flooding attacks to discover hidden services
Paul Syverson
syverson at itd.nrl.navy.mil
Mon Jan 1 17:33:39 UTC 2007
On Tue, Jan 02, 2007 at 01:39:05AM +1100, Wikileaks wrote:
> Does the public nature of tor routers makes hidden services
> vulnerable to
> discovery using flooding attacks?
>
> Open an onion connection to the hidden service, asking for echos. Now
> flood each
> router. If the "ping" is overly delayed, the router is on the hidden
> path.
>
> Since the rendezvous node is known and the other nodes vary over
> time, this will
> eventually reveal the entry node.
>
You've roughly described the attacks we carried out that are described
in "Locating Hidden Servers". Hidden servers and Tor clients in general
are much less vulnerable to this since the introduction of entry guards
about a year ago. See
http://www.onion-router.net/Publications.html#locating-hidden-servers
also to counter flooding to introduction points and related issues
http://www.onion-router.net/Publications.html#valet-services
HTH,
Paul
--
Paul Syverson () ascii ribbon campaign
Contact info at http://www.syverson.org/ /\ against html e-mail
More information about the tor-talk
mailing list