[tor-bugs] #8106 [Tor]: Make .onion addresses harder to harvest by directory servers
Tor Bug Tracker & Wiki
blackhole at torproject.org
Fri Mar 1 15:08:13 UTC 2013
#8106: Make .onion addresses harder to harvest by directory servers
-----------------------------+----------------------------------------------
Reporter: asn | Owner:
Type: defect | Status: new
Priority: major | Milestone: Tor: 0.2.5.x-final
Component: Tor | Version:
Keywords: SponsorZ tor-hs | Parent:
Points: | Actualpoints:
-----------------------------+----------------------------------------------
Comment(by asn):
Valet Services paper: http://freehaven.net/anonbib/cache/valet:pet2006.pdf
Here is the Valet Services scheme (as presented in
subsection''Distributing Tickets'' of section ''3.2'') adapted to the
current HS protocol:
{{{
a) HS finds the HSDirs responsible for it exactly like in the current HS
protocol.
b) HS uploads its descriptor symmetrically encrypted with key =
H(onion+'1')
HS also uploads an index for the descriptor, where index = H(onion+'2')
}}}
When a client wants to visit the HS:
{{{
a) The client derives the key and the index from the .onion.
b) The client fetches the descriptor from the HSDir and decrypts it with
the key.
}}}
A problem pointed out by Nick is that this turns HSDir into cloud storage
servers, since anyone can upload anything to it.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/8106#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list