wiki:doc/NextGenOnions

Version 1 (modified by asn, 21 months ago) (diff)

initial page for hs v3

Intro to Next Gen Onion Services

Tor now supports the next-generation onion services protocol for clients and services! As part of this release, the core of proposal 224 has been implemented and is available for experimentation and testing by our users. This newer version of onion services ("v3") features many improvements over the legacy system, including:

a) Better crypto (replaced SHA1/DH/RSA1024 with SHA3/ed25519/curve25519)

b) Improved directory protocol, leaking much less information to directory servers.

c) Improved directory protocol, with smaller surface for targeted attacks.

d) Better onion address security against impersonation.

e) More extensible introduction/rendezvous protocol.

f) A cleaner and more modular codebase.

You can identify a next-generation onion address by its length: they are 56 characters long, as in "4acth47i6kxnvkewtm6q7ib2s3ufpo5sqbsnzjpbi7utijcltosqemad.onion".

In the future, we will release more options and features for v3 onion services, but we first need a testing period, so that the current codebase matures and becomes more robust. Planned features include: offline keys, advanced client authorization, improved guard algorithms, and statistics. For full details, see proposal 224.

Legacy ("v2") onion services will still work for the foreseeable future, and will remain the default until this new codebase gets tested and hardened. Service operators who want to experiment with the new system can use the 'HiddenServiceVersion 3' torrc directive along with the regular onion service configuration options. We will publish a blog post about this new feature soon! Enjoy!

Current state

In alpha. Active testing and devleopment.

Example prop224 services

You will need a Tor browser running tor master to visit these:

Riseup: vww6ybal4bd7szmgncyruucpgfkqahzddi37ktceo3ah7ngmcopnpyyd.onion searx.riseup.net: ozmh2zkwx5cjuzopui64csb5ertcooi5vya6c2gm4e3vcvf2c2qvjiyd.onion

(Also don't trust onions you read on a wiki)

How to connect to test hub

TODO: https://lists.torproject.org/pipermail/tor-project/2017-September/001449.html

How to setup your own prop224 service

TODO

Attachments (3)

Download all attachments as: .zip