Make .onion addresses harder to harvest by directory servers
|Reported by:||asn||Owned by:|
|Cc:||isis@…, teor||Actual Points:|
Currently, an HSDir can relax on the hash ring, receive descriptor lookups and harvest .onions for days. Furthermore, it doesn't even have to change identity keys, since its position on the hash ring changes every day (because of the timestamp), so it gets new .onions all the time.
This ticket is for research on how we can make .onion addresses harder to harvest.
Proposal 143 has some ideas that will reduce the exposure of .onions, but it doesn't solve the problem itself.
On actual solutions, Robert posted:
some months ago. I don't have the cryptographic skills to robustly analyze his idea, but if this is the only thing we have, we should point some cryptographers at it so that it gets some comments.
I also seem to recall that there was a paper suggesting hidden services to create ephemeral .onion addresses or something, but after asking Karsten and crawling anonbib I'm not sure that such a paper exists.
Are there any other proposed solutions out there? If not, this might be a fun research problem.
Change History (48)
comment:2 Changed 3 years ago by nickm
- Milestone set to Tor: 0.2.5.x-final
- Priority changed from normal to major
Changed 2 years ago by asn
comment:33 Changed 2 years ago by nickm
- Milestone changed from Tor: 0.2.5.x-final to Tor: 0.2.6.x-final
comment:38 Changed 15 months ago by nickm
- Milestone changed from Tor: 0.2.6.x-final to Tor: 0.2.7.x-final
- Parent ID set to #12424
comment:45 Changed 4 months ago by asn
- Keywords 028-triaged added
- Milestone changed from Tor: 0.2.8.x-final to Tor: 0.2.???
comment:46 Changed 4 months ago by dgoulet
- Keywords SponsorZ 026-triaged-1 027-triaged-1-out 028-triaged removed