[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Hidden service question



On Wed, Mar 22, 2006 at 02:14:25PM -0500, Paul Syverson wrote:
> Still incomplete and a little off. The node the hidden service sets
> up is called an introduction point. The client creates a circuit to
> a separate rendezvous point, then sets up a circuit to the introduction
> point and sends information about the rendezvous point down that.

Right, but the server may opt to not build circuits to particular
rendezvous points, resulting in some degree of control over what those
points are.  (The point of my incompleteness was to avoid the details
associated with introduction points, but thank you for clarifying it.)

> Path length is six Tor nodes not seven (for both introduction and
> rendezvous circuits.)

> (1) HS --> 1 --> 2 --> IP
> (2) C  --> 1 --> 2 --> RP
> (3) C  --> 1 --> 2 --> 3 --> IP (send RP to HS through circuit (1) )
> (4) HS --> 1 --> 2 --> 3 --> RP 

Ah, I was under the impression that it was symmetric (three hops to IP
and RP from both sides), and this clarifies why it need not be.

> I think you are still running introduction point and rendezvous point
> together here. If you mean rendezvous point, this was the actually
> configuration used to conduct the attacks described in "Locating
> Hidden Servers" above (attacks no longer possible in the current
> versions) since the client was less concerned about protecting
> her anonymity than in finding the hidden server.

Indeed, I do mean rendezvous point... interesting that giving clients
control over rendezvous points was an effective attack in the past.  It
seems that with the architecture described above, clients should be able
to *be* RP, and therefore have a way of specifying that they do not want
client anonymity but just want to be able to access anonymous services.

> > - Client anonymity only: a way for servers to advertise themselves
> > without anonymity (e.g. a web service running at http://router.exit/,
> > for situations in which the service does not want anonymity per se but
> > wants people to connect via Tor, perhaps for the purpose of providing
> > consistent reachable service from behind a NAT / firewall / dynamic
> > address.
> > 

> Yep. Actually several variants currently being considered.

Why not just use the router.exit syntax to refer to 'unhidden' services,
out of curiosity?  That approach seems to work already...

Geoff

Attachment: signature.asc
Description: Digital signature