[tor-talk] Hello I have a few question about tor network
Seth David Schoen
schoen at eff.org
Thu Dec 31 14:06:06 UTC 2015
Aeris writes:
> > Does it apply also to traffic going from/to hidden services? How safe are
> > users of hidden services when compared to users that browse clearnet with
> > Tor?
>
> Correlation is possible but very more difficult, because 3 nodes for client to
> rendez-vous points, then 3 others for rendez-vous to HS.
As I said in my previous message, I don't think this is the case because
the correlation just requires seeing the two endpoints of the connection,
even without knowing the complete path. This is even possible with
a hidden service because the server that provides the hidden service
also uses an entry guard of its own, which is the "endpoint" for traffic
correlation purposes when a user is contacting the hidden service, despite
the much longer (and so harder to observe) path within the Tor network.
The lack of security improvement from longer path lengths is described in
https://www.torproject.org/docs/faq.html.en#ChoosePathLength
> Strength of HS is also to not have clearnet output, even if the « exit » node
> of one of the circuits id compromised, an attacker can’t access clear data.
> Not the case on the standard case, when compromised exit node have access to
> all the user data if HTTPS is not used.
That's definitely an improvement, although there's an issue in the long
run that the crypto in HTTPS is getting better faster than the crypto
in Tor's hidden services implementation. :-)
--
Seth Schoen <schoen at eff.org>
Senior Staff Technologist https://www.eff.org/
Electronic Frontier Foundation https://www.eff.org/join
815 Eddy Street, San Francisco, CA 94109 +1 415 436 9333 x107
More information about the tor-talk
mailing list