[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] Using the HS protocol for unlinkability only

To: tor-dev@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-dev] Using the HS protocol for unlinkability only
From: Ximin Luo <infinity0@xxxxxxxxxxxxxx>
Date: Wed, 26 Mar 2014 17:35:29 +0000
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 26 Mar 2014 13:35:50 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=headstrong.de; h=content-type:content-type:in-reply-to:references:subject :subject:mime-version:user-agent:from:from:date:date:message-id :received; s=mail; t=1395855334; x=1397669735; bh=4WWQDGPg6q5eHI 8RhLHsOOg5wYgfcnEXU7vTmJjbJAI=; b=Ws69hfqOHIby1OSERNYTyn/ZxNTl8E DR9GLNley+kxJuBT9QZ/jwjsX6V+qgkgxRYYWZcmqo5t8zGbn1PDxrFG4Q/c/gpY b9Tvw/eVXQYawrr1F1324Z7x58awfYiFlv0JEIKIeJcVs3EvyQw2uTjMwxQ4Lvgc eDcEsFzc5uUUE=
In-reply-to: <53330644.2020203@xxxxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-dev/>
List-help: <mailto:tor-dev-request@lists.torproject.org?subject=help>
List-id: discussion regarding Tor development <tor-dev.lists.torproject.org>
List-post: <mailto:tor-dev@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=unsubscribe>
References: <53330644.2020203@xxxxxxxxxxxxxxxx>
Reply-to: tor-dev@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-dev" <tor-dev-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Icedove/24.3.0

On 26/03/14 16:54, Michael Rogers wrote:
> Hi all,
> 
> (Please let me know if this belongs on tor-talk instead of here.)
> 
> I'm working on a messaging app that uses Tor hidden services to
> provide unlinkability (from the point of view of a network observer)
> between users and their contacts. Users know who their contacts are,
> so we don't need mutual anonymity, just unlinkability.
> 
> I wonder whether we need everything that the Tor hidden service
> protocol provides, or whether we might be able to save some bandwidth
> (for clients and the Tor network) and improve performance by using
> parts of the hidden service protocol in a different way.
> 
> First of all, we may not need to publish hidden service descriptors in
> the HS directory, because we have a way for clients to exchange static
> information such as HS public keys out-of-band.
> 
> Second, we may not need to use introduction points to protect services
> from DoS attacks - we can assume that users trust their contacts not
> to DoS them.
> 
> Third, we may be able to reduce the number of hops in the
> client-service circuits, because we don't need mutual anonymity.
> 
> This isn't the first app to use hidden services for unlinkability, so
> I expect this topic's come up before. Are there any discussions I
> should look at before coming up with hare-brained schemes to misuse
> the hidden service protocol?
> 
> Cheers,
> Michael

A further requirement, as I understand from a previous discussion with Michael, is that the app can't assume that each user has a publicly-accessible IP/port.

One idea (instead of using HS) is to simply have each user also be a normal (non-hidden) internet service, and have the contact connect to them through Tor. However, this doesn't address the IP/port issue. We could look into ICE as a NAT traversal technique, but it's far from clear whether this will work *through* Tor (i.e. to have the exit node run ICE with the contact).

So another possibility is using a HS-like system, where the rest of the network provides the listenable ports.

X

-- 
GPG: 4096R/1318EFAC5FBBDBCE
git://github.com/infinity0/pubkeys.git

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

References:
- [tor-dev] Using the HS protocol for unlinkability only
  - From: Michael Rogers

Prev by Author: Re: [tor-dev] GSoC - Tor pluggable transports project
Next by Author: Re: [tor-dev] Panopticlick summer project
Previous by thread: [tor-dev] Using the HS protocol for unlinkability only
Next by thread: [tor-dev] Patch: Hidden service: use inbound bind-address based on circuit ID (effectively giving each circuit a temporarily-unique IP address)
Index(es):
- Author
- Thread