[tor-talk] How easy are Tor hidden services to locate?

Juan Garofalo juan.g71 at gmail.com
Thu Mar 7 04:06:19 UTC 2013

At 05:13 PM 3/6/2013 -0500, you wrote:
>On Wed, Mar 06, 2013 at 03:46:51PM -0300, Juan Garofalo wrote:
>> >Hidden services are definitely weaker than regular Tor circuits, a)
>> >because the adversary can induce them to speak,
>> Care to elaborate on that? You mean timing attacks (based on the fact
>>that hidden servers 'speak' to clients?) ? Or the owner of the service
>>leaking information about himself by mistake? Or?
>When you're a Tor client, you only use the Tor network when you choose
>to access it (e.g. by trying to fetch a web page). So if the attacker has
>some attack that works only a very small percentage of time, they have to
>wait for you to initiate connections.
>But for a hidden service, they can cause you to initiate a connection just
>by visiting the hidden service. And they can do it as often as they want.

        Thanks. I guess I was too dumb to get the "induce them to speak" figure of speech =P 

>See http://freehaven.net/anonbib/#hs-attack06 for the original paper about
>this topic (and the reason we implemented entry guards).

        I've read that once, but I need to re-read it carefully to really grasp all that's going on. Thanks for the second link too.

>And then see http://freehaven.net/anonbib/#wpes12-cogs for a more recent
>example. The goal of that paper is to understand how long it takes in
>normal operation (with entry guards going offline and being replaced)
>before a typical user touches an adversary-controlled guard node. For
>simplicity, the paper assumes that you use your guards every minute of
>every day for however many weeks or months it takes. A realistic user
>doesn't do that, so the paper overestimates the risk. But a realistic
>hidden service *would* do that, if the adversary caused it to.
>tor-talk mailing list
>tor-talk at lists.torproject.org

More information about the tor-talk mailing list