Il 21.06.2013 09:37 grarpamp ha scritto:
At the level of the resultant TCP tunnel (at the application layer, through an exit or to an onion) all real IP's are effectively anonymized. Tor usesa mix of PKI, DH, EC, etc in extending its paths and so on. Your question involves that, ie: does your client negotiate using someidentifiables from that with each endpoint... Take a look at tor-spec.txtand path-spec.txt.
Hmmm, ok. What I actually can't understand is: when contacting an hidden service, the message for it gets encrypted using its public key. And some other security layers, ok, but the message uses the HS public key.
The response, should work the same way, no? I mean: the hidden service encrypts the response using the client's key, so it knows that. The HS actually know the client's key: it can't correlate the key with a location, an ip address or a name, but this can be exploited so that 2 different hidden service's administrators could actually know that request X on hidden service A and request Y on hidden service B has been made from the same client (as the responses have been encrypted with the same public key).
Can't understand where i'm wrong. As I hope to be wrong. Thankyou -- NoWhereMan nowhereman@xxxxxxxxxxxxx _______________________________________________ tor-talk mailing list tor-talk@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk