[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] How easy are Tor hidden services to locate?

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] How easy are Tor hidden services to locate?
From: Roger Dingledine <arma@xxxxxxx>
Date: Wed, 6 Mar 2013 17:13:23 -0500
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 06 Mar 2013 17:13:33 -0500
In-reply-to: <5.2.1.1.1.20130306154335.02681520@xxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <DUB403-EAS253CFFDFE53309AF4F2D4C4D7E40@xxxxxxx> <DUB403-EAS253CFFDFE53309AF4F2D4C4D7E40@xxxxxxx> <5.2.1.1.1.20130306154335.02681520@xxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx
User-agent: Mutt/1.5.20 (2009-06-14)

On Wed, Mar 06, 2013 at 03:46:51PM -0300, Juan Garofalo wrote:
> >Hidden services are definitely weaker than regular Tor circuits, a)
> >because the adversary can induce them to speak,
> 
> Care to elaborate on that? You mean timing attacks (based on the fact
>that hidden servers 'speak' to clients?) ? Or the owner of the service
>leaking information about himself by mistake? Or?

When you're a Tor client, you only use the Tor network when you choose
to access it (e.g. by trying to fetch a web page). So if the attacker has
some attack that works only a very small percentage of time, they have to
wait for you to initiate connections.

But for a hidden service, they can cause you to initiate a connection just
by visiting the hidden service. And they can do it as often as they want.

See http://freehaven.net/anonbib/#hs-attack06 for the original paper about
this topic (and the reason we implemented entry guards).

And then see http://freehaven.net/anonbib/#wpes12-cogs for a more recent
example. The goal of that paper is to understand how long it takes in
normal operation (with entry guards going offline and being replaced)
before a typical user touches an adversary-controlled guard node. For
simplicity, the paper assumes that you use your guards every minute of
every day for however many weeks or months it takes. A realistic user
doesn't do that, so the paper overestimates the risk. But a realistic
hidden service *would* do that, if the adversary caused it to.

--Roger

_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] How easy are Tor hidden services to locate?
  - From: Juan Garofalo

References:
- [tor-talk] How easy are Tor hidden services to locate?
  - From: Anthony Papillion
- Re: [tor-talk] How easy are Tor hidden services to locate?
  - From: Juan Garofalo

Prev by Author: Re: [tor-talk] How easy are Tor hidden services to locate?
Next by Author: [tor-talk] Tor 0.2.4.11-alpha is out
Previous by thread: Re: [tor-talk] How easy are Tor hidden services to locate?
Next by thread: Re: [tor-talk] How easy are Tor hidden services to locate?
Index(es):
- Author
- Thread