[tor-talk] Using Tor Hidden Services as Time Source

Patrick Schleizer patrick-mailinglists at whonix.org
Thu Feb 12 13:30:49 UTC 2015


Hi Roger!

Roger Dingledine:
> The first problem you're going to have here is that hidden services
> don't work unless your time is approximately correct. So you will have a
> chicken-and-egg problem using them to get an accurate time if you don't
> already have one.

Indeed. This is something I am aware off. We're currently require the
time must be correct enough for Tor to start with. And then use the time
from hidden services for fine tuning and keeping the time current in the
long run. And for that use case, fetching time from hidden services
works well enough.

For the chicken-and-egg problem, there are more improvements to come in
future, that do not depend on using hidden services. Either using middle
of valid-after / valid-until and/or asking the user for the first rough
time fix and/or in future [when these features you speak about below are
added] asking Tor what the time is.

My primary concern was overloading the Tor network. But after having the
Tor network survive the millions of Tor clients by the botnet attack (
https://blog.torproject.org/blog/how-to-handle-millions-new-tor-clients
), and other much higher traffic hidden services use (C&C), I think it
was good to ask, but a non-issue.

> I really think the right thing to do is to teach Tor how to export what
> time it thinks it is (via the control port), and to teach Tor to go get
> some extra opinions from the directory authorities if it suspects that
> your time is wrong. These are those two tickets:
> https://trac.torproject.org/projects/tor/ticket/2628
> https://trac.torproject.org/projects/tor/ticket/3652
> Tor relays know what time it is, and some of them are quite trusted and
> trustworthy, and your Tor already talks to them and learns the time in
> a secure way.
> 
> There's some design work to be done still though.

Looking forward to it!

> Also, there are apparently some bugs in Tor where if you start Tor with
> a wrong clock, and then something externally fixes the clock to be right,
> Tor doesn't notice, or doesn't notice for a while.
> https://trac.torproject.org/projects/tor/ticket/8766
> I've just explored that one a bit more and posted a partial fix, but
> more issues likely remain.

Great!

Cheers,
Patrick



More information about the tor-talk mailing list