[Cryptography] Are Tor hidden services really hidden?

Tom Ritter tom at ritter.vg
Fri Feb 14 10:50:42 EST 2014

On 13 February 2014 22:35, Phillip Hallam-Baker <hallam at gmail.com> wrote:
> 1) The attacker controls multiple rendezvous points and
> 2) The attacker controls multiple clients, using them to make contact
> attempts and
> 3) Traffic to the hidden service with the drug site is an appreciable
> proportion of the total hidden service traffic
> Then, a timing attack seems very likely to reveal the IP address of the exit
> node for the hidden service which can then be unrolled in turn.

The RP is chosen by the client, so the attacker doesn't need to
control those. When the HS contacts the RP, it's via a Tor circuit, so
the RP doesn't learn the HS's actual IP, only the exit IP.  This
doesn't get you any closer to finding it though.

The attacker needs to be come the entry point for a HS to perform a
traffic confirmation attack. By sending lots of data to the HS from a
client, the entry point can correlate that traffic being delivered to
the connection, even if it can't read it.

To protect against this attack, Tor uses Entry Guards:
https://www.torproject.org/docs/faq#EntryGuards These aim to 'stick' a
client (or HS) to a set of entry nodes.  If you, the attacker is in
that set - you're good to go. But if you're not, it's much more
difficult for you to get _into_ that set.


More information about the cryptography mailing list