[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-talk] Hidden Service Scaling Summer of Privacy Project



Hi all,

I'll be working this summer on a project to help scale hidden services
and make them more resilient as part of Tor's Summer of Privacy [1].

I am interested in hearing from all existing hidden service operators.
In particular I'd like to understand the use-cases, priorities and
limitations for people who are experience the current limitations of the
hidden service subsystem. There have been anecdotal reports on the Tor
bug tracker that hidden services have trouble scaling to more than 100
concurrent connections [2]. Is this something that operators here have
experienced? There has also been recent DoS campaigns affecting Tor
hidden services which have been challenging to mitigate.

In my project I hope to produce a tool which will allow a hidden service
to be backed my multiple Tor instances which can be spread across
multiple servers and geographical locations. I am considering some of
the following features and I'd be interested to hear how useful they
might be for your onion service:

 - Redundant hidden service hosting with no single point of failure.
 - Secure storage of hidden service keys away from the Tor service on
   smartcards or HSM's
 - From a security perspective, would you prefer to minimize the
software running on the onion service instance servers or minimize
connections to the management server which has access to the service keys?

I've anyone has time to share, I'd be very interested in learning about
your experiences and current challenges. I'd also be delighted to hear
about any other features that may be useful to the HS community. Thank
you in advanced for your consideration, I hope that my project may be
useful for your onion services after the summer.

Kind Regards,
Donncha O'Cearbhaill

[1]
https://blog.torproject.org/blog/interview-tor-summer-privacy-student-donncha-ocearbhaill
[2] https://trac.torproject.org/projects/tor/ticket/8902
Full Proposal: https://gist.github.com/DonnchaC/03ad5cd0b8ead0ae9e30


Attachment: signature.asc
Description: OpenPGP digital signature

-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk