Opened 7 years ago

Closed 3 years ago

#5999 closed project (implemented)

Hidden services as a platform

Reported by: phobos Owned by:
Priority: Medium Milestone: Tor: unspecified
Component: Core Tor/Tor Version:
Severity: Normal Keywords: SponsorZ tor-hs
Cc: proper@…, adrelanos@…, amontero@… Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

Hidden services are an example application of what one can do with the tor overlay network for the Internet. Seemingly benign human rights, legal, and other data collection is becoming sensitive as hostile organizations realize collated and combined data can be used against them in legal, public, and advocate arenas. A few such organizations have pondered using hidden services as an 'anonymous cloud' for storing and/or synchronizing content for people in the field.

Tor hidden services need to become much more reliable to be used as a platform for such content hosting services. The ability to publish to and from a hidden service needs to be reliable, timely, and with user-controlled latency (whether immediately or batch upload/download as connectivity and time permits).

Child Tickets

Change History (19)

comment:1 Changed 7 years ago by proper

Cc: proper@… added
Status: newneeds_information

Please be a little more verbose. Do you want a preconfigured, secure, one click installable hidden webserver? Install, click, click, done, "Here is your .onion domain. Have fun with your hidden filehosting service."? And the website contains an a filehosting service? (like megaupload, but use some open source implementation if that exists)

Related to Tails Server?

Good project for GSOC?

comment:2 Changed 7 years ago by karsten

Keywords: SponsorZ added
Milestone: Sponsor Z: November 1, 2013

Switching from using milestones to keywords for sponsor deliverables. See #6365 for details.

comment:3 Changed 7 years ago by nickm

Milestone: Tor: unspecified

comment:4 Changed 7 years ago by phobos

I think of this more as "hidden services 2.0". We need to make them as reliable as .coms today. Fast enough to be usable. More resistant to known attacks. Easier to setup and configure safely. Easier to integrate into existing services in the non-onion world.

This likely involves new crypto, new designs, and new thoughts on scalability. How does one scale a popular hidden service? What if twitter, identica, facebook, or google wanted to offer a hidden service at their scale?

comment:6 Changed 7 years ago by nickm

Keywords: tor-hs added

comment:7 Changed 7 years ago by nickm

Component: Tor Hidden ServicesTor

comment:9 Changed 7 years ago by phobos

Further fantasy wishlist ideas I've heard in the past few months:

  • easy-to-use tahoe-lafs over hidden services
  • implement torchat-like system that doesn't kill the tor network
  • point-click-publish hidden service-based blogging platform
  • make hidden services as fast as tor is now
  • develop best practices document for running a site on a hidden service
  • register .onion tld with ICANN and set it up as transparent tor2web interface
  • stop HS enumeration/discovery attacks (stop the ability for a HSDir to learn all HS desc over time)
  • mitigate HSDir anonymity/privacy attacks (not sure what these are specifically)

comment:10 Changed 7 years ago by asn

On speeding up HSes:

Looking at https://gitweb.torproject.org/torspec.git/blob/HEAD:/rend-spec.txt#l64 it seems that steps 5 to 12 happen every time Alice wants to visit a hidden service.

Do we know which steps are the most time-consuming?

I guess that relaying data through a 6-hop spliced circuit is pretty slow, but I'm wondering if there are any other time-consuming actions there that we could optimise.

comment:11 Changed 7 years ago by hellais

On getting Hiddden Services deployed on desktop platforms: http://apaf.readthedocs.org/en/latest/index.html.

I think starting to make APAF backed builds of TCP services that run on hidden services would get them much more used.
Having a piece of software that anyone can download and run and start a free and anonymous blog from their home computer is of great power.

comment:12 Changed 7 years ago by asn

On speeding up HSes (part 2):

Two papers that propose speed improvements:

Valet Services: Improving Hidden Servers with a Personal Touch

Improving Efficiency and Simplicity of Tor circuit establishment and hidden services

comment:13 Changed 7 years ago by naif

There's also useful tickets about:

  • improve usability/security for TorHS setup

Load Tor Hidden Service Key via Tor Control Protocol: https://trac.torproject.org/projects/tor/ticket/5976#comment:13

  • improve usability for end-user using TBB

TBB Comfort loader when connecting to Tor Hidden Services: https://trac.torproject.org/projects/tor/ticket/7046

comment:14 Changed 7 years ago by asn

Roger believes that #1944 will help improve HS speed.

PS: Should we split this ticket into multiple subtickets (one subticket for HS speed, another one for usability, another one for security, etc.)?

comment:15 Changed 6 years ago by amontero

Tor websites as HS may improve in several aspects (deniability, disribution, resiliency) if hosted inside a Tahoe-LAFS grid. See https://tahoe-lafs.org/trac/tahoe-lafs/ticket/2144 .

comment:16 Changed 6 years ago by amontero

Cc: amontero@… added

comment:18 Changed 3 years ago by cass

Severity: Normal

This ticket is tagged SponsorZ, but it looks like progress stalled a while ago. Is this still a thing that needs funding? Is the need being addressed under other tickets or work?

comment:19 Changed 3 years ago by nickm

Resolution: implemented
Status: needs_informationclosed

This is partially done with ADD_ONION support and with recent tools for spinning up a website ... and partially an infinite task.

I'll say that the glass is half empty and close this.

Note: See TracTickets for help on using tickets.