[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Hello I have a few question about tor network



Aeris writes:

> > Does it apply also to traffic going from/to hidden services? How safe are
> > users of hidden services when compared to users that browse clearnet with
> > Tor?
> 
> Correlation is possible but very more difficult, because 3 nodes for client to 
> rendez-vous points, then 3 others for rendez-vous to HS.

As I said in my previous message, I don't think this is the case because
the correlation just requires seeing the two endpoints of the connection,
even without knowing the complete path.  This is even possible with
a hidden service because the server that provides the hidden service
also uses an entry guard of its own, which is the "endpoint" for traffic
correlation purposes when a user is contacting the hidden service, despite
the much longer (and so harder to observe) path within the Tor network.

The lack of security improvement from longer path lengths is described in

https://www.torproject.org/docs/faq.html.en#ChoosePathLength

> Strength of HS is also to not have clearnet output, even if the  exit  node 
> of one of the circuits id compromised, an attacker canât access clear data. 
> Not the case on the standard case, when compromised exit node have access to 
> all the user data if HTTPS is not used.

That's definitely an improvement, although there's an issue in the long
run that the crypto in HTTPS is getting better faster than the crypto
in Tor's hidden services implementation. :-)

-- 
Seth Schoen  <schoen@xxxxxxx>
Senior Staff Technologist                       https://www.eff.org/
Electronic Frontier Foundation                  https://www.eff.org/join
815 Eddy Street, San Francisco, CA  94109       +1 415 436 9333 x107
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk