[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-talk] Using Tor Hidden Services as Time Source

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: [tor-talk] Using Tor Hidden Services as Time Source
From: Patrick Schleizer <patrick-mailinglists@xxxxxxxxxx>
Date: Fri, 06 Feb 2015 22:41:46 +0000
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 06 Feb 2015 17:42:29 -0500
In-reply-to: <54D4FA72.2010402@xxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <54D4FA72.2010402@xxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>

Hello, I a developer of an anonymity-centric distribution. Called
Whonix, it's similar to TAILS but optimized for virtual machines.

We need to use a source to calibrate our system clock. For obvious and
non-obvious reasons, that source can't be NTP. The way we do it at the
moment is to fetch HTTP headers over SSL from trusted servers and use
the timestamp data.

We want to get rid of SSL and make use of the strong security properties
of Tor's end-to-end encryption for Hidden Services in order to safeguard
against clearnet SSL MITM attacks, which are within reach of powerful
adversaries.

Our plan is to contact hidden service operators, adding multiple
trustworthy hidden services to the list for both redundancy and load
distribution. Our estimated user base is 5000. The requests will only
involve fetching an HTTP header from the server, similar to `curl --head
atlas777hhh7mcs7.onion`.

Before simply implementing this feature and hoping Tor handles the load
without issue, we'd like expert (deep knowledge of Tor internals,
network size, paths, etc) and (hopefully) official responses to our idea.

Cheers,
Patrick

-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] Using Tor Hidden Services as Time Source
  - From: Dave Warren
- Re: [tor-talk] Using Tor Hidden Services as Time Source
  - From: Roger Dingledine

Prev by Author: Re: [tor-talk] corridor, a Tor traffic whitelisting gateway
Next by Author: [tor-talk] Trustworthy Tor Hidden Services?
Previous by thread: Re: [tor-talk] Fwd: I Encourage Everyone, Right Here And Now, To Donate Money To His Three Main Security Programs, Which He Uses The Most!
Next by thread: Re: [tor-talk] Using Tor Hidden Services as Time Source
Index(es):
- Author
- Thread