[tor-talk] Suggestion: make _hidden services_ choose random entry nodes often!

Sebastian Hahn mail at sebastianhahn.net
Fri Oct 21 12:54:29 UTC 2011


On Oct 21, 2011, at 2:27 PM, hikki at Safe-mail.net wrote:

> All standard clients have the same entry nodes on a permanent basis or as 
> long as the entry nodes are up, while the middle and exit nodes changes 
> all the time. This is to reduce the chance of choosing an accidental path 
> that is end-to-end supervised when browsing the WWW.
> 
> With hidden services, this isn't needed, since these are end-to-end 
> encrypted connections. The same goes for those who visit hidden services. 
> And randomness is what hidden services need to stay safe.
> 
> Because it's generally easy to distinguish clients from servers from the 
> way data is transferred, and check if an IP is in the official Tor nodes 
> list or not, it should be pretty easy to find hidden service clients by 
> using a cluster of bad entry nodes to supervise IP addresses and traffic. 
> With a large enough cluster, like 100-200 bad entry nodes, all new hidden 
> services will have a 5-10% x3 chance to select a permanent bad entry 
> node. Old hidden services may already have chosen a bad one, or will have 
> the same 5-10% chance for each new entry node they select if their 
> regular nodes go down. It's just a matter of analyzing timings and 
> traffic, and the hidden service's IP could be found. This only regards 
> listed hidden services, but I guess most are.
> 
> Since hidden services don't need to stick to the same entry nodes, the 
> Tor developers should really consider making the Tor client randomly 
> choose entry nodes, just as with middle and exits, for hidden service 
> usage. It should be easy to add and it will increase the security of 
> hidden services greatly by adding lots of randomness.

Unfortunately, you got it all wrong. There's a trivial attack against any
hidden service that doesn't use entry guards: Make a lot of connections
to it, while running at least one relay. Then do some timing analysis to
see when your connection to the hidden service coincides with a
connection to the node that you control, and write down the IP address
of the person making the connection, and you have de-anonymized
the hidden service.

If you have 200 bad entry nodes under your control, that attack will
work very quickly and reliably, whereas there's still a good chance
that you need to keep those nodes running for a few months for the
hidden service to pick one of those nodes as guard.


More information about the tor-talk mailing list