[tor-talk] onion routing MITM
populationsteamsir at tutanota.com
populationsteamsir at tutanota.com
Tue Jan 26 19:09:05 UTC 2016
26. Jan 2016 18:37 by a55deaba at opayq.com:
> A CA will not validate a '.onion' address since it's not an official TLD
> approved by ICANN.
>
I understand that.
> The numbers aren't random. From Wikipedia:
> "16-character alpha-semi-numeric hashes which are automatically generated
> based on a public key <> https://en.wikipedia.org/wiki/Public_key> > when a
> hidden
> service
> <> https://en.wikipedia.org/wiki/Tor_(anonymity_network)#Hidden_services> >
> is
> configured.
I also know what asymmetric keys and hashes are.
The question is: From a user perspective, http://3g2upl4pq6kufc4m.onion just
looks like random characters. (And in fact, if it's a hash of a public key,
which was originally randomly generated, then indeed these *are* random
characters). You obviously don't want to memorize a domain name such as this,
and as a human, you're very bad at recognizing the difference between
http://3g2upl4pq6kufc4m.onion and http://xmh57jrzrnw6insl.onion
What prevents a person from registering a new .onion site, such as
http://laobeqkdrj7bz9pq.onion and then relaying all its traffic to
http://3g2upl4pq6kufc4m.onion, and trying to get people to believe that
*they* are actually the duckduckgo .onion site?
When you see a link like http://3g2upl4pq6kufc4m.onion somewhere on the web
(such as thehiddenwiki.org) why would you believe it's the real URL that
duckduckgo created, and not somebody doing a MITM?
More information about the tor-talk
mailing list