<div dir="ltr">Ivan, if I understand <a href="https://onionbalance.readthedocs.org/en/latest/design.html#next-generation-onion-services-prop-224-compatibility">https://onionbalance.readthedocs.org/en/latest/design.html#next-generation-onion-services-prop-224-compatibility</a> correctly, the setup I've planned will no longer work once Tor switches to the next generation hidden services architecture, is this correct? Will there be any backwards compatibility or will old hidden services simply stop working at that point? <div><br></div><div>Thank you,</div><div>Razvan</div><div><br></div><div>--</div><div>Razvan Dragomirescu</div><div>Chief Technology Officer</div><div>Cayenne Graphics SRL</div></div><div class="gmail_extra"><br><div class="gmail_quote">On Sun, Oct 18, 2015 at 12:08 PM, Razvan Dragomirescu <span dir="ltr"><<a href="mailto:razvan.dragomirescu@veri.fi" target="_blank">razvan.dragomirescu@veri.fi</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Thank you Ivan!<div class="gmail_extra"><br><div class="gmail_quote"><span class="">On Sun, Oct 18, 2015 at 1:44 AM, Ivan Markin <span dir="ltr"><<a href="mailto:twim@riseup.net" target="_blank">twim@riseup.net</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Not exactly. The trick is that keys are not the same. For more details<br>
have a look at the specifications [1]. There is a "permanent key"<br>
("holds the name", signs descriptors) and an "onion key" [2] for each<br>
Introduction Point to communicate with the HS. So the "nameholder" key<br>
("permanent") is used only for signing descriptor with a list of IPs and<br>
corresponding keys.<br>
<span><br></span></blockquote><div><br></div></span><div>Ah, I understand now! That actually makes perfect sense for my application. If I understand it correctly, I can simply let Tor register the HS by itself (using a random HS name/key), then fetch the introduction points and keys and re-register them with a different HS name - this would make the service accessible both on the random name that the host has chosen (without talking to the card) and on the name that the card holds the private key to (registered out of band, directly by a script that looks like OnionBalance).</div><span class=""><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><span>
> Regarding bandwidth, this is for an Internet of Things project, there's<br>
> very little data going back and forth, I only plan to use the Tor network<br>
> because it's a very good way of establishing point to point circuits in a<br>
> decentralized manner. The alternative would be to use something like PubNub<br>
> or Amazon's new IoT service, but those would depend on PubNub/Amazon.<br>
<br></span></blockquote><div><br></div><div> </div></span><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">If somebody already knows your<span class=""><br>
backend keys then certainly they know any of your data on this machine.<br><br></span></blockquote><div>No, not exactly :). There's still one thing they don't have access to - the smartcard! Even on a completely compromised backend machine, they still can't make the smartcard do something it doesn't want to do. In my project, it is the smartcard that drives the system - so a smartcard on one system can ask the host to connect it to a similar smartcard on a different system by giving it the HS name. The host establishes the connection, then the two smartcards establish their own encrypted channel over that connection. A compromised host can only deny service or redirect traffic somewhere else, but still can't make the smartcard accept injected traffic and can't extract the keys on it. I'm basically using Tor as a transport layer with NAT traversal and want to tie the HS names to smartcards so that I have a way to reach a _specific_ card/endpoint. </div><div><br></div><div> Thanks again!</div><span class=""><div>Razvan</div><div><br></div><div>--</div><div>Razvan Dragomirescu</div><div>Chief Technology Officer</div><div>Cayenne Graphics SRL</div></span></div></div></div>
</blockquote></div><br></div>