[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] onion routing MITM

populationsteamsir@xxxxxxxxxxxx writes:

> I'm new to tor, trying to understand some stuff.
> I understand the .onion TLD is not an officially recognized TLD, so it's not 
> resolved by normal DNS servers. The FAQ seems to say that tor itself resolves 
> these, not to an IP address, but to a hidden site somehow.
> When I look at thehiddenwiki.org, I see a bunch of .onion sites, with random 
> looking names. Why is this? What if someone at thehiddenwiki.org registered a 
> new .onion site (for example http://somerandomletters.onion), which then 
> relayed traffic to duck-duck-go (http://3g2upl4pq6kufc4m.onion)? 
> Thehiddenwiki could give me the link http://somerandomletters.org, and of 
> course I would never know the difference between that and 
> http://3g2upl4pq6kufc4m.onion

The hidden service name isn't chosen directly by the hidden service
operator and you can't just make one up and start using it.  Instead,
it's derived from the hidden service's cryptographic public key.
Tor checks that the public key matches when you're connecting to the
hidden service, so someone can't simply substitute their own service
without knowing the corresponding private key.

In effect, the crypto key is used as a name (or identifier), which
provides an intrinsic cryptographic way to know whether you're talking to
someone who has the right to use that name (or is properly referred to by
it), assuming hidden service operators can keep their private keys secret.

Somewhat confusingly, people do manage to make their hidden services
start with strings of their choice, but they do this by generating
enormous numbers of different keys over and over again until they get
one that they like.  Despite that, it takes an exponentially-increasing
number of attempts for each additional character of the onion name that
you want to control, so even if Facebook can get one that starts with
"facebook" (as they did), we don't tend to think anyone* has the time
or computational resources to be able to choose the entire onion name,
for example to choose one that matches an existing one controlled by
somebody else.  For instance, even if I had generated an onion name
beginning "3g2upl4", it would take me about 32 times as much work to get
one beginning "3g2upl4p", 1024 times as much work to get one beginning
"3g2upl4pq", 32768 times as much work to get one beginning "3g2upl4pq6",
and overall 35184372088832 times as much to get one that exactly matches
DuckDuckGo's onion name.

> Am I supposed to get the duckduckgo URL from a trusted friend of mine, and then 
> always keep it?

Yes, or from DuckDuckGo's regular site.


* The Bitcoin network is doing quite a bit more computation, in total,
  than this per year, so it's actually conceivable that someone with a
  very large amount of money to spend on custom hardware could do this.
  So the next generation of Tor hidden services will use a longer
  onion name.

Seth Schoen  <schoen@xxxxxxx>
Senior Staff Technologist                       https://www.eff.org/
Electronic Frontier Foundation                  https://www.eff.org/join
815 Eddy Street, San Francisco, CA  94109       +1 415 436 9333 x107
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to