[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-talk] privacy of hidden services
Yes, this is correct. Some remarks:
Allen:
> To summarize, the info leakages for HS that do not use authorization are:
>
> - World at large can discover onion address using various directory
> enumeration techniques.
> - HS directory can track HS descriptor uploads and downloads and tie
> those to the onion address.
Not just "tie". It stores descriptors in which public key is set
explicitly (HSDir checks the signatures).
> - Intro point can track HS connection attempts and relate them to onion address.
Intro Point don't have an onion address per se (passive attacker). So
this should be rather
"Intro point can track HS connection attempts but only relate them to
the ephemeral service key for the duration of the key."
An IP should connect back to the service (using onion-key) to _maybe_
find out onion address, or fetch known descriptors and look there for
itself.
> For HS's that use basic authorization:
>
> - World at large can discover onion address.
> - HS directory can track HS descriptor uploads and downloads and tie
> those to the onion address.
> - Intro point can track HS connection attempts but only relate them to
> the ephemeral service key for the duration of the key.
> - Authorized users who operated an intro point could track HS
> connection attempts through that intro point.
>
> For HS's that use stealth authorization:
>
> - Each authorized user uses a different effective onion address.
> World at large can discover each of those onion addresses, but can't
> relate them to each other.
> - HS directory can track HS descriptor uploads and downloads for each
> individual onion address, but can't relate them to each other.
> - Intro point can track HS connection attempts but only relate them to
> ephemeral service key for the duration of the key.
--
Ivan Markin
--
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk