torpy
torpy copied to clipboard
torpyorg
Minimum example for 2P2 messaging
Hi,
I know this is no issue but I am failing at doing the socket 2P2 use case anonymously via torpy. A is anonymous. B is in the clear. A pings B so B sends message to A that A receives.
Can you do it with torpy?
--- A ping B; A knows B's IP_addr --- s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) s.connect((B_addr,self.port))
--- B reacts to ping --- s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) s.bind((IP,self.port)) s.listen(1) to_client, tor_addr = s.accept() print("send to IP ",tor_addr) # clueless IP to_client.send(msg)
--- A receive B's message --- s.recv(1024)
Remark: The conversation below is unrelated to solving the described issue as per torpy.
Alternatively to the question, any documentation from which I could be enabled to find the answer to my question by myself would be useful as well :)
Hello! Torpy i don't know, but TORIFYING your terminal, definitely YES! :) you just need to install it in you computer and I will be running on the 9050 port once you give the command for it. Here goes the commands to install, test and activate it:
checking your IP address without tor wget -qO - https://api.ipify.org; echo
installing and checking it working sudo apt install tor tor --version source torsocks on torsocks wget -qO - https://api.ipify.org; echo
But if you really want to use torpy: https://github.com/torpyorg/torpy
Okay, that would be interesting for a proof of concept on Linux.
So that I understand you correctly: I would build a cmd, make it tor, and then run my python program with usual sockets within the cmd so all communication is aliased, right? But that would be weird because how would A know the IP of B when they both use the same set up? (Because B later as to send messages to A as well without A knowing who B is...)
However, now I am under windows, so the sudo commands would not work anyways.
I am trying to build a crypto-secure e-Polling program in python. So many average users should be able to securely and properly install and run it form scratch.
But if you really want to use torpy: https://github.com/torpyorg/torpy
I'd like to, if possible. It's probably <20LOC. But because there is no documentation, I cannot possibly figure out how to do it.
That's right, because Tor will be active for EVERY command in this specific terminal till you close it. Actually they won't know, btw this is the Tor purpose (using encryption and 3 layers before the destination IP), but Tor solves this.
About the windows topic, try to use this command: runas /user:Administrator cmd
Okay, so the strategy would be to check in python with OS is used. Then run a system command in python to open a cmd. Then call the tor commands and finally send the message. And I can also reset the hopps each time, right? Because I need A to send two messages to B and B must also not know that they were sent by the same person.
Btw, if you want to earn a little extra for implementing me a P2P chat with A,B,C then please get in touch via [email protected]
Hi,
I am comming back to precisely my original question. I wish to use torpy as one-stop solution for a secure messenging function definition in python. For that, I need an equivalent to socket. I fail at finding the equivalent to socket.connect(ip_address_string,port_number_integer). Can anyone help? (I assume the listen,send,recv functions are identical)
davejakenic, I recommend you in the first moment build your app WITHOUT TORPY. When it is working, just execute you code in command line that has TOR active on it (TORIFYING your terminal) and it is done. It uses the port 9050 as default.
Yes, that already works. However, I just don't want the user to have to install tor. I understand the benefits you imply by having it as two independent codes. But torpy seems to offer exactly the one-stop solution I seek.
How exactly is your p2p network anonymous when one participant is openly known? Well, regardless of that, if B has a publicly known ip address and can listen to a port then you can connect via torpy to a service listening on that port. I've personally only used socks proxies and http requests when it comes to torpy but i can attest it works on a fundamental level. But from what I'm reading your approach seems to be fundamentally flawed and you should probably look into Tor Hidden services, which are not implemented by torpy afaik.
@chrisb09 It works with ring signatures, web of trust, and ip disguiser. So regardless what a voter signs, all what an observer can see is that this vote was created by one legitimate voter. If you worry about double voting, just consider that: g^x=y relates private key x with public key y. But as well you can use h^x=z, where no-one knows your z and h is the hash of the question you are voting on. Thus, your vote for that question is uniquely tagged and anyone could notice from z whether someone voted twice (however, not knowing who it was that voted twice). "But from what I'm reading your approach seems to be fundamentally flawed". No need to apologize.
The actual voting mechanism and the required authorization is not relevant in this context. You intend to use TOR to create an anonymous p2p network, yet at the same time you rely on publicly available ip addresses for some participants of your network. That's a major design flaw. Such a network is not anonymous at all. What even are the "ip disguiser" you are referring to?
The disguiser is torpy, tor, or i2p.
Here is an example: Please explain how the identities of the voters for Trump and Biden are revealed, and then we go from there.
A votes Trump. B votes Biden. Both use ring signatures to prove that they are one unique of {A,B,C}. B,C.D run a server. Each vote is sent via torpy to each server. Some servers might reject either votes. Any observer O can download all votes from all servers and merge by virtue of unique tag. No-one can make up any votes since each can only authenticate their own z. The only thing that everyone can do is dropping votes. Thus, A can prove in his second role as observer that there is one vote for Trump, whereas B can prove in his second role as observer that there is one vote for Biden. That is all. Notice that anyone can only be forced to offer prove for what they claim anyways. You will have no way of forcing A into proving how many voted for Biden, because if A is so reluctant then he will just use my proposed protocol instead to prove in isolation what he was set out to do in the first place: namely, to prove how many voted Trump.
Each vote is sent via torpy to each server
I assumed "2P2" was you misspelling "P2P" and you were trying to build an anonymous P2P network, yet now you state you want a classical server-client model just with multiple (possibly independent) servers (for redundancy I presume).
Here is an example: Please explain how the identities [...] are revealed
As stated before, the voting mechanism has nothing to do with this issue or my criticism of your approach. Or to put it in more practical terms: Your voting mechanism is vulnerable to attacks on the apparently publicly known server(s).
Yes, but you would have to attack everyones' servers. Likewise with DDOS: You would have to make a gigantic attack against most servers.
So what I found with torpy, basically rendering this issue inactive, is that it causes many time-out errors. Torpy seems not to connect you to the tor network. It seems to be a little twin; so we opted to use tor for now. But i2p is more secure for our purposes, because it permits ip disguise (that is, UDP with fake sender ip), and we don't need two-way communication.
Yes, but you would have to attack everyones' servers. Likewise with DDOS: You would have to make a gigantic attack against most servers.
That really depends on how many servers are used, and since you are - contrary to the title of the issue - not using a p2p approach at all, all servers have to be known to the clients beforehand, giving a potential attacker ample time to prepare.
So what I found with torpy, basically rendering this issue inactive, is that it causes many time-out errors. Torpy seems not to connect you to the tor network
Yes it does. The initial connection to the network can fail quite often and sometimes there are errors, but I can easily get a couple of thousands connections per hour.
It seems to be a little twin; so we opted to use tor for now
It certainly is less powerful than a full tor implementation but as you previously said it is pure python meaning it is quite easy to integrate into existing python projects and keep cross-platform compatibility.
Probably the easiest way would be to create a local socks5 proxy with torpy and use the request library to send post-requests via the aforementioned socks proxy
server_ip = ...
server_port = ...
proxies = {'http': "socks5://127.0.0.1:1050", 'https': "socks5://127.0.0.1:1050"}
voting_data = {'candidate': 'jeb'}
with self.tor.create_circuit(3) as tor_circuit:
with SocksServer(tor_circuit, "127.0.0.1", 1050) as tor_socks:
response = requests.post("http://"+server_ip+":"+server_port, data = voting_data, timeout=60)
if response.status_code != 200:
pass #request has failed somehow and you need to repeat it
I haven't run this particular code but conceptionally it should work. Obviously, this requires you to run a simplistic web server on your servers, but since the python standard library includes http.server it should not be complex to run that either. Encryption of your messages should be handled by asymmetric encryption system your project already includes. It is also possible to run multiple torpy instances in parallel to speed up the voting process, makes a lot of sense if you plan on supporting a large number of servers. This is where torpy is better than the classical tor implementation, since it can run multiple instances on the same machine out of the box, although some QoL changes are recommended imo (specifically regarding the port assignments). But you can make that work with the normal tor implementation too.
That really depends on how many servers are used, and since you are - contrary to the title of the issue - not using a p2p approach at all, all servers have to be known to the clients beforehand, giving a potential attacker ample time to prepare.
Let's not delve into this. I don't see a point to discuss that particular point because what you describe really affects the internet in general then. I think it is fine that just everyone on earth could run their own server, so any attacker would have to kill the entire internet, more or less.
Yes it does.
Dear @chrisb09. THAT REALLY MATTERS. Do you mean, please state unmisunderstandably, whether torpy is connecting me to the tor network? I tried checktorproject.org which could not verify my connection coming from within tor. Please be accurate and describe how to verify that torpy is connecting me to the real tor network. Kind regards.
socks5 [...]
The ugly bit with socks5 proxy (which is working now) is that it needs configuration in order to create a new circuit before each message sending operation. Notice that this is necessary to avoid vote correlatability. With torpy it is just part of the "with" syntax. Also, three hops in tor default is just not enough -- again something that torpy provides a python interface for.
I think it is fine that just everyone on earth could run their own server
Well that would require advertising the new servers before voting is done, which would either require coordination server (an even better target for a dos) or an actual p2p network between the servers.
THAT REALLY MATTERS. Do you mean, please state unmisunderstandably, whether torpy is connecting me to the tor network? I tried checktorproject.org which could not verify my connection coming from within tor. Please be accurate and describe how to verify that torpy is connecting me to the real tor network.
On a technical level, yes, it connects you with the tor network. But to be more precise, it connects you through the tor network. You get a guard, 1 (or more) middle and one exit relay. Afaik. you cannot access the actual onion network itself, meaning you cannot access hidden services via torpy. To be fair I haven't spent much time with this as it is neither relevant to my or your use case.
To verify that the connection is made via TOR you can check the exit ip or visit check.torproject.com via the proxy. I've done that as you can see in the following screenshot:
I should mention that i use a slightly modified torpy variant as well as my own prototype library that reschedules task in the not so unlikely event that torpy runs into problems. As mentioned before, especially the first connection to the tor network to get the data on the available nodes is prone to failure, but there is a constant significant chance that a circuit is faulty.
I should also mention that the respective repositories for both are significantly out of date.
For completeness, here is the code i used to make the request via the torpy socks5 proxy:
tor_test.py
from torpyjob import TorJobLib
import requests
def curl_task(port, log_function, **kwargs):
url = "https://check.torproject.org"
proxies = {
"http" : "socks5://127.0.0.1:"+str(port),
"https" : "socks5://127.0.0.1:"+str(port),
}
r = requests.get(url, proxies=proxies, timeout=60)
print("\n".join(list(filter(lambda x: "Tor." in x, r.text.splitlines()))))
print(r.status_code)
return True
tjl = TorJobLib(workers=1, fast_exit=False, ip_timeout=3600, job_timeout=90)
tjl.logger.setLevel("INFO")
for i in range(1):
tjl.schedule(curl_task, {})
tjl.wait()
print("Done.")
As to if it is the real TOR network, i'm not really aware of a fake one that works with thousands of nodes... But you can check the code yourself and see where the data comes from, or you can access all advertised relays with the function here: https://github.com/torpyorg/torpy/blob/ebf000cc93d2d7b3ddf68f2604afd46c998ae1c1/torpy/consesus.py#L308
and compare them with the relay information you can access on various websites such as this: https://www.dan.me.uk/tornodes
Also, three hops in tor default is just not enough -- again something that torpy provides a python interface for. I beg to differ. With a number larger than 3 hops you're going to stand out in the network somewhat. https://support.torproject.org/misc/misc-11/
If you're still committed to the hidden-client - open-server model, then torpy is still the best option for your client, although it will need some adjustments. However, if you want to take anonymity seriously then you should seriously consider using hidden services instead of public servers, which unfortunately would require using the proper tor implementation.
I've looked into the matter a bit more and the amount of errors these days are even higher than i anticipated. You should most definitely plan on doing some extensive error handling regarding torpy like i've done in my project. If you're lazy you could just use my lackluster library for your own purposes ;)