1. 23

  2. 6

    If anybody is interested in the topic, I wrote a short manuscript (10 pages) on the mathematical model and analysis of anomymity networks, especially in regard to attacks using the Crowds network as an example.

    1. 2

      I found the other articles in this series fascinating too.

      Dr Neal has performed interesting research here - dealing with attacks, mainly DDoS, in an unusual context (Tor HSes). He has addressed quite a few possible countermeasures and possible improvements to Tor’s implementation (and sometimes the protocol).

      Well worth the read and gives some thought on handling the deficit in the controls that Tor provides to HS operators to prevent spam and DDoS.

      I’ve long thought that hidden services weren’t particularly a priority for the Tor developers. I’m glad that the v3 addressing has finally rolled out, but there isn’t much tooling (or knobs to tweak in the daemon) to help operators.

      1. 1

        you can’t run an IPv6-only Tor node.

        The production HardenedBSD Tor Onion Service v3 nodes disagree with that statement. HardenedBSD’s Tor integration uses an IPv6-only network stack. I believe it’s not possible to run an IPv6-only relay, but it’s absolutely possible to run an IPv6-only client.

        1. 1

          You are of course right, but I think the author uses “node” for relay, e.g.

          Every tor daemon downloads the list of known public nodes and stores it locally while it is running.

          Re IPv6:

          but it’s absolutely possible to run an IPv6-only client.

          Tangentially, I suppose announcing that you are IPv6 only has consequences for your anonymity because it restricts your possible guard nodes.

          1. 2

            It’s important to note that Tor includes more use cases than anonymity. The network these HardenedBSD Onion Service nodes is publicly known with static IP (V4+V6) addresses. It’d be somewhat foolish to attack Tor in this case, when the real juicy stuff (our build servers, for example) already has a publicly-routable IPv6 address. :)

            1. 2

              I agree, I was just pointing out that in general this might be something people want to avoid. The same is true for e.g. Tor’s own onion services for their website.

              I’m glad that HardenedBSD is providing packages via a HS though, it’s much less wasteful for people who want the assurances of an onion service but without using up valuable exit bandwidth. I think it’s a shame more ‘distributions’ don’t do it.

              1. 2

                Yeah. In our case, our entire infrastructure is exposed via onion services. Not just packages, but builds, updates to the OS, and source code: effectively, the entire dev->prod pipeline and OS ecosystem. :)