Post Quantum VPN to connect to Tor

Trying to install a post quantum VPN to connect to before Tor because Tor lacks any post quantum encryption.

Also need to decide what browser to use because Tor browser doesn’t enable post quantum encryption though it is available from about:config (search “kyber”). May make another thread to explore this but Mullvad Browser is a more likely candidate if its PQE WireGuard protocol can work as Tor over VPN…

Tom’s guide lists the 3 VPNs with the most PQE support: NordVPN, Mullvad, and ExpressVPN.

The easy way seems to be NordVPN. NordLynx uses PQE and one Reddit user mentioned using this protocol with Nord’s “Onion over VPN” servers. Nord is closed source, etc, so I’d rather use Mullvad (and Whonix if possible). [Venice.ai/chat tells me that Mullvad does not have a “Tor over VPN” option.] (Proton also has Tor over VPN for their paid version, but no one says Proton’s Secure Core is PQE like NordLynx is.)

There are guides to use Mullvad with Whonix but most use Mullvad’s OpenVPN protocol which doesn’t seem to support PQE. However, @Emily seemed to have no problem going Mullvad WireGaurd VPN over Tor in 2022 [but maybe they are not using WireGuard even though that is the topic of the thread]:

(VPN over Tor means the VPN is after the Tor exit node which is not recommend by Tor devs.)

And at this point in the following thread, @solene and @apparatus, are trying to help @qubit and @kaaled to connect [a VPN] with Whonix. Not clear if they ever got it working. [The thread is about WireGuard but @solene dropped in to say that this is impossible so maybe they were not using WireGuard or it failed for that reason]:

But Solene is using a (fedora-38) standalone, and I want to use a template, so I used @unman’s task installers instead. These use debian-minimal and I’m not sure if they can use PQE WireGuard but these are the easiest tests to start:

I tried installing the “tasks” proton-vpn and mullvad-vpn. The proton install had an error but created the qubes so I tried to update template-proton from Qubes Update. It failed saying keys were not installed. I wanted to reinstall so I removed the two proton qubes but then the installer still says proton-vpn is installed. How do I uninstall it?

The mullvad-vpn install showed no errors in the terminal but it failed to start a qube during installation due to lack of RAM. That qube seemed to start again and qubes were created, but to see how to run the app I look to Settings / Applications and it says “Application missing in template! (mullvad-browser.desktop)” and same for (mullvad-vpn.desktop). The template-proton settings had two apps missing also. So I want to reinstall the mullvad task also but don’t know how to uninstall these task things.

[Not sure if this matters but I have qubes set to update through Tor. Also the default NetVM is sys-whonix and this is probably why unman’s installers made sys-whonix the NetVM for the app qubes it created: proton, sys-mulvad, and mullvad-dvm. It seems ideal to run the VPN’s sandwiched between two Tor/Whonix circuts, at least until testing verifies if they will be used long-term.]

Tor can only transport TCP packets, and wireguard is using UDP datagrams, it just can’t work. You need to use OPEN VPN in TCP mode if you want to connect to it through tor.

Hi @solene!

Now I cannot find the reddit thread where I thought someone said they used NordLynx (PQE based on WireGaurd) with Nord’s “Onion over VPN” service and I can’t find anything else to explicitly confirm or deny this. Nobody cares

Seems like PQE should have a higher priority. Tor devs could simply enable kyber from about:config and at least the data would be encrypted on sites that support it, like it has been with every other major browser for a while now. You can use the PQSpy firefox addon with Tor browser to see which sites have PQE. This forum does not.

Venice.ai/chat uses mostly PQE according to PQSpy. It swears NordLynx will work with “Onion over VPN”, and describes the process, but it has no source to verify.

Venice lists many ways to tunnel WireGuard through TCP. I will paste it here:

[None of these sources mention PQE with WireGuard, however they discuss tunneling WireGuard over TCP]:

Title: "Running WireGuard over TCP – A Solution for UDP blocking issues - eduVPN"
    Content: This article discusses running WireGuard over TCP as a solution for UDP blocking issues. It mentions tools that tunnel UDP over encrypted TCP connections.
    URL: "https://www.eduvpn.org/running-wireguard-over-tcp-a-solution-for-udp-blocking-issues/"
    Date: 2024-05-14T11:13:37

Title: "WireGuard Over TCP | Pro Custodibus"
    Content: This blog post explains how to tunnel any IP-based protocol, including WireGuard, over TCP in restrictive network environments that block UDP.
    URL: "https://www.procustodibus.com/blog/2022/02/wireguard-over-tcp/"
    Date: 2022-02-16T08:00:00

Title: "Tunneling WireGuard over TCP with TunSafe"
    Content: This source discusses TunSafe, a tool that supports tunneling WireGuard UDP packets over a TCP connection.
    URL: "https://tunsafe.com/user-guide/tcp"
    Date: The date is not provided, but the content is relevant to tunneling WireGuard over TCP.

These sources provide information on tunneling WireGuard over TCP, which can be combined with post-quantum encryption implementations like the one discussed in the PQ-WireGuard presentation. For a comprehensive solution, you may need to refer to these sources and consider using tools like TunSafe or other TCP tunneling methods in conjunction with post-quantum encryption implementations for WireGuard.

You could use shadowsocks (an obfuscation protocol) to use wireguard over TCP, but it’s not vanilla wireguard

I’m not sure how that might effect traffic analysis or anonymity set. Safest if we are all doing the same thing. This makes the NordLynx with “Onion over VPN” option very tempting. They are the biggest.

But Mullvad keeps absolutely no logs and when the Swedish authorities came a knocking, they didn’t bother to raid the place after this was demonstrated to them. I’m thinking of developing the “Quantum Privacy Network”. See if Mulvad, NymVPN, etc, have licensed enough free software to use for a volunteer network as a Tor alternative. Nym is not yet quantum private but seems to have the best defense from traffic analysis, and it uses open source software and multiple hops like Tor. So chain Nym, Mullvad and maybe Lokinet (free, multihop, and can use UDP unlike Tor), and maybe other free “VPNs”.

For now I just need to decide because once I trust a network, I will have strong incentive to never switch. I’d like to use Mullvad but not sure I’m ready to give up Tor or if quantum encryption is really worth dropping Tor.

Doesn’t sound like anyone has used Mullvad PQE with Tor, so I’m very conflicted with these three options:

1. Use only Tor. With this we can still get data encryption for some sites, by changing the kyber setting in about:config and using PQSpy to identify PQE sites. IP address would be vulnerable to collect-now-decrypt-later by quantum crackers at the NSA, etc. Can also use Brave’s Private browsing with Tor because it’s based on chromium so should have PQE, but not designed to connect to Whonix. Mullvad browser is based on Tor browser and it uses an extension with PQE but this is designed to connect to the VPN not Whonix or Tor. Changing the setting on Tor browser seems best except this change in fingerprint may reduce the anonymity set to much lower than Brave or Mullvad browsers.

2. Only use Mullvad VPN. The privacy policy doesn’t help if a server is compromised as Nord admitted to once.

3. NordLynx with Onion over VPN. Damn tempting. They are much cheaper than Mullvad if you buy a year or 3. Main issue here is that its all their software and would seem they can and do track anyone by their log in credentials because they admit some tracking on the App Store. If you can download the software anon maybe they can’t target people with a backdoor, but do they even need to?

All paid services seem to have this problem but Mullvad say they anonymize it somehow. NymVPN uses its own cryptocurrency which I think uses techniques like Monero or Zcash.

Maybe chaining Mullvad (for PQE) with Lokinet (free), Proton (free with trusted privacy policy although they do admit to collecting contact info and dianostics in App Store, unlike Mullvad).

For premium add Nym traffic analysis obfuscation layer.

Not really clear that this will be better than Whonix, especially in the sort term.

Maybe you can tell us a bit about your threat model and protective goals?

• Is your adversary monitoring your connection to the internet or the one of the website/service you want to access?
• Do you need anonymity or just confidentiality?
• Do you have control over your system and the system you want to talk to?

Trying to install a post quantum VPN to connect to before Tor because Tor lacks any post quantum encryption.

A general note on post quantum encryption itself: The problem may not be that imminent as one thinks and those algorithms may not be as secure as one hopes. Here is a presentation of a New Zealand cryptographer. In my opinion post quantum, as well as tor+vpn services from VPNs is a marketing trick that does harm to general security, privacy and anonymity. Tor+VPN is easy to create with qubes, but you most certainly should not. The general recommendation is not to use VPN + Tor without a very pressing reason.

Under the assumption that the adversary can crack all pre quantum encryption and is monitoring all internet traffic, you will need to talk post quantum crypto between your browser and the service. As nearly no services offer post quantum TLS right now, you are unable to fulfill your protective goals with Tor or any VPN unless you control both systems or post quantum becomes mainstream. If you can control both systems, you can build your own post quantum crypto tunnel between both systems , if you need anonymity wrap it in an onion service.

You talked about modifying your browser or not use tor browser. This reduces your anonymity greatly, as you will be kinda the only one talking, or even offering post quantum ciphers to the webservice, making you a unique Tor user.

My advise: Use whonix without modification.

The problem may not be that imminent as one thinks and those algorithms may not be as secure as one hopes.

There is a very good chance that quantum cracks will begin in my lifetime. The standard practice is to combine PQE with current encryption. With the PQSpy Firefox Addon, none show as “kyber”, they show “xyber”, for example.

In my opinion post quantum, as well as tor+vpn services from VPNs is a marketing trick that does harm to general security, privacy and anonymity.

Tor admits it is not secure from traffic analysis if both sides are logging. Nym at least attempts to fix this. I don’t know why it can’t be taken over by volunteers for a freemium service with certain upgrades that you would pay for. More work is needed for quantum private (crypto) payments because cash by mail is slow, insecure (compared to crypto not to electro-fiat), and doesn’t protect the receiver.

Tor also admits it needs PQE for anonymity but can’t do it (due to lack of devs, from lack of funds).

Why they don’t just enable kyber in Tor browser, I do not know. Seems they are maybe considering it now. Use X25519Kyber768 for TLS, when available, enablement of Post-Quantum Key Agreement Security Option (#43138) · Issues · The Tor Project / Applications / Tor Browser · GitLab

The general recommendation is not to use VPN + Tor without a very pressing reason.

Such as?

you will need to talk post quantum crypto between your browser and the service.

That’s what kyber in the browser is supposed to do. It encrypts your data but doesn’t hide your metadata ie IP address.

Are you suggesting that using a PQE VPN will not help if the website isn’t using PQE? Yes it does because then you have anonymity from the website and from the quantum cracker who has saved the traffic to/from the website.

As nearly no services offer post quantum TLS right now

PQSpy is a Firefox addon that will show you how many connections are PQE. PQSpy also works with Tor browser when you have kyber enabled. Sites such as Google and Cloudflare show complete PQE. Cloudflare’s privacy policy seems good and many sites may be PQE due to Cloudflare.

PQE search is really difficult but Ecosia is a search that shows many PQE connections after the Cloudflare click-the-box biometric CAPTCHA. I’m not sure non-PQE duckduckgo is a better option.

Another crypto funded project (like Nym) is at https://venice.ai/chat . No CAPTCHA, good privacy policy, it can search the web and spy over these bio-ID walls and tell you what websites say. Half of venice.ai/chat connections are PQE so I’m not sure if searches and replies are sent PQE.

if you need anonymity wrap it in an onion service.

Using PQSpy it appears that many websites that are completely PQE are no longer if you connect to their onion address (for example https://kycnot.me http://kycnotmezdiftahfmc34pqbpicxlnx3jbf5p7jypge7gdvduu7i6qjqd.onion/) Which do you think is the better bet?

You talked about modifying your browser or not use tor browser. This reduces your anonymity greatly, as you will be kinda the only one talking, or even offering post quantum ciphers to the webservice, making you a unique Tor user.

You understand the dilemma I explained. I will try to explain again, some solutions.

Brave (another cypto funded project) probably uses PQE with it’s Private Browsing with Tor option so this has that advantage over enabling kyber in Tor browser.

According to Tor devs, VPNs have more users than Tor, and NordVPN is the biggest. They don’t have a standard browser to use with their Onion over VPN servers, but Tor browser is one they recommend. Not sure if this would result in Tor over Tor when used with “Onion over VPN” or if it is another way that NordLynx is able to tunnel PQE over Tor…

…ah, if that is the case, Brave Private Browsing with Tor would probably also work with NordLynx (without using Onion over VPN)! Then you have PQE anonymity over the network (like Mullvad WireGuard) and in the browser (like Mullvad browser), plus Tor (unlike Mullvad), and you don’t look like some freak who goes to about:config and searches “kyber” and changes the settings to enabled for both as it is with Firefox.

!!!MULLVAD BROWSER IS NOT USING POST QUANTUM ENCRYPTION!!!

…as I assumed in previous posts. I ran it in Whonix. Tor browser was updated recently and Mullvad browser is based on this latest update. Went to about:config, searched for “kyber”, it is not enabled. Installed PQSpy and it shows sites as not being encrypted with PQE unless you enable kyber.

Mullvad’s blog has a post where they say they are using kyber but this appears to be for their VPN anonymity layer. It appears a website that offers PQE encryption will not be utilized by Mullvad browser as it will be with Firefox, Chrome, or Brave.

Like Tails, Mullvad browser has uBlock Origin plug in, so at best it would seem the fingerprint might look like Tail’s version of Tor browser.

Mullvad browser has their own add on that shows connections to their DNS servers which seems worse than what Tor browser does in Qubes.

One interesting feature is the ability to search Google through their proxy. But the lack of PQE in the browser means these searches would be vulnerable to “Harvest now decrypt later” by any Mullvad server, other middlemen, or compromised computers.

Closing this topic since it is not Qubes, specific.