[tor-bugs] #8106 [Tor]: Make .onion addresses harder to harvest by directory servers
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Jan 30 15:28:11 UTC 2013
#8106: Make .onion addresses harder to harvest by directory servers
-----------------------------+----------------------------------------------
Reporter: asn | Owner:
Type: defect | Status: new
Priority: normal | Milestone:
Component: Tor | Version:
Keywords: SponsorZ tor-hs | Parent:
Points: | Actualpoints:
-----------------------------+----------------------------------------------
Currently, an `HSDir` can relax on the hash ring, receive descriptor
lookups and harvest .onions for days. Furthermore, it doesn't even have to
change identity keys, since its position on the hash ring changes every
day (because of the timestamp), so it gets new .onions all the time.
This ticket is for research on how we can make .onion addresses harder to
harvest.
Proposal 143 has some ideas that will reduce the exposure of .onions, but
it doesn't solve the problem itself.
On actual solutions, Robert posted:
https://lists.torproject.org/pipermail/tor-dev/2012-September/004026.html
some months ago. I don't have the cryptographic skills to robustly analyze
his idea, but if this is the only thing we have, we should point some
cryptographers at it so that it gets some comments.
I also seem to recall that there was a paper suggesting hidden services to
create ephemeral .onion addresses or something, but after asking Karsten
and crawling anonbib I'm not sure that such a paper exists.
Are there any other proposed solutions out there? If not, this might be a
fun research problem.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/8106>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list