[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Hidden services

Hash: SHA1

Hi JT,

> I read the docs and slides on hidden services. But I still don't quite
> get it.

Maybe I can help you with this.

> On slide 19 it looks as if there was only one hop between the client and
> the server. Is this the case or has the diagram been simplified?

All connections to introduction and rendezvous points are
sender-anonymous. This is depicted by the big onions on the slides.
These connections consist of more than one hop just as with circuits to
public servers. The standard hop count for each sender-anonymous
connection is 3.

> If only client and server are "for real" and the all tor servers along
> the path are compromised then can the operator find out what the hidden
> service is offering and who is communicating.

Well, if _all_ Tor servers in the path from a client to a hidden server
were compromised, they could find out that the two are communicating.
Communication between the two is still end-to-end encrypted from the
client's to the server's Tor node. But the adversaries could make an own
attempt to connect to the hidden server and find out what it is offering.

Anyway, we are talking about at least 6 routers of which 3 are picked by
the client and 3 by the hidden service. So, it's not so likely that they
are all compromised. In fact, this is what Tor relies on. I think, you
should not be too nervous about that kind of attack.

> Inside the Tor network(not
> using exits) everything is encrypted, right?! So does the last node in
> the path, connected to the hidden service know, that it is talking to a
> hidden service? As far as I understand hidden services can be run by
> servers and clients.

The last node in the circuit, which is closest to the hidden server,
does not know that it is talking to the hidden service. The hidden
server opened a circuit to that router as done with every other circuit.
So, this router cannot conclude what the hidden server is doing. It
could also be - which is more likely - a usual client. If you are more
interested in attacks on this, you might want to read the paper by
Øverlier and Syverson on locating hidden servers.

Hope this helps.

Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org