[tor-dev] Draft of proposal "Stop HS address enumeration by HSDirs"

grarpamp grarpamp at gmail.com
Fri Aug 16 21:10:38 UTC 2013


> I'm posting the draft of a proposal that specifies how to hide HS
> descriptors and addresses from the hidden service directories.
>...
>  HSDirs could still learn the address of the HSes by logging the client
>  directory requests (which contain the hidden service address).
>...
>  Currently, Hidden Services upload their unencrypted descriptor to
>  hidden service directories (HSDirs). HSDirs store the unencrypted
>  descriptor in an internal map of: <hs address> -> <hs descriptor>
>  When a client wants the descriptor of an HS, it asks an HSDir for
>  the descriptor that corresponds to <hs address>. If the HSDir has
>  such an index in its map, it returns the <hs descriptor> to the
>  client.

It is known there is a de-anon paper regarding HS, that is a separate
weakness.

But the above words about HSDirs having plaintext access to any
plaintext or decodeable '.onion' string (whether via the descriptor
or request argument) is, as far as I know in current operation,
being consistently and badly misdated, to the point of causing
confusion, even in the above paper.

In current rend-spec.txt we have Sec 1.3, v2 descriptors are used
post 0.2.2.1-alpha, specifically...

descriptor-id =
 H(permanent-id | H(time-period | descriptor-cookie | replica))

???


More information about the tor-dev mailing list