do you know Alice how do you how can you prove Alice and Bob so we'll talk about that too so doesn't really know who Alice and Bob is are okay I mean no yes No okay so you know Alice wants to talk to Bob so I and as we just discussed so here are these two points so what they want privacy right well we know privacy is not possible because they will be publicly talking to each other essentially but there are events in between these two points they're called events and well what do you do I mean you go to communicate right do you see how privacy in that enemy are not possible you are relying on the very events in between these two points of space-time in order to get your message across but ironically these events between these two points are the very thing that destroys your privacy and anonymity yeah it's it's a real mind twister so what what do we do we we attempt to emulate anonymity and privacy for example with toward co-vary ITP you essentially send your message through various hops using them all kinds of a Christian I'll talk about and then eventually gets there Bob doesn't necessarily know where you are and vice-versa but of course given enough time and energy that dalla information is readily available because you exist within these models of mechanics yeah so privacy anonymity okay it's the identity did I ask you to what how do you define identity how does anyone doesn't define identity and not Matt answer not necessarily mathematical identity were a equals B which is in itself contentious because at the quantum level Union you may and they might not actually equal I asked a whole nother thing but so no thoughts and identity huh being able to uniquely distinguish something from something else okay yeah but how do you do that I mean essentially the bottom line is it's all relative here we are back to the space-time where it is literally everything is relative it's driving me nuts because if we can't solve this problem that we're never gonna have privacy okay so a identity is is relative but more importantly Lane did you have a question how would you define that context though but if it is measurable then the relative perspective is that no matter how one system defines it it still is is relative so long as it can be measured I don't know if that makes sense but how do you prove that but but is that truly identity and I would say yes because I'd like I just said identity is relative but I think what's more important is to understand how we use identity and that it identity is also language and language itself is also relative so for example when Alice wants to talk to Bob they want to set up a diffie-hellman exchange right to generate a key pair they're essentially creating a language for each other in a way that supposedly only these two points will be able to communicate I don't know how huge that is but I think it's it's pretty big because it essentially defines all these all these excuses for why we're doing this it comes down to a lot of these simple basics language for example so I guess here well I mean why does this matter right every day where we're trying to have these transactions we're trying to be anonymous but why can anyone tell me why that's not like a text book you've heard this a thousand times why'd anyone know why why why why are we trying to do this so this is what I believe this was based on my preliminary you know studies of this but I truly believe and I think this is the direction we're going we're essentially trying to bridge two points of space-time into a single point space-time while retaining the qualities of those two separate points in space-time which I don't know if that's possible right now of course I would like to propose something soon in a few minutes but think about it every time you go walk down the street every time you go to eat every time you go to hug someone every time you open your eyes every time you try to send a transaction you're trying to connect with one other point and one other point only specifically Mineiro this specifically you know you want to have a train action with someone and only that person and unfortunately you rely on everyone else to try to do that that's the hack right now that's like the physics hack we're dealing with but essentially that's what our ultimate goal is I believe yes Howard that's fairly sure doesn't cut it I mean like like I've said it's all measurable I mean it's not truly private
but again that's all relative because when they're face to face which other there's still away from each other and there's always going to be those points of space-time within the points I'm not ignoring the Infinity and what I'm proposing it's that's the solution to this problem because you're just simply describing the very same problem is there space-time and I did this is huge there's two points to space I met face to face whether that I mean it's always this coming together you know it's always this gravity it's really annoying but we we are we ultimately are seeking to if I'm correct the inception was our ascent we're essentially trying to just avoid all of that space-time so we can have that true connection while while retaining our qualities and I'm not talking this is something we're just going to whip up some code and do I'm talking this is a long term endeavor essentially describing what our purpose is you know we're obsessed with bringing these two points together it's in everything every it's in your it's this constant but the essence of movement if you will so that is what I see is being the problem the ultimate problem and that's why I you know I believe here is like this beginnings the very beginnings of what could be the beginning of a new branch of physics privacy physics you know if no one's talked about it I would like to talk about it more I'd like to initiate that I do privacy mechanics you know essentially if possible to solve the field equations without space-time that would be great if not let's let's see what else we can do it's very open-ended but I like to just get that ball rolling tell your friends get more people involved in the conversation okay so any questions about that now the physicists here might have a few comments - please it's correct and order anything same if you like yeah exactly exactly and if you look at any like equation ever proposed I mean if you take out space-time then I mean you take out the concept of you even being able to interpret this equation for theoretically right yeah I haven't heard anyone really talk about this I mean chaos theory aside and other things I mean I'm not like involved enough to be like hey oh yeah we've talked about this over lunch so I don't know we need more people involved in this I've never really heard of essentially okay sorry I miss something with the idea of privacy mechanics were essentially trying to do two things bridge or not even bridge sorry excuse me we're trying to bring two points of space-time into one point while retaining the other points if that even makes any sense because if you try to do that and you know they formed something else that defeats the purpose so we're trying to do that we're also trying to exist while not existing folks that is true privacy if you can exist while not existing but somehow somehow room I mean this is blowing my mind right I don't have the math with me right now but they think those are the at least the two found it offending questions for something of a privacy mechanics did you have a question sorry bossy it's my proposal I mean I don't have a solution not necessarily I only propose those two questions I how they're achieved I think would just I don't I don't know right now I'd liked more people to get involved oh and what attract did you say attract can you give them to rub might do you have a money I think my point is that I don't think it's unreasonable to rely upon an approximation considering our interpretation of physics mathematics is a model that is an approximation of physics and it's necessarily so until proven otherwise and I mean that's why we need more quantum physicists for example I mean to get small enough for you know I mean it was proven otherwise that that is what girdles work was any system more complicated then less certain you know more than simple arithmetic has paradoxes is a lot of paradoxes but I mean is that a limiting factor is it a defining factor for a potential new branch of physics two defining factor for a branch of mathematics which is a model physics so it's unreasonable to expect since your work is probably going to raw in mathematics that it's also not going to be a perfect model of physics sure sure okay I'm not saying it's perfect I'm just saying of let's get the discussion going I mean health care by 30 years ago there were iPads on Star Trek and now we have them you know for example so let's let's get it going let's talk more let's let's try hey if you can if we can solve this without having to divulge into other you know areas sure I've loved that please okay so that that and that okay so I'll briefly talk about okay so I said why we're doing that but here's my little flair I think it's ultimately true love okay sounds corny but I think this attempt to constantly try to connect with people and connect with these various points of space-time essentially the essence of love that's something to ponder to I could elaborate that and if you like I don't know if is the who wants to hear that but I would define it that way okay so we have that
that that and the proposal great okay Wow half hour so how does that relate to cobras so is so no one's really familiar with Onion Routing or garlic routing anyone okay geez I like my interaction I don't have to explain everything that's already explained but we have a garlic here but we don't have a matroyshka doll right there's no doll do you go okay okay so how about does everyone know what I'm a thrush God Allah is one okay
how about I do a quick little image search so we're all on the same page we're supposed to have a little thing I can demonstrate but did you know didn't
happen there we go alright so here we go so back in the mid-90s the Navy started researching essentially created the on the Onion Router of version zero long story short a couple verses later version two here we are with the Tor project Roger and Nick are heading that up with a whole team of people and what they essentially said is well we want point a to be anonymous to point B so they they said oh well it's it's well can use that so it's like an onion you know an onion has layers well more accurately is actually this matroyshka doll which they probably like thought of and said oh no you can't say the r-word that's that's a big no-no but essentially this is the most I believe the most accurate way to describe that so let's see see how they you know the little one goes into this one it goes so you can actually twist those off and you put one into the other and to the other to the other and you essentially you have your message for that point B you put it in you wrap it up you send it through various hops using public key encryption and they send it on down send it on down without being able to read the original message it gets to point B and then point B just does it in Reverse sends it on back so essentially it's encrypted all the way through the points aren't able to discern what you're sending unless they have enough time and energy yes of course they can prove it as we discussed now that's called like circuits at circuit routing that's really straightforward three hops and you're there but with co-vary and I need an assistant here with the physicists like to come up and assist just standing here and you hold your arms out okay yay okay [Applause] sorry okay so I'll hold my hands out here and could you stand over there and do the same like this okay okay so so I'll be Alice and you be Bob or vice versa whatever you want and so Kofi has inbound and outbound tunnels so essentially Ellis extend out and this will represent my out and then you extend in actually no you extend out this way there we go perfect and then her inbound these are her inbound tunnels her arms extended in arms extended out outbound my arms extended in and Kover uses unidirectional tunnels so we don't I mean we complete a circuit but technically that they're unidirectional tunnels where I send one message throughout various hops all encrypted goes to her inbound tunnel also several hops encrypted then she responds through this your outbound tunnels and comes through my inbound tunnels it's a summary you know that you know you need directional tunnels so thank you very straightforward stuff another crypto used for both OS for tunnels a algum all and aes-256 CDC and session tags and technical things for that so okay we had that's those tunnels and I guess I shouldn't have sent you back but essentially so let's say you want to send the message right well within that message you send it through the various hops and what's great about covariant ITP is that it's a message based fault tolerant decentralized system so you can send in fragments if needed and they are reassembled at the various points all encrypted can be decrypted and sent off to the remaining hops so it's it's very it's that fault tolerant but essentially those are called garlic cloves as we see here various message I to NP message types go into a clove and you know come there so I mean it's it's essentially we're essentially layering upon layer upon layer in and we're and we're asking here's the fault here's the problem I mean this is what breaks every overlay Network well at least tour and IT team Cobras you're asking pretty please pretty pretty pretty pretty please this first hop please don't tell the second hop my IP address don't give them any at a data pretty please so you can imagine the whole model is broken because of trust because you can't really trust anything so hate to break it to you as much as you know everyone loves toward these these things are just unresolved still and that's what really got me going in this whole space time you know circus so any questions on the matroska any questions okay so we got that that and that and I have a question for you what do you want to know if exactly do you have any like specific questions about cover e or about anonymity no questions yes Michael how about Michael yes did you have a question I'm most interested to know how an application developer would that that's making an application independent of any transport would implement pork ovary maybe different types of of protection how they would use that how would they would use it sure well once we get the API done by the end of this year hopefully earlier you would just hook into that as a C++ library and we'll try to keep it real simple you know bsd-style sockets for example you know being write all that and you would just say I want to send to this address and it de cobre address the base 32 encoded and that's another thing okay destinations the whole concept the destinations all right so you just one tangent after another I can go on okay so you would essentially just hook into library but you would need to know the address you want to send to correct do you know what address you would want to send to off the top of your head network a kind of an agnostic application you know how you can use tor proxy to use tor with anything with Firefox or and Firefox does not know what's using the Tor network if you store proxy is that something that your well essentially 12 what is doing is it's a socks proxy so we have a sock proxy if you want to use it but because covert and ITP it's a network within the
Internet I mean you're not going to be able to connect to Google or Facebook unless they are hosting a IP address destination you could use a sock proxy if you wanted something rough and generic if you want more fine tuning then you would use the API which it's not out yet but yeah and that's another
thing with destinations well before I go into that a little more hands okay is there anything specific to manera or block chains that covary solving or is this totally generic solution it's just like like an others I'm not like another tour or another I to be like or is there something blockchain neat about it oh there's no it's not nothing bought chained no I think watch Gennie about it but what's important to know is that this this concept boulders touring others tour well you know it's like saying well there's bitcoins so why do you need any other coin it's we need more decentralisation we need more anonymity networks we need more developers otherwise its centralized so but no there's nothing extremely specific about Manero other than them being a great project spearheading privacy left and right trustless privacy's is crucial to creating this so aside from that now there's no like tie in with the blockchain or anything like that so I hope you understand I understand how onion rabbiting works but what is the like Pacific use case that Cobre is meant for that would be better than tour or you said it was based on ITP right yes they open specifications by HIV so we're usually saying why not use tour or an icing sorry yeah basically like good I'm you're saying you want multiple networks for different use cases right like work is stronger if you have more no its operating in it sure well okay I'm sorry I don't understand it can give someone a brief could you rephrase it okay Sean's she I can will do that okay I mean geez it's it's all online okay I'm thinking
really technical I'm sorry I'm not like thinking how do I say this okay H so tours its first of all they don't support UDP so you could hold transporter just just out of the equation secondly it's a leach based network essentially everyone using it leeches off these relays that are heavily funded and and can support a lot of bandwidth so you have to ask well where does that money come from secondly their whole directory authority model in the specs it says itself Sam I trust list but as we know there's no such thing as Sam ID it's either you trust or you don't trust and if you if you're a fan of trusted set up then you know then you'll understand the the dangers involved with that it's essentially the same thing in anonymity land with ITP you have a network database it is truly a decentralized database that no one owns it is passed around through various routers that are randomly selected based on a flood fill capability for example but no one owns these there's no trust it's up to you you can decide a which database you want to use for example you have that fine-tuned control and it won't break the network it won't you'll have to go out of your way to do it it's by default essentially its fault tolerant too so if one tunnel goes down have another a a whole set to pull from so your message will get to where it's going and it will remain anonymous on both ends for example tor do you always have that exit mode I mean assuming we're not talking about hidden services which is very similar you all have have that exit node which the website will always see as a point and of course from there it can be deduce where you are given enough time to energy so did I answer sorry if I didn't the helps and cover is just based on ITV based on the city of the specs yes so it is the same network when you're using covert right now you are using the i2p network you are blended in with every other router on that network yeah so um you your introduction was basically saying that I mean the way I understood it the kind of soul we can achieve real I don't immediately write yes and so your solution is basically fall into the same realm because you have to work with what we have right absolutely it's a hack and what I'm saying is there's no piece of software on the planet that I know of or that is relatively known that it's capable of achieving true privacy or an enemy unfortunately toward has never admits to that none of these projects admit to actually providing 100% anonymity but no-one's really talks about the underlying problem see another reason I'm bringing it up is because if we don't talk about this we're just gonna hand this off to our you know descendants and they'll be stuck with the same crap and they'll be going in circles and circles and circles until we have seven quintillion bit primes and you know 500 trillion ring signatures and etc etc trying to defeat this problem that cannot be defeated unless we can solve the removal of space-time while somehow existing I know it's like far-fetched and out there and whatnot but that's just what I wanted to say you know as I don't know yeah I just want to clarify that because it was a yeah generic statement and I want to understand where you were going so but I'm talking about coverage so how how is it I mean I understand trust less and but at some point you can steal like you said with enough time and effort trace back that you know the message or whatever you send it sure I mean in trust is relative but as is with it with any of these systems you really have to have a lot of time and energy and right now I mean that that requires money you know Fiat or what have you so it's all relative but theoretically this is what I'm talking about theoretically the suppose realistically and I mean I would put my trust in this project in more than any other project only because it's such an honest group of people who are not trying to screw each other or the world and we're really trying to you know apply hacks we admit they're hacks we're hacking our way constantly developing finding the best solutions at the time and that's I think the best we can do at this point in my opinion yeah thank you you're welcome oh yes one more question bye answer this earlier oh you may have answered this earlier but why is this important for you to solve I'm sorry important to you to solve this to solve this problem why is it important uncle because we wouldn't have privacy or anonymity if we don't solve it but more importantly I mean personally I believe it's because we wouldn't achieve what we've been trying to achieve since day one which is this this coming together this wanting to come together and actually come together I know it's on I'll go I'm gonna lose if I go too much often to that but I'm sorry you think you're getting closer to solving that problem I think that worked the fact that we're talking about this and we're discussing it is it is closer or a step closer theoretically I mean I can't predict the future you know sorry yes so Corey Anderson is in a different language why do we need Co free in addition to ITP do they have different applications or Kobi gonna be better or okay so I have to bite my tongue a lot when I guy it's a tricky question right because I have massive respect for the Java IT 2p project simply put we just we want to do things differently in a more efficient manner with I like the approach of less is more versus more is more does that answer your question because otherwise I'll I can go into technical details I mean what they have different essentially it is the same use case like you want to use the internet anonymously and privately you just use it but they have several api's they have if you'd seen that web console zze I know where's the cameras these easy I mean come on man years and years and years we've been complaining about this web console man please do something about it so a web console right it's the only interface to this job I to pee and it's it's a nightmare for newcomers so ultimately what I want to do is totally just get rid of all of this stuff like everything all this technical stuff I want to speak about I don't want to have to just like I don't want you it's an engineering thing you don't want to talk about that huh how do we build this building while we're in it you know this is let's build now we're in it I just want simple Docs a simple application you hook it in poof it's done you don't think about it if you want to know more you read the specs and so on and so forth and that is the complete opposite model of the other project it's actually the same technology though so what a good summary of it be a reimplantation of ITP in c++ facing a lot of the stuff that is too complicated you don't like but it's completely Interop with the network right like it's gonna be plug in and if I want to run an ITP note I can run Cauvery instead seamless yes you did gotcha although we may go in a different technical direction that would could possibly know essentially hard forth of network because of various dramas and things that have come up a lack of review and intentional lack of review and just pushing out of specs and then expecting you know us to just follow along and I'm personally just tired of following along but that's a whole another we can talk more after the talk about that yes so from what you're saying it kind of sounds like Kaveri is application agnostic and can be implemented into any other crypto currencies and not just Manero which means that it's a semi altruistic project he nailed it yes wow that's cool Minero is cool anyway Thank You Diego yeah isn't there like a saying don't don't send an engineer to talk about something and something you know if you want a straight answer or something you know I don't know it's something like that so ok god well she's there's so much to talk about well it's right here I'm here until 5:00 right 3:51 all right so how about this I'll just show you and then if questions come along you
know and I can describe some of the the details the finer points so I'm running the router right now I've disabled the console.log so you're not really seeing anything so I'm assuming people are familiar with tor browser okay so essentially all it does is it it changes the I mean it's it does a lot of things but one of them is with Firefox their version of Firefox it hooks into their socks proxy the torch socks proxy so what I did is just went ahead and click this and went to the you
know edit preferences and where is this
this ice cap here we go settings and
essentially make the HTTP proxy the you know the covert instance port four four four six I set it to SSL even though we don't support us us all right now but you don't need to because everything is end-to-end encrypted anyway so that's a huge thing nothing to worry about there for the most part I set up the FTP thing because that's another little trick sometimes your browser will do bad things it's a but anyway if you're not using a socks proxy so here we go click that
alright and now we're going to check
every I to P and I bet you an XMR it's going to say 503 am I gonna lose the next amar damn and I might come on
alright okay great oh it works so I'm
out but it's a win for everyone okay so success welcome to the ITP Network your local client destination so that's an something no one's asked yet so we have IP addresses right you want to connect to Google or whatever you have you have an IP address they have an IP address you resolved with DNS well there is no dns resolution within the ITP network names are canonical there they're locally defined how I define check Cobra ITP it can be completely different how you do it it's it's extremely decentralized in that aspect so unfortunately like many problems with all these networks we have side channels that we use for example address book subscription servers but again it's up to you to decide if you want to use someone's subscription we ship a default subscription so you know that check dr. Aubrey de ITP will go to a very specific destination and here we go base64-encoded sha-256 hash of the destination now the identity here says keys so it's algum all public Pub key and then a DSA pub key plus a certificate of metadata that essentially forms your identity and we don't have enough time to go into details maybe I can do that next time or I'll just talk less about useless crap in the beginning when I next talk but so here's the base64-encoded of that and here's that here's what's something you'll see a lot it's essentially the bait that b32 address you know you go to bla bla bla bla bla that b32 to ITP and it's funny how tor finally finally are coming out with their v3 onions and they're using these you know base 32 coatings they have now a longer address is something I - Peas been doing for a lot longer it's the ITP is essentially hidden services by default that is the network is the hidden service that's the only way you can communicate and here is the basic C for encoding of the full destination this is something you'll see when it when creating your address book or if you will your subscription very technical stuff but this is how that works so you know that you are using the network when you hook that up so any questions on that on this page yes sorry by default if you have in the dress it's okay um sorry would by default what I default on its you have this address and can people reach you through this address so yet so here's yes here's the cool thing all this data you're saying here this is identifying your identity through the socks proxy what's really cool is you can have many many many identities theoretically but this is the one that check Daugherty i2p is communicating with and if there's no name resolution to this but it I mean it does that make sense yeah there could be if but the register yeah but that's more for like a server tunnel this is a client tunnel and that's something I should probably answer vTOLs did someone have another question okay so we hooked that up through the socks proxy now what Manero is gonna do is bypass the socks proxy altogether because it's clunky it's slow it's not effective the error messages returned are pretty useless I mean theoretically they could have been using it for a while now but they never wanted to implement a socks proxy for various reasons despite complaints so let's go into the config
file okay so here's the client client tunnel lists essentially there's the I forgot to remove that so these are the default settings right here's good old IRC 2p now the ITP project started low going to start about the same time this tour but it started as the as the visible IRC project I mean it was a essentially than IRC Network it grew into what we see now but this networks still around it's what you use to use IRC over ITP and we have these default client tunnels and see how the destination it has you know IRC title onto ITP etc well you need an address book to resolve that to for example you know all this goodies
goodies stuff here but it's already set up so you can you can use it I don't have a client set up but let's go ahead and do a quick check here all right Melissa send some random data I'm connecting through the client tunnel something that Manero will create on the fly possibly per transaction you can create a new client tunnel it'll be completely transparent and you won't even know it I mean that's why I don't want to talk too much about it because you just want another way it'll just happen and here we are so we are connecting to irc2 echelon to ITP via this client tunnel and you can do the same look we got SMTP setup euphy is pasta man's mail service for example now let's go to the server tunnel this is if you're going to go
ahead and host a website or for example venero of narrow node for example so you would well I mean again this would be automated so you don't really need to know all this but you just go ahead and uncheck here I'll show you these are three yeah I go oh no it's it's fine um so let's see long story short there are 3d IRC 2 P servers that are chosen at random and these are servers that I've been around and this is after a person's name it's like his handle for I don't know how long he's been around I not that I know of I certainly hope not though I do have know but if he's still if he's watching this you know his servers still broken you know I told him like what a year and a half ago that it's leaking I you know public it's leaking his public IP address and he's like I intend to do that so I mean it's I say it's one of many reasons why I want to what we want to move forward so I have to set up here oh hello Def Con all right so are we there we go so look here's a ssh server a server tunnel so essentially you need to tell the network hey here's my local destination here's why I want to be you know people that connect to and here's the port and here are the the private public key pair right there and it comes through this server tunnel let's see if I can do this I have it set up I believe you already have them in history I guess not ok so where is ah oopsie I'm not using Team X there so the question is well ok you created a server tunnel what's your how do you tell someone where your server is like how do you tell them the address well you go into you know client keys and here we go we have a the base 3 2 encoded address and we have the base64 essentially you want the base 32 so we got that and there you go that is the address you say hey friend connect to this address and
as we saw here nowhere to go as we saw here you can replace the destination with an actual base 3 to address or a resolvable address but since I'm currently proxy training through co-vary I'm just gonna let it do it automatically so let's see what is it huh at the sea it happens connection refused I'll ask what hey at least it's got refused that's good yeah so let's try again well I might I might have changed the authorized keys it's but essentially you would be able to use the proxy chains for example you could proxy chains anything to a I to P address and it would work many questions on that so far okay am i talking enough about mineiro like how it relates Manero does it does it make sense yet how it works with monaro well cos like with Manero you know you connect to a node and you send a transaction while your IP address is known to that node and you have to hope that node doesn't know so perfect use case by default you will never have to worry about that so long as you can connect to the internet and that you're not being censored at the packet level because then we would require more office keishon with that so i'm hope i answered questions doe yes this is what the performances of this constraints of latency and other factors compared to tour in previous ITV moment Asians okay well let's take a look here we are yeah so let me get out of them here we go sorry there we go so you look at that that is the stet is a pretty small memory footprint at the bottom that's twenty six megabytes RSS I mean you can tell almost no disk I mean there's disk usage because we're writing the and reading the network database but it's right now it's trivial this is a very small bandwidth router right now I've I just this simple right now this instance is not very high bandwidth but the stats are all right there I mean this is like 1.5 1% CPU like if you're looking at the Java router nope this is massive this it's ridiculous I don't know I it is what it is but we don't like it so it's it's pretty small pretty small footprint and what's great is we can you can eventually once I finish my bandgaps branch you can tweak how much bandwidth do you want to use and of course reflect on you know the amount of crypto you is etc etc I'm sorry are you seeking to get this integrated with anything like tails that's a good question I mean it's that's up to them essentially it's agnostic it can be used with anything that can hook into a c-plus library we'll get our marketing team on it okay oh yes um maybe I I just don't really know a lot about it but how does your discovery work on isn't like relays nodes or is it basically is it the same as IT p2p or did you change how ITP does it unfortunately we're doing the same thing look inside CP which again we're we're left with the threat model of side-channel I mean it's absolutely absurd that to get a view of the network you need to connect to a reseed server that it's in itself has been great I've ever biggest view of the network so you're relying on that view for it's okay let's say you mix it up and you pick from three or four servers whatever you're still relying on side channels and you're still relying on a you know a trusted source I I'm open to ideas I think you know people have been beating their heads over this for a long time but I mean the literally tore Scott you know I can probably count equal issues that are just unavoidable better problems but yeah any other questions okay no crypto questions all right well oh yes how can you wear for the mic please thank you I came a little bit late so please saw me do it you know oh you missed the whole kit and kaboodle yeah I heard about a little bit about some things that can be done to make Cobre more appropriate for more widespread usage like to speed it up you have any thoughts on anything people should be focusing on to do that for widespread adoption yeah just to make it like more efficient more reasonable to use user boobs are friendly videos no no more or just actively the actual performance of the network and performance of traffic on the network I'm not sure how to answer that exactly in terms of engineering or well the problem with like resolving let's say you want restricted routes for example so you know that every hop at least within your control is a high bandwidth you're just gonna get it all through you know yet latency is not an issue you're still stuck with Bob who's got his tunnel pool and you know you can't you know it's just gonna go in like that and I think that's like D design of the network we could there are other possible networks you know in development Hornet for example it's something to look up yeah I mean if you created up okay okay okay well I mean that goes with anything if you're creating tons of key pairs and you're just generating generating the more the more hops you try to connect to the more tunnels we try to create - I mean it's it's going to create more overhead we use crypto plus plus great library no loader is a great guy he's adamant about keeping things optimized and efficient I mean the crypto is what it is I'm not sure how to answer I don't know if I understand the question well the item pikas consists of many protocols it's a common misconception that I mean you have the transport layer you have the message layer within the transport I mean you have all this various encryption encryption difficult and of them all AES it just goes on and on sha-256 there's just a lot to do because you know these little garlic cloves or you know encrypted tunnels aren't cryptid the transports the sessions are encrypted it's a lot of crypto and I mean how to solve that I don't know and we're talking about nonet non-energy somehow somehow using non energy for our n and n being maybe they'll come with our privacy mechanics model I mentioned at the beginning non-energy okay I mean I'm not talking dark matter but not energy we're the fissile Scotia she's not here she left all right I'm okay any other questions yes so with the physicists you explained that each direction what was using a completely different channel and I wish to use that provides any advantage in terms of privacy what's the reasoning that's a good question because it's still being debated does it provide more privacy to subscribe less privacy there's not enough research but the research available proves that it's fine enough I mean fine enough it's I don't know I really could argue for and against both and I could Yap and Yap and Yap and talk and talk and talk but well and Sean is prepared to some things too and I'm sure I'll have there'll be questions for him too it's an ongoing thing essentially you know we need more people more developers more input you don't have to be a C++ developer you don't have to be a lot of things just ask questions get involved and we'll do the best to see what if there's something you can help out with yeah Diego doesn't do anything so he's doing great he's doing he's doing a lot by doing between eleven do nothing you do a lot Jago okay so yeah any other questions yes yeah and we pull up the one slide I have so I miss most of the beginning I'm a PhD at particle physicists oh we can
talk out yes yes thank you and great oops a bit bewildered by what I heard so
so looking ahead I don't know maybe it's premature to ask something like this but fer since since each Manero node operator gets to choose for themselves whether they are there for their personal Manero client connects to the you know legacy Internet or through Co V would to clients connecting in two different ways with two Mineiro No let's talk to each other directly or could you have a situation it's a half the Monaro notes we're running Cobre and half were running and the legacy internet you might have like like a Great Firewall sort of conditioner that's a great question and that's something mineral new and fluffy Pony and others would have to actually answer because I have my opinions but it's it's what they decide so I don't know if I have an answer for you there it's it's it's it's available it will be available to use and I mean it's like my works here but I can only do so much sorry ask them that made sense did you do any I mean probably but have you looked at the dev p2p II like the so I like a theory where I've been doing a lot of etherium stuff and etherium has its own kind of replacement for solving this type of problem called dev p2p and dev dev p2p de vie when attacked on Sophie okay it's just part of the etherium foundations like big pool of opens oh is it like dandelion not familiar theme okay bitcoins non solution sorry oh yeah I mean if you haven't looked at it then that's fine I was just wondering if there was any like if you had any particular like challenges to that which is why co-vary is a I need to create another solution to or but it's fine like I get it well I mean at this point it where it's everyone's got their own well I can do it better I can do it better and you know whence no one's actually solving the problem I mean that was why I want that's why I wanted to open up with my opening statement everyone's got their approach they think they got it and it's just there's one you can laugh at it here laugh it they're not laugh at it there and we just keep doing it until we learn how to do it right but yeah is this funded by the CIA this project absolutely not I'm completely funded I mean you can you can do whatever research you want to me FOIA whatever stock me follow me around I don't I mean it'd be creepy but if you know I'm not that's what's great about this project is it entirely funded by Manero the foreign funding system for example that's what I've been funded through so I'm very glad to take that funding no CIA no no alphabet agency no government funding not even the military nothing no research nothing it's all mineral yeah so the question is you should be stalking your given it well if you were here the beginning enough time and energy that would all be certain so ok no other questions dan I want to talk so much more but I tend to ramble so here we go contact info you have any questions and I guess that concludes my portion I would like to hand it off to Sean he has some things prepared he'll he'll provide actual useful applications you know recovery so thank you do you need to a laptop [Applause]
it's not on here though it's fine do you need to left I just leave it okay oh just alright hello my name is Shaun Coughlin I go by their hacker alias Shaun Coughlin so nice to meet you I am a software engineer I work in industrial systems and I focus most of my attention on security features and also I work on a number of other projects I'm a continuing graduate student and work on applications of encryption for the use of effective engineering and the focus on the satisfaction of client dignity in business operations I'm here to talk about Covey's techniques and applications as an engineer I decided to look into some of the latest IOT security protocols earlier just about six months ago and I came across I to p's implementation and Kover II then I saw it was attached to Manero and so I decided to get involved in our project but I'm here because I really like Cobre I think it's fantastic and this can really be the future of IOT devices I'm gonna give a brief overview about the application history of AI 2p and Kovarik these were all based on the original work which is called Freenet which came out around 2000 it took some of the popular peer-to-peer networks that were run I'd like some of the file sharing stuff that was going on in the 90s they were they were based on that and abstractly created a new communications layer kind of replacement for TCP and that started around 2000 of course in the 90s DARPA was working on something similar that became The Onion Router tour and that was alpha'd in about 2002 soon after that a bunch of the workers for our developers on Freenet decided to make a a sort of Fork of free net and they called it the invisible internet project and that uses their network layer from the PGP protocols and they added an extension to Onion Routing that they jokingly called garlic because they were looking for some other common vegetable of a-tickin call it until somebody came up with garlic the differences that exist right now between Onion Routing and garlic is that onion routes they in general this is a lie but you know humor me for one packet it adds the layers of decryption for each hop in the known route meaning that every single item is there has to plot out the route from the source to the destination adds in the encryption to each item and simply reduce like a marsh code though until eventually gets the end the nice thing about that is the entire network is bi-directional the receiver of a package then simply wrap it up and go right back where it was sent from so it's as though it's basically TCP just with a little extra stuff on top garlic breaks that model and says instead of actually taking one particularly known route we're gonna take any packet of message you have split it apart shard into smaller pieces then mix some combination a bunch of things and then get those two separate sub routes in two different locations to the forty finally hits the destination the problem with that is there's no way to go back to your original route I to P is a simple unidirectional route and so in order to get back for the original sender you have to create a brand new channel all the way back so it's a little bit more complicated and adds extra a little bit of extra slowness and things like that but it really takes all of the indirection that tor adds and simply adds a new door new entirely new dimension it makes it so much harder to analyze everything even if you have like full network understanding it's still really really hard to reproduce the actual original messages so yeah it's just a so much better communications it doesn't have any of the problems that that onion has which I'll go over in a moment now there's actually two separate implementations in Java of the ITP there's this original protocol that was called I to PD that existed and that's all I have to say about that but there's also a there's also a Java implementation that's the main ones out right now the Java I to plea implementation has the severe problem of using Java it makes it easy to port to new systems but correspondingly requires a very large amount of resources the memory requirements are about hundred twenty eight megabytes by default but they can be reduced slightly I'll go over some specs in those it's not really ideal for embedded systems especially for very small microcontrollers though some meteor Raspberry Pi boards can actually have a full function that's kind of the standard that we use in IOT to figure out if it's possible Co free is C++ entirely and therefore surpasses the javelin implementation in all possible performance metrics and it uses a boost library for compatibility I'll go on that later this along with other features makes Cobre a much more suited for embedded systems and for other situations where performance is important if for example in the future if you're running a full node and say monaro you're gonna have resource constraints so if you have a choice between a drive by two people but if you have a choice between a java ITP implementation and a c++ high-performance process you definitely want to take the high performance one a bit about legality especially for business cases this is very important in the United States no one did or sued for operating either at or relay or an ITP router however at the same time importantly illegal usage has been tracked and responded to on both networks meaning it's not complete anarchy there are ways of preventing people from causing damage and chaos in the network now specifically there's a problem with tor exit relays people have been interfered with harassed sued although not arrested they've had their resources taken from them and declared contraband even when the people were acting legally and in good faith this has caused a lot of problems right now and so there's actually nice little a caveat here Co free does not hit them at an exit relay right now so because of that there's actually less problems with ITP implementations like like Cobre just operating though it's perfectly legal in the United States so go ahead there's no way you're gonna be harassed for that unfortunately internationally tor is actually i despondence recently tor is explicitly illegal in Turkey in fact all I all VPNs are there's no information on i2p I just I think they haven't actually if we made that law yet this is a brand new due to certain problems in that country and also China blocks all access and to both I to pee and they do that by takedown notices to the websites that have thy P addresses I take track it to and it's also they also have a quasi illegal forbidden of all forms of a Christians in certain areas so business cases for use of either these two protocols are going to be limited because one of the most important markets simply can't it be involved in that at all and so if a device was manufactured in China that would be to use some of these protocols you're gonna have some issues so you're probably gonna have to have some non Chinese based manufacturing processes develop something that's going to be using whether these two products for an out of two device however interestingly both torn ITP are pretty much legal everywhere else in the world so you will have options there is little no precedent and the industrial use of Tor or I to P so this is basically a brand new area wild west where innovation is going to be dominant and so what are the business use cases that we now can possibly have in this innovative space for the non embedded implementations y2p like what we've seen so far there's a couple things we can do right off the bat composite services which is a way of saying let's just take what we already have just start using that you can use a combination of different protocols any desktop or mobile devices you have right now you can just simply start using iqp whether the Java or the C++ implementations it's possible right now in fact some companies do provide the service eeep sites for file storage and even some DTD devices device services but really the e p-- site for file services is something that has precedent and each sites are i to piece implementation for a hidden service you simply can go to a website and browse that as long as you know the name the base 32 or the other directory name of that site so it is possible to provide a service where you can actually store things on the deep net this is popular in I believe some academic locations actually have this as a service you can save your data and access it anywhere you want to later also interestingly this is integratable right into existing apps which is something that can be valuable let's say let's say the Facebook corporation wanted to signify that it has deep commitment to the dignity of its customers and really wanted to have them have complete privacy they said from this point forward our app will now communicate over the Internet using Cobre so that everything is encrypted we won't know your IP address we swear we won't violate any of your privacy they're not gonna do that but hypothetically they could they could simply turn it on right now and do that which is nice because there are some customers who might have that business case or look to signal to their customers that they really are tolerant so I could just use that right now direct eep sites of event for like file storage there really isn't much demand for that right now because in most locations especially in the United States this white market transactions and everything that needs to be kept above board most businesses are required to keep some form of user relevant information either for kyc some of the exchanges or just simply being able to collect receipts and other things so let's say let's say you used some eep site like Amazon or something like that they'd still have to get your address so a lot of the privacy information it doesn't really make much sense for them is it gonna collect some important information from you to do that however if there were services available on each sites it would signal very you know very be very relegated by the privacy community and would really signal the services commitment to customer focus if they wanted to a lot of the customers say we want really want to make sure that you are comfortable using our services we inherently are showing we don't want to know or your contact information is here you go you can use this service and that's also available immediately interestingly because this is so new there's some brand new features that nobody's really thought of before like devices device direct communications it's even possible under theory to have every particular device you have run as a separate separate router so you're gonna have things like mesh networks and you can even do webs of trust where you have known known destinations sign a particular base 32 address to say okay I trust this particular service so he can actually communicate correctly across these these locations there's no offline mode I to be simply doesn't support that but I think probably overall the the best thing was kind of similar to was just saying the support for ITP networks any customer right now has the ability to say we support tor and we support ITP now Cobra doesn't have these exit nodes at tor does but in the context of of Tor there's simply a way that or if we do if Cobra does have access to exit nodes in the future it would be very similar to wake or tor has those websites currently have the ability to monitor for the use of tour and ITP and many of them specifically decided to deny restrict access to the full features for the users that are registered from those IP addresses those exit exit box some major web sites are even threatening to do this well after they had previously fully supported an anonymous usage a CO V has no way to prevent this but the easiest form of support for the Cobra project is for web sites to announce a policy that they will not prejudice users who choose to connect recovery while simple this will signal their website owners trust in use of an anonymizing technology in their commitment for fair access to all and this is true especially for web sites acting as an infrastructure a free and open source software or inter communications this can be a an important declaration of support for users rights I bring this up specifically because there was a major website where you would get things on a major hub and it was purchased by this large software corporation recently and so there's been some threats to remove access for people using tor exit nodes which is weird because that's probably the best case for people to communicate privately that's a big threat and after that actually happened I decided to remove my support of that website because I simply didn't want to deal with people changing their minds when they previously made a lot of stink about saying we support everyone so I think there is gonna be a business case for that that if you threatened to remove users a lot of people are gonna revoke on the embedded side instead of just simply supporting where we currently have the embedded site is really interesting this is fascinating to me hypothetically you can add new things for the device the device but that's kind of similar to the way that the current things goes but for me my focus is on IOT and so I'd like to compare the services that we have of these the IOT the Internet of Things and well from a security perspective it's also known as iOS which is the Internet of Things yes there's a lot of security problems IOT was really fantastic and it's great his original thought it was a great way of connecting devices in an arbitrary maybe even hostile environment to connect from a known device produced by a particular designer have it connect to the services provided by the designer so you're actually purchasing a service not a device most people who are very familiar with technology don't really like that much because it removes us as a factor however we're not most people here most people they just want to have a service they'd like to pay money and have something dedicated and work for them and business cases can be well designed to satisfy that but the people involved in designing these systems have to understand the threat that they provide by taking power away from their users when you remove that power you remove the dignity of them to actually be to be satisfied it requires us designer to put a lot of faith in yourself and to understand the future and the threats that your your very model you're providing for people will be satisfied you are taking the privacy in your hands it's your responsibility as a designer to make sure you actually have that power you don't abuse it and you actually responsible for that power so I'd like to go over a couple of these IOT protocols that are very popular nowadays and discuss some of the limitations of them and also introduce why embedded Cova is gonna be I think the the best possible solution right now so the first and most common protocol is known as HTTP they're also RTSP and well just plain old-fashioned FTP no not HTTP not FTPS the most popular one is just HTTP most devices just send clear text communication right over the Internet I'm responsible for for maintaining some of those and that's all I had to say about that UPnP was actually a thought was actually putting encryption into that and allowing dynamic port openings and just dynamic communications over the Internet they created a couple protocols called device protection and my security service unfortunately those have been shown have severe security flaws right from the design so for briefly that was thought to be a replacement for some of the other protocols but been pretty much completely abandoned it's useful just for opening ports but not a whole lot else the most popular right now maybe even surpasses HTTP on new devices TLS the transport layer security which is a new version of SSL this was designed with websites in mind it works fantastic for human interaction systems when there's some human that make his decision most users have been well trained to look for that little logo in the upper left hand corner of their browser to let them know that the the website they're going to is trustworthy that there's some certificate authority that is said this website is who they say they are a lot of fishing has been trying to get people to click on links they don't trust so it's a lot of IT work to make sure people are trained don't do that that's great for web sites where you have a human decision being made because ultimately if some user just doesn't understand the mixed mistake they are the ones who pay it's their responsibility it's their decision it's their initiative when you're dealing with IOT devices the customer does not have that decision you're making the decision for them and so you if you're going to be making something you got to make sure you put everything you know you design your protocol around something that doesn't that doesn't allow user override TLS is designed around certificate authorities it's great because it allows designers to have their own internal certificate authority and usually they send out x.509 certificates which are generally ok not the best but they work and there's even new extensions to TLS to make them more iot compatible like TLS 1.3 that removes some of the work required and reduces some of the known attack vectors and there's even things like a certificate pinning that makes it very easy for IOT developers so to simply go in and say okay just here's the certificate trust it for your lifetime there are a lot of problems with design though certificate pinning is vulnerable on the first year in other words if the device gets reset or flashed the first time somebody puts in a certain they have complete control over everything and that's one of the major ways of if you go over the eye-to-eye ot village you see that pretty much the first thing anybody does in the device and even worse if a certificate authority is actually compromised every device is compromised - it's the one control get password access to that it's over hackers have everything and even unfortunately TLS assumes TCP communications so you have to have full bi-directional access there's no Danny no datagrams no way sync nothing you got to be connected online every time you use that and most people don't have Wi-Fi connected all the time so they're gonna have to walk around the devices that are disconnected for a very long period of time which of course means everything's running old firmware with known vulnerabilities and everything so yeah that just causes more nightmares the the new TLS or reduces a layer but it still has like three round duplex real-time communication so you have to have something that's fast dedicated low latency on your connection so it's really hard to use like low low speed communication layers which is just more of a mess especially if you're downloading like new firmware which might be pretty big you got to have a fast one the problems with internal certificate authorities they're actually pretty pretty complicated what's happening nowadays is that most IOT developers are actually buying outside vendors they sell modules as a service there are third-party services but they have the they this is interesting they generally do have the predictability and flexibility that corporate clients prefer over costly dedicated development programmer teams and the nice thing about a module vendors you can if they violate your security you can sue them and blame them and hey it wasn't us look at these guys okay those guys over there and that's been a lot most of the IT leaks and everything are actually people just saying well it wasn't our fault it was our vendor so you got to blame them which is nice from a legal perspective but not really from a customer perspective and even then the entire use of the third party decreases the trust model as there are ever more third parties and the third parties buying more third parties everybody has access to your day that chain even if they promise they don't there's always some override where they can't they can't get everything oh if the certificate authority expires which some of these actually do I've seen them they have explorations in them then you got brick devices if the certificate authority is compromised or must be reset then you have brick devices and OH some of the protocols for IOT are actually plaintext by default like mqtt the most popular protocol that's all plaintext there is no security built into that so yeah a couple of examples that are going on right now you probably have heard about these already Amazon Web Services they have an IOT branch that supports TLS in their own version of MQTT they're the only one that they're the first group that allows MQTT to have an encrypted communication or alphabet and they even have these things called iam roles where you can go in and say I want this device to have this communication capacity this is great it's convenient but it really requires you to be embedded with Amazon the entire way from the device manufacturer all the way through use so if they ever change anything you're always trusting Amazon's service they have this just-in-time registration where you say I want to take my old IOT device and start using it now but you're still going through AWS oh and there's a print well not brand new but it's a relatively new comer called Datagram TLS which doesn't use TCP it's lightweight and it's fast and everything but it has a lot of known vulnerabilities so if anybody has a DTLS device go bring it over to the Audi hacking village and watch and cry there's also this other one that I was filing a while back called HP KP it's known as HTTP public key pinning meaning that you can really guarantee that the device once once the firmware device is burned in he's guaranteed to connect to only the server the problem is it's dead netflix killed Odin and Firefox killed it so that's done it doesn't exist anymore a lot of people were developing on that and they just had to switch immediately there is this other protocol called SAS all the simple authors authentication and security layer which is a really nice way of abstracting your LDAP or your your security protocols it's the basis of LDAP so if you ever use LDAP these use SAS all right out-of-the-box it's really flexible and which is nice unfortunately it has extremely heavy restrictions on the communications allowed so it's not useful for IOT there is an implementation called XMPP which has been the kind of like the the it girl of 2 2018 it has a couple of protocols called provisioning and discovery which are very similar to the way I to P works it also uses global unique IP air/w can globally unique addresses like the base 30 to address the 90 p it's modular which is very nice for small devices it actually runs in cortex-m zeros it has very small memory footprint inside it's also just kind of considered the coolest thing out right now except it's still support it still requires TLS and SAS all and this is the weirdest thing it actually was designed for text messages so there's no such thing as binary data you have to you have to encrypt or encode everything in base64 in mime format to do anything so if you have anything any binary data like your firmware you're gonna add what 2325 or 33% off the bat right by default so you're just adding more and more data on there there really is no compression to think of so great in theory but yeah just not doing everything right and also there's there's some brand new communicate we actually just heard about that before like things like CJ DNS tink crusts there's numerous other layers that are being added on there beginning work on creating a new super network above TCP as a way of encrypting communications many of these use classical patterns such as pseudonymous identification which you don't have to known to have severe flaws that onion and garlic writing was specifically designed to address but on the security versus speed scale these tend to have pretty good implementations on the speed side for for IOT devices that really want high speed say a smart television that wants to connect over unknown networks or try just networks it's actually pretty good path to take because he wants to be more than anything but for say industrial control systems that have security problems there willing to sacrifice speed in order to gain more security in general the IOT devices have security problems have latency built in so they don't really need speed but the the newer systems CJ DNS really it's actually has a significant increase in performance over TLS so that's something to look into if you're interested in that also most of these projects are so new they don't actually have any performance metrics so I can't compare how fast they are ready to go green so your guess is as good as mine also there's a brand new one called TLS SRP which is a way of making TLS much more IOT compatible but it's still a work in progress right now so there's no metrics no anything there's a lot of talk but people who are really big into XMPP this year not talking about TLS SRP because it's just kind of really cool it's I think the best competitor to Cobre and the embedded IOT sphere over the next couple of years all right now those are all the protocols that nobody's probably ever gonna use ever again or hear about either after this so let's go talk about Tor The Onion Router performance-wise well you you know about the the onion protocol how it wraps everything up like a marsh go down and how that differs from covert and I to peak performance metrics tor by default runs on Linux at about 512 Meg's minimum which is a pretty huge impact it's pretty significant now there are implementations that can be brought down to very small through very small amounts like there is 40 tp-link routers in open wrt you actually only need about 64 Meg's of RAM for running a full tour router which is impressive but still that's a lot more than say smaller devices like a core M serious core M series can good run tor has this new system that was created just recently called the authenticated hidden service or Onion authorization there was demo that was at least about two years ago when the original thought was that they could actually open like this it was about home security so you can have all of your of your cameras all of your baby monitoring systems hooked up through tor automatically so you couldn't have some the problems like weirdos in the internet breaking into your baby monitoring systems things like that so it actually works for you apparently well you're able to get a cookie password and login and be able to access these devices right through tor as though you were communicating over the over the open net Internet there's no way to probe for services from the outside unless you have a cookie and the API is called a hidden service authentication client current implementations are based on what's called the basic mode which is very limited there's only 16 devices internally there's another another protocol called stealth mode which is very difficult to work with in impossible scale also cookies have 128-bit security or a bit encryption which is nice but a little bit less than you expect nowadays generally authenticated here masseurs hidden services are a good idea but they don't really have what IOT needs especially in the memory aspect which finally brings us down to embedded Cobre in something I'm really excited for and an open wrt router this has about 20 1.4 megabyte memory profile which is just good enough for some very small devices maybe not the cortex-m series but definitely the ACE series and anything really small anything slightly smaller slightly bigger than the M series again I'm probably lying right now but I think this is kind of interesting kofi ITP has a lot of flexibility in that let's say you want a certificate authority with a x.509 certificate you can throw that in as your as your destination encryption want to completely separate protocol go ahead throw that into at 255 19 use that use whatever you want anything works it's scalable and this is interesting let's say you have your your EEP site your destination server hooked up with one port that's receiving multiple destinations you do a receive on a port you can tell how many or not only have multiple destinations dedicated to a particular port on your box you can also have let's say once you do a receive you can tell which destination it came from so you can tell exactly which client was requesting which destination in a given time and since you can create any arbitrary number of destinations at a time you can just scale up to whatever you want how many ports are allowed in the computer 65k how many destinations are allowed for report I don't know 65 case you're gonna have what four billion destinations on one simple box so you can support four billion separate devices connecting to you or for a billion separate services that's pretty good scale as far as I'm concerned nothing else even comes close to that Oh interesting this too basically you can have your completely automated anti-ddos attack let's say you have X devices and you a thousand devices and you have 100 destinations that you make up just separate numbers that to connect you for the same thing so you have 10 devices per destination you get a Dass attack in one of those destinations because somebody just doesn't like you and decides to do something distributed dose and spammy other bunch of stuff so you can decide to just take down that one destination off your router gone all those go to DEP no all it spam just disappears entirely all your other customers work in those 10 customers there were hard bound to that one particular destination well they'll be offline temporarily you can bring them back whatever so that's an automatic anti dose without having a shift servers or anything just turn off the destination in your otter you're done other ideas can go with let's say every version has a separate destination well in the old destinations you know instead of instead of responding with anything just say here's your upgrade just upgrade your firmware done so no matter how old it is it just automatically gets upgraded every time and they get a new destination every time or you can even bring it as far as like one destination per customer device so you know exactly where which device itself is coming you don't need a serial number you just see the requests coming in and you're good all destinations can be well they can be hidden for the use cases you somebody can tell whether they exist by the route actually getting through but you can't tell what they're used for this is really cool because this allows for a lot of new ideas that nobody's had before like Co breeze not just the best IOT communications protocol I've ever seen but it's actually it actually allows entirely new methods of communication it's possible now to prove your device's security you can actually prove your device is secure you no longer have to say trust me in the case of say like a hardware manufacturer we already have a lot of the situations where you have secured elements built-in let's say your secure element generates a destination keys so therefore only a secure element has a private key then you can publish a base64 public key version of that and have that as your destination point release your secure element source code as open source have that publishes on hash you have a way of now proving no one can possibly get access to your your device's private key even the people who designed it this is lots of really cool things cuz it's very similar to the way hardware wallets work how about a hardware wallet that actually sends out its own transactions just send them out you don't need to connect device just go sends it out to whatever can connect to eventually connects through a router and sense in Manero and pretty much all block chains all transactions are idempotent I mean you can just keep sending the same transaction over and over and over and get there eventually just wait for your customer to let you know whether or not it happened or you can have something else monitoring the blockchain to see whether or not that particular transaction went through but you don't need a you actually don't need any way of connecting your hardware device it actually keeps it open of course it will have to you have to get through places updated with the current blockchain so that you know it's actually done but maybe Cobra can get through that too but yeah that's a great way of actually sending devices device hardware identified transactions or just anonymous device the device communications like the human communication that mesh where you can have people send messages or transactions to each other without connecting to the Internet at all simply have each device acting as a router where everybody if you had communication to each other or even just have it automatic over-the-air updates as you walk between different locations you can have everything communicate you'll never know where the information came from only that we've got to wherever it needs to get to also d2 alg meaning you can have like a cloud-based system using that very same thing have a device's disconnected it simply sends data up to the cloud how about a Fitbit Fitbit device I can't update my Fitbit unless I have a device's communicating to the Internet why not just have it asynchronously update everything through a Cobre router and have that eventually get updated then a can get sent there so you don't need to have a constant web access for your RT devices it simply gets updated automatically whenever it needs to there's a lot more innovative ideas that can't happen now cuz it's just this is just fun it's there's all the rules like eventually were in place are not broken you can you can do so much more that there's really a lot of things that can't happen - I don't know about this is this is really a joy because ouchies usually been a problem recently it's been getting bad press there's a lot of things you can't do to maintain security this breaks a lot of those rules you can now go and do things that you always wanted to do without any security models yeah this is a pleasure oh and I'd like to go over building the co very building Kofi is embedded we do have an Android build but as far as getting it to actually work as an embedded system that's to be determined I have a little bit of problems with that but that should be out very soon so yes I really think Cobra is the best IOT protocol ever invented and it gets back to where it always was supposed to be all right Thank You Sean did we have any questions for Sean here at the end about anything that he's talking about no oh oh we got one in the back okay okay well I'm gonna be on my way there oh you know how much walk you can do in Vegas okay my legs sorry let's go hi thanks for your talk Sean I was wondering if you'd have any experience or any luck getting it to run on any other embedded arm devices even though the Android build is still has some kinks to work out the numbers that I had on there was it was actually about I think it was like 30 30 Meg's in total so that wasn't that bad but I didn't do a full test on actually committing getting a lot of connections to the Internet I just read some simple tests like unit tests but once that's available I'd be able to publish all the information on that plus there's probably some other embedded links I could just remove it's probably extra resources so it's better be smaller than that once it gets that running if it gets down to like maybe 12 Meg's or less that's available on even like the smallest cortex-m devices so that'd be really nice they're there if there is some research into minimal implementation that would be really worth the effort because that will make pretty much any device any IT devices available plug and play right into this to shrink the minor you say Oh shrieking the binary oh yes ringing the binaries nice but also just a general use of memory the less memory use as possible the better there's certain things you could do to say optimizing memory access keep keep everything to a really low profile some of the IOT devices have very small memory like 4 Meg's still we still have to UM SOC so or at least it's just 4 Meg's in them those are specialty items you usually can have a lot more than that but the less than you know less is more so as an animal said so yeah thanks what do you think we're going to be the major roadblocks in people adopting a ovary for these sorts of applications that you're talking about on a large scale the major road block against implementation right now is the lack of any history there's nobody's done this before and especially when it comes to legality some people just automatically assume anything to deal with tour or ITP is automatically just for those hacker guys and they do yeah the scary implementation or too scary uh suggestions if there is a successful implementation that works in in a really tough situation something that gains attention that could be very valuable and so one of the things I want to do is actually hit them at this in a in a new direction in a new project that could bring about a lot of attention and let people know so some of the major questions so far are always about well if Manero is the only system that actually uses khovrakh then won't everybody be able to tell that everything that's going on in co-vary is Manero only to what they tell that you're a person who's involved in mining or saying transactions because you use covering so if there is some other application out there that uses something else you at least begin to have what's called the plausible deniability issue where you say well I could be doing this other thing I could be bird-watching and sending pictures of cats on the Internet back and forth or something like that so and until we have a good you know environment we have multiple use cases that attitude is still gonna be there this is basically the same thing that the internet was back in the mid-90s everybody thought it was for those weirdo hackers they're the ones who send text messages back and forth real people always use fax machines or something yeah so once that attitude is broken just simply do depressed then this will be more stable and IOT devices tend to be more conservative which is why the security model threats have been really real wracking everybody together generally the same HTTP model have been around for basically 20 years that's finally broken Knology using at least TLS but simple clear text transactions have existed from yeah for a very long time and it's only this constant push to say hey you got to be responsible for your actions that have lifted people and the IOT world out from using that to putting encryption there so you has to be pressing it and really there has to be pushed to this is this as far as I'm concerned a business model you can signal the people the fact that you are providing trusted computing you are signaling to everyone that hey I don't know who you are and I'm we're gonna we have a contract we're gonna make sure that I don't have the information in that's part of the business process I provide for you you might cost you more money as a service to to get what I'm offering but I can guarantee you that you are not the product you are the customer I'm not gonna resell your information out to third parties and target advertising to you all right thank you and honorable and Shawn for your guy's presentation on covering it's something that the whole Manero community is talking about and excited about alpha release just came out and hopefully will be integrated into the Monaro test net before the end of the year just the test net just the test net thank you so much he could take this badge also
Feedback