[tor-dev] "Trawling for Tor Hidden Services: Detection, Measurement, Deanonymization"

Nick Mathewson nickm at alum.mit.edu
Fri May 24 03:35:31 UTC 2013

On Thu, May 23, 2013 at 10:18 PM, Tom Ritter <tom at ritter.vg> wrote:
> RPW's, et al's paper was made public today, and demonstrates several
> practical attacks on Hidden Services.
> http://www.ieee-security.org/TC/SP2013/papers/4977a080.pdf
> I was wondering if there were any private trac tickets, discussions,
> or development plans about this that might be also be made public.

Most (all AFAIK) of what we have to do about this is public already.
For stuff that's already done, see tickets #8146 and #8147 and #2286
and #8273 and #8435 for stuff that's already implemented at the
directory authority level to make cheap HS-targeting attacks harder,
and #8207 for fixing a bug in hidden service user authentication
(which is a pretty good countermeasure if you want to avoid
enumeration).  See #8240 for making Guard node lifetime configurable,
and raising the default.

For stuff we'd still like to do, have a look at #8106 for a good
crypto idea from rransom that would form the basis of a way to make
service enumeration impossible, and some discussion with
hyperelliptic. See #8244 for some anti-censorship ideas from arma. See
#6418 for an important last step.

(These numbered tickets are all at trac.torproject.org.  For example,
#8106 is https://trac.torproject.org/projects/tor/ticket/8106 and
#8244 is https://trac.torproject.org/projects/tor/ticket/8244 .

All of the current tickets tagged with "tor-hs"  are:

Sorry about the enormous URL.

George had a good blog post summarizing security issues and related
issues with hidden services at, which should have some good opsec
suggestions: https://blog.torproject.org/blog/hidden-services-need-some-love
.  This week, he started some discussions about migrating to future
hidden service protocols on tor-dev too.

And that's what we've got now.  George and Roger will probably have
more thoughts; this is just me trying to do a braindump.


More information about the tor-dev mailing list