[tor-bugs] #15186 [Tor]: Combating Gareth Owen HSDir analysis
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sun Mar 8 00:13:38 UTC 2015
#15186: Combating Gareth Owen HSDir analysis
-------------------------+---------------------
Reporter: cypherpunks | Owner:
Type: defect | Status: new
Priority: normal | Milestone:
Component: Tor | Version:
Keywords: | Actual Points:
Parent ID: | Points:
-------------------------+---------------------
In his CCC talk Dr. Gareth Owen showed how he was able to collect hidden
service statistics in a straight forward manner and determine popularity
of each address.
This is a proposal on how to negate that, unfortunately I'm not sure if
this solution is even possible, but here it goes.
Say an HSDir has the descriptors for onion addresses aaa.onion bbb.onion
ccc.onion.
The user wants to access bbb.onion.
The user's client is supposed to know which HSDir should would have the
descriptor, so instead of asking for bbb.onion directly, it asks that
HSDir to send ALL of its descriptors over.
The HSDIR would then encrypt the descriptors each with their own onion
address and send them over.
(Is it possible to make it a single file and make it comparable to sending
a gpg message to multiple recipients, gpg -r aaa.onion -r bbb.onion -r
ccc.onion?)
The user receives the encrypted descriptors and tries to decrypt them one
by one with the onion address bbb.onion until he gets the correct one.
This way the HSDir can't know which specific onion was requested, and the
user won't know what are the other addresses.
You probably figured out by now I'm not an academic :p
thanks for reading
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/15186>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list