[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] A question about hidden services and tor in general

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] A question about hidden services and tor in general
From: DeveloperChris <developerchris@xxxxxxxxxxxx>
Date: Mon, 04 Nov 2013 18:33:17 +1030
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 04 Nov 2013 03:11:13 -0500
In-reply-to: <CAD2Ti29p-C-Hg6GQ-cp7bd4jmK4LzSze2Kdf2+D7xdJATkaAGQ@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <52744466.4010307@xxxxxxxxxxxx> <20131102094551.GH4792@xxxxxxxxxxxxxxxxxxxxxxxxxxxx> <20131102094957.GZ31806@xxxxxxxxxxxxxx> <5274DB85.1070707@xxxxxxxxxxxx> <CAD2Ti29p-C-Hg6GQ-cp7bd4jmK4LzSze2Kdf2+D7xdJATkaAGQ@xxxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Mozilla/5.0 (Windows NT 5.1; rv:24.0) Gecko/20100101 Thunderbird/24.1.0

On 04/11/2013 3:24 AM, grarpamp wrote:

HS -> Guard -> Middle -> Middle -> Rendpoint <- Middle <- Guard <- Client

I hate to say it that gives me no confidence at all. Only the randomly
chosen guard at the HS end needs to be compromised and the whole chain
becomes worthless. A timing attack will reveal all.

I'd thought it trivial to time/packet/byte count and find the:
- HS, IF you ran both its guard and a client.
- Client, IF you ran both its guard and its destination
of choice (HS/[clearnet/exit]).

Yes

It depends on whether the guard has knowledge that some
of the streams going through its relay function are in fact
destined for a HS/client and not some other relay. I never
properly followed up on that question...

This knowledge is trivial to obtain, a timing attack isn't even necessary.Whether that represents a true risk I haven't yet determined. I need toconsider what surety one can have that the guard is not compromised.


DC
--
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

References:
- [tor-talk] A question about hidden services and tor in general
  - From: DeveloperChris
- Re: [tor-talk] A question about hidden services and tor in general
  - From: Andrea Shepard
- Re: [tor-talk] A question about hidden services and tor in general
  - From: Roger Dingledine
- Re: [tor-talk] A question about hidden services and tor in general
  - From: DeveloperChris
- Re: [tor-talk] A question about hidden services and tor in general
  - From: grarpamp

Prev by Author: Re: [tor-talk] A question about hidden services and tor in general
Next by Author: [tor-talk] Tor Weekly News â November 6th, 2013
Previous by thread: Re: [tor-talk] A question about hidden services and tor in general
Next by thread: Re: [tor-talk] New to list and questions about exit nodes
Index(es):
- Author
- Thread