Tor to Enhance Hidden Service Security

While it’s unwise to consider any form of online communication completely anonymous, the Tor network offers great alternatives for users seeking more online privacy. Websites residing on the network are known as hidden services. Currently—and despite the name—hidden services are not entirely unseen. In order to function, they need to be advertised within the network itself.

Nodes (also known as relays) are randomly chosen by newly created hidden services in order to create a circuit. Public keys are shared and circuits are assembled. From here the nodes function as introduction points for other connections, and through the use of public keys, aid in obfuscating IP addresses associated with hidden services, as well as bolstering privacy for users.

These introduction points exist within what are known as Hidden Service Directories (HSDirs). HSDirs make up a distributed database used to discretely connect users with hidden services through exchange of addresses and public keys. However, this configuration unfortunately comes with the potential to put users at risk for correlation attacks.

Later this year, the Tor Project plans to enhance privacy with the introduction of additional security to its hidden services. The number of characters within a standard hidden service hostname will increase from 16 to 50, and stronger encryption will be implemented through a switch from 1024-bit RSA to ED-25519 keys. While both options are undoubtedly substantial, ED-25519—despite its shorter public key—is slightly more difficult to crack than RSA because its elliptical curve yields more security per bit.

This change will also allow hidden services to share a unique cryptographic key with HSDirs instead of their addresses, thus preventing malicious HSDir nodes from snooping, crawling, and identifying new or secret sites. This will also make it more difficult to harvest HSDirs, keeping users from obtaining addresses they aren’t already familiar with or from going places where haven’t been invited.

Any volunteer can easily configure a node on the Tor network—this also includes people or agencies interested in spying on dark web traffic. Nodes can also be setup with an HSDir flag and route traffic to hidden services, and through this, can be used to crawl sites and discover new ones. And while some methods are already in place to increase hidden service security, they tend to be complex and somewhat arduous. These enhancements will make this level of security more attainable for all users.

Just like any other aspect of technology, a hidden service is only as secure as its weakest link. This link can vary from the person running it to the configurations of its web server. However, the security improvements, which will be carried out later this year, will aid in strengthening privacy on Tor, with little to no effort from the users themselves. Despite these upgrades however, there is no perfect system and other aspects of the Tor network can still be manipulated. Users and those running hidden services should remain cognizant of this.

Learn More:
https://www.torproject.org/docs/hidden-services
https://ed25519.cr.yp.to

Previous
Previous

Custom Tor Hidden Services

Next
Next

Signal: Encrypted Communication