[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-relays] Combined relay and hidden service, good idea or not?
Hey,
On 2018-01-05 04:08, tortilla@xxxxxxxxxxxxx wrote:
When operating a hidden service and a relay in one tor instance, tor
currently warns:
[warn] Tor is currently configured as a relay and a hidden service. That's
not very secure: you should probably run your hidden service in a separate
Tor process, at least -- see https://trac.torproject.org/8742
First, that issue has been fixed and closed.
The issue is fixed by adding the above warning message: if you care
about your hidden service's "hidden" property, do not run a relay on the
same process.
Second, I had read in the past opinions stating:
When operating a hidden service, running a relay helps mix traffic so that
anyone observing traffic from the machine cannot easily run an analysis
targeted at a hidden service that might exist on that machine.
The part "cannot easily run an analysis targeted at a hidden service"
looks just wrong to me. If you want an example of an active attacker
able to easily uncover such a hidden service (when mixed with a relay),
you can give a look at our paper "Dropping on the Edge: Flexibility and
Traffic Confirmation in Onion Routing Protocols" [1] (to appear in
PoPETs18). The techniques presented are not applied on that particular
setup, but this is somewhat trivial to do.
Best,
Florentin
[1] https://uclouvain.be/crypto/people/show/462
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays