[tor-talk] Hidden Service Scaling Summer of Privacy Project

Donncha O'Cearbhaill donncha at donncha.is
Tue May 26 09:36:07 UTC 2015

Hi all,

I'll be working this summer on a project to help scale hidden services
and make them more resilient as part of Tor's Summer of Privacy [1].

I am interested in hearing from all existing hidden service operators.
In particular I'd like to understand the use-cases, priorities and
limitations for people who are experience the current limitations of the
hidden service subsystem. There have been anecdotal reports on the Tor
bug tracker that hidden services have trouble scaling to more than 100
concurrent connections [2]. Is this something that operators here have
experienced? There has also been recent DoS campaigns affecting Tor
hidden services which have been challenging to mitigate.

In my project I hope to produce a tool which will allow a hidden service
to be backed my multiple Tor instances which can be spread across
multiple servers and geographical locations. I am considering some of
the following features and I'd be interested to hear how useful they
might be for your onion service:

 - Redundant hidden service hosting with no single point of failure.
 - Secure storage of hidden service keys away from the Tor service on
   smartcards or HSM's
 - From a security perspective, would you prefer to minimize the
software running on the onion service instance servers or minimize
connections to the management server which has access to the service keys?

I've anyone has time to share, I'd be very interested in learning about
your experiences and current challenges. I'd also be delighted to hear
about any other features that may be useful to the HS community. Thank
you in advanced for your consideration, I hope that my project may be
useful for your onion services after the summer.

Kind Regards,
Donncha O'Cearbhaill

[2] https://trac.torproject.org/projects/tor/ticket/8902
Full Proposal: https://gist.github.com/DonnchaC/03ad5cd0b8ead0ae9e30

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 630 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20150526/3071fb51/attachment.sig>

More information about the tor-talk mailing list