> On 27 Feb 2017, at 23:48, nusenu <nusenu@xxxxxxxxxxxxxxx> wrote: > > This group is still growing. > > Note that the following table is _not_ sorted by FP. > > The FP links these relays even across ISP, and given the FP column > pattern it might be obvious what they are after. > > They do not have the hsdir flag yet. > > https://raw.githubusercontent.com/nusenu/tor-network-observations/master/2017-02-24_9001-9051-v0.2.8.9.txt > > Is there a tool out there that tells me which HSDir is/will probably be > responsible for a given onion address (and at what time)? There's no tool, unless you can reverse SHA1. (Or brute-force a set of popular onion addresses.) In short, it's the first 3 fingerprints following descriptor-id: permanent-id = H(public-key)[:10] descriptor-id = H(permanent-id | H(time-period | descriptor-cookie | replica)) where H is SHA1. The spec is: https://gitweb.torproject.org/torspec.git/tree/rend-spec.txt#n222 https://gitweb.torproject.org/torspec.git/tree/rend-spec.txt#n505 The implementation is: https://gitweb.torproject.org/tor.git/tree/src/or/rendcommon.c#n127 As an aside, this attack is not possible with next-generation hidden services, because the HSDir identities are hashed with the daily shared random value: https://gitweb.torproject.org/torspec.git/tree/proposals/224-rend-spec-ng.txt#n791 T -- Tim Wilson-Brown (teor) teor2345 at gmail dot com PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B ricochet:ekmygaiu4rzgsk6n xmpp: teor at torproject dot org ------------------------------------------------------------------------
Attachment:
signature.asc
Description: Message signed with OpenPGP
_______________________________________________ tor-relays mailing list tor-relays@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays