Self-Authenticating TLS Certificates for Tor Onion Services

December 28, 2024
4:45 PM – 5:05 PM

CDC Mini Stage

CDC

TLS (the security layer behind HTTPS) and Tor onion services (anonymously hosted TCP services) are both excellent protocols. Wouldn't it be nice if we could use them together? In this talk, I'll cover a working implementation of combining TLS with onion services, without compromising on the security properties that each provides.

Speaker: Jeremy Rand Topics to be covered include: * Why would you want to combine TLS with onion services? Why isn't onion service encryption good enough? * Why isn't unauthenticated TLS (e.g. self-signed certificates) good enough for onion services? * How can we authenticate a TLS certificate for a `.onion` domain without relying on public CA's like Let's Encrypt or any other trusted third parties? (No we're not using a blockchain.) * How can we teach standard (unmodified) web browsers like Firefox to apply different certificate validation logic for `.onion` certificates? * How can we teach standard (unmodified) web browsers like Firefox to validate certificates using typically-unsupported elliptic curves like Ed25519 (which Tor uses)? * How is teaching standard (unmodified) web browsers like Firefox to validate `.onion` certificates similar to Namecoin .bit certificates? How is it different?

Additional information

Type	other
Language	English

More sessions

12/27/24	Welcome to the House of Tea! <3 HouseOfTea House of Tea Come and join our warm, cozy -cafeinated and non-cafeinated- journey/conspiracy!
12/27/24	Wondrous mathematics: How does artificial intelligence like ChatGPT accomplish the feat of learning? iblech EmbracingHackingOHPs How a mathematical breakthrough made at the end of the 17th century is the workhorse of the artificial neural networks of today
12/27/24	Angel Introduction Accessibility (early) SoS Saal 6 [More information in the Angelsystem](https://engel.events.ccc.de/news/11)
12/27/24	Look at my toys! (Neurodivergent Meetup) liv (she/her) SoS Saal D If you are neurodivergent or looked into the topics ADHD and Autism this might be the session for you. Unsure? No worries. Curiosity is enough to participate. I'll bring some fidget toys, talk a little about stimming and accessibility for neurodivergent minds. Please bring your own topics, life-hacks and toys so we can learn from each other! CN: Attendees might want to raise topics that can be triggering. These can be discussed in smaller groups where everyone is okay with it.
12/27/24	Telefonarmbänder aus waschbarer Pappe selbermachen I elzbeth Kidspace - Basteltische Telefonarmbänder aus waschbarer Pappe selbermachen
12/27/24	Ein Awareness-Team für den Kidspace - wer macht mit? elzbeth Kidspace - Workshopraum Ein Awareness-Team für den Kidspace - wer macht mit?
12/27/24	Getting started with Monero CDC CDC Pentagon This is a monero-beginner-friendly workshop for nerds, bring your computer to follow along and by the end you will have a monero wallet in your terminal and understand how to use it.

38C3 - Illegal Instructions

12/27/24 – 12/30/24

Event

CCC Events

Created by @CCC 210 Follower

Event Calendar