questions about hidden service hashes, and experiences running hidden services

Sun Oct 16 04:42:44 UTC 2005

hi,

i've been using and running tor for quite a few months now and i have 
finally got myself in a position to be able to run a tor server properly 
(thanks to the donation of an old celeron 566 box) and i have been messing 
around with running servers which are only accessible from the hidden 
service.

regarding the topic of securing apache for this purpose, the out-of-the-box 
configuration sets up of apache has to be changed so it doesn't glom to all 
addresses, this was fairly easy. i'm running gentoo, and i set up a 
self-signed certificate which has only got the hidden service address as 
contents - it may seem silly to run a web server on ssl *as well* as on tor, 
but hey, you can't beat 4-5 layers of encryption from 4-5 different key 
pairs :D. i had to set apache, in httpd.conf to listen to 127.0.0.1:80, 
disabled the default vhost (which i also set to listen on the same 
address/port just to be sure) enabled ssl and the default ssl vhost and set 
them both to listen on 127.0.0.1:443. https://d62mhy4rzjysyc5o.onion/ is 
where you will find the server, i wouldn't mind if anyone interested would 
mess around with it to see if it can be made to leak any sensitive info, 
most importantly the external internet ip address the server is on. (to save 
any annoyance clicking 'ok' on accept untrusted ssl keys, the public key of 
the signing CA (the same key as the public key in this case) is available at 
https://d62mhy4rzjysyc5o.onion/server.crt which will enable your browser to 
'trust' my ssl enabled server)

now, to the question which concerns me. I read in the tor spec that the 
hidden service address is an SHA1 hash of the server public key. I'm not 
sure if anyone here is aware of this (but i seriously doubt it) - SHA1 is 
now no longer secure. If the public key were equal or shorter than the 
length of the hash, this would mean that the hidden service .onion address 
could be cracked and the public key discovered, and the public key would 
then be able to be searched in the directory and the ip address revealed. I 
apologise if this is a question that has already been covered, my reading of 
the specs was not deep although i looked some ways, i couldn't discern 
whether the possibility of inverting the hash and identifying the IP through 
the directory was a possibility, so i thought i'd ask the list and see if 
anyone can answer this question. I realise that if the data used to generate 
a hash with an insecure function is longer than the hash produced that there 
is no issue. I just want to be sure about the security of the hidden 
services before i go announcing the address any further than here without 
knowing if giving this address is going to compromise my IP address - cos 
that would defeat the purpose of doing it at all.

ignore my question if it is stupid. looking at the fingerprint of the server 
i can see that it is 20 bytes. the hash is 20 bytes. i was not sure until i 
looked and counted but if i am not mistaken, decoding the hidden address to 
bytes, and running an SHA1 cracking program on it should yield the server 
fingerprint. i would like to be told that this is not possible but the 
numbers all look right to me.

regards

loki

_________________________________________________________________
Express yourself instantly with MSN Messenger! Download today it's FREE! 
http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/