[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Communications between Tor servers within the Tor network, an idea



Yo!!!!
> For example, both A and B are running *non-exit* Tor servers. Now, A
> want to secretly and securely send a file to B, he(A) doesn't need other
> mechanisms, he doesn't need to know B's address either, all he needs is
> B's nickname, he specifies: "I want Tor to transfer my file to
> B(nickname)", then Tor will create a circuit starting from A's server
> and ending at B's server, the file is transfered over the circuit, never
> goes out of the Tor network, thus meets A's security needs (right?).

I am not sure I understand what you mean...

Torward is a great little software program which listens at a port for files 
and can also be used to send files.

Now. I am A. You are B. I setup blahblahblah.onion (let's use that 
as "nickname" as you call it).

As B, you run:

torward.exe -h blahblahblah.onion -p someport subversivefile.txt

Now I as A get the file dumping into my Torward running at blahblahblah.onion. 
This works even if we both are Tor clientz.

> B(nickname)", then Tor will create a circuit starting from A's server
> and ending at B's server, the file is transfered over the circuit, never
> goes out of the Tor network, thus meets A's security needs (right?).

I think I get what you are looking for, but the Problem with Your Story is 
this:

It's very easy to find out who A and B is, isn't it? From my understanding of 
your text, this is the security properties of ANY file transfer tool, isn't 
it, because both server A and B would know that (nickname) is at B? (He's 
over there!! GET HIM!!)

I realize that you probably have goodness in your hearth and want more people 
to run Tor-servers, but really, it does not look like this would give me the 
security properties I want.

As for more people running Tor servers, Tor users who realize that the 
Tor-network simply won't work if everyone runs as a client; if you use Tor 
once a month then alright, be a leech, but if you use it for 90% of your 
Internet traffic then you really should run a server...

> 1) I know my idea is rather primitive, but in general, is it an idea
> worth deeper investigation?

Probably, if I misunderstood it, but as I understand it, what you describe 
gives worse security properties than the currently existing way of doing 
things. Also, file-transfer - and everything else - should work in client 
mode too!

If I pay for 5 co-located servers running Tor-servers and run i client mode 
because I've got slow ADSL at home or am at the library or at a friends house 
then I still want to be able to use the full potential of Tor and do 
everything I could do if I were running a server.

--xiando(tm).

Attachment: pgpIiVvyyGVUo.pgp
Description: PGP signature