[tor-talk] A question about hidden services and tor in general

DeveloperChris developerchris at rebel.com.au
Sat Nov 2 11:01:25 UTC 2013


On 02/11/2013 8:19 PM, Roger Dingledine wrote:
> On Sat, Nov 02, 2013 at 02:45:51AM -0700, Andrea Shepard wrote:
Snip
> Actually, technically, the analogy would be trying to deanonymize a
> client from a subverted website.
>
> The Tor client running the hidden service picks its own three hops,
> so it's
>
> HS -> Guard -> Middle -> Middle -> Rendpoint <- Middle <- Guard <- Client
>
> --Roger
>

I hate to say it that gives me no confidence at all. Only the randomly 
chosen guard at the HS end needs to be compromised and the whole chain 
becomes worthless. A timing attack will reveal all. But there are better 
ways and far more reliable ways than a timing attack. Your diagram has 
crystalised a thought that has been running through my head for the last day.

DC

Please keep the replies civil. I know there is one in every crowd. Don't be 
that one.



More information about the tor-talk mailing list