[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Communications between Tor servers within the Tor network, an idea

xiando wrote:
>> For example, both A and B are running *non-exit* Tor servers. Now, A
>> want to secretly and securely send a file to B, he(A) doesn't need other
>> mechanisms, he doesn't need to know B's address either, all he needs is
>> B's nickname, he specifies: "I want Tor to transfer my file to
>> B(nickname)", then Tor will create a circuit starting from A's server
>> and ending at B's server, the file is transfered over the circuit, never
>> goes out of the Tor network, thus meets A's security needs (right?).
> 
> I am not sure I understand what you mean...
> 
> Torward is a great little software program which listens at a port for files 
> and can also be used to send files.
> 
> Now. I am A. You are B. I setup blahblahblah.onion (let's use that 
> as "nickname" as you call it).
> 
> As B, you run:
> 
> torward.exe -h blahblahblah.onion -p someport subversivefile.txt
> 
> Now I as A get the file dumping into my Torward running at blahblahblah.onion. 
> This works even if we both are Tor clientz.

I've never heard of Torward, but it seems A needs to setup a hidden
service here, and it is restricted to file transfer. My idea can be used
in more scenarios, file sharing is only an example, other scenarios
could be chatting, all sorts of peer 2 peer communications.

>> B(nickname)", then Tor will create a circuit starting from A's server
>> and ending at B's server, the file is transfered over the circuit, never
>> goes out of the Tor network, thus meets A's security needs (right?).
> 
> I think I get what you are looking for, but the Problem with Your Story is 
> this:
> 
> It's very easy to find out who A and B is, isn't it? From my understanding of 
> your text, this is the security properties of ANY file transfer tool, isn't 
> it, because both server A and B would know that (nickname) is at B? (He's 
> over there!! GET HIM!!)

Sure, A knows who B is, and B knows who A is, we could assume A and B
are acquaintances, they want to secretly share files, using Tor gives
them additional anonymous feature that *any* file transfer tool don't
have, that is, nobody else knows they are sharing files.

So, maybe my idea could be summarized as "a set of people as a whole
gain anonymity from others by running Tor servers".

>> 1) I know my idea is rather primitive, but in general, is it an idea
>> worth deeper investigation?
> 
> Probably, if I misunderstood it, but as I understand it, what you describe 
> gives worse security properties than the currently existing way of doing 
> things. Also, file-transfer - and everything else - should work in client 
> mode too!

I'm only only adding, rather than modifying, Tor still works as it is,
but a new usage is introduced.

One thing to clarify, client is still needed, the key here is a Tor
server now has the ability to communicate with another server, they
could build a circuit, and clients reside at two ends could use this
circuit to share information secretly.

> --xiando(tm).

Thank you for your comment. :)

Hanru