Delivery-Date: Sun, 07 Aug 2016 09:49:30 -0400
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.1 required=5.0 tests=BAYES_00,DKIM_ADSP_CUSTOM_MED,
	DKIM_SIGNED,FREEMAIL_FROM,RCVD_IN_DNSWL_MED,T_DKIM_INVALID,T_RP_MATCHES_RCVD
	autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [138.201.14.202])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id D81781E042E;
	Sun,  7 Aug 2016 09:49:27 -0400 (EDT)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id E1AF3E09F6;
	Sun,  7 Aug 2016 13:49:02 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 695ACE07F2
 for <tor-talk@lists.torproject.org>; Sun,  7 Aug 2016 13:48:46 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id rQH-_ddEpliP for <tor-talk@lists.torproject.org>;
 Sun,  7 Aug 2016 13:48:45 +0000 (UTC)
Received: from mail-pf0-x22e.google.com (mail-pf0-x22e.google.com
 [IPv6:2607:f8b0:400e:c00::22e])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id C68B4E0333
 for <tor-talk@lists.torproject.org>; Sun,  7 Aug 2016 13:48:44 +0000 (UTC)
Received: by mail-pf0-x22e.google.com with SMTP id y134so110808630pfg.0
 for <tor-talk@lists.torproject.org>; Sun, 07 Aug 2016 06:48:44 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
 h=subject:to:references:from:message-id:date:user-agent:mime-version
 :in-reply-to; bh=VERoliGU7eUmHXKbhHHxMqbsr3WXluYtPQMHVX0Aw04=;
 b=hfajy3kn62KoxkuSl2tQGvykZezqX4HTV+VQsLEZ+XeW6c3QbstuiwyqqbMqcLvaJ/
 ub2XsD3rx3PacoJ2UX0TZtdFVeSm0bFo8I4pH/fdyh8dqtK30J9xGZnZpHmD7ypNBZ0T
 RHE2GcWeE6UQWQUcGHvT02qOcJUEt1aNReHGTfLVnSarC2fcpN/Hq9DVRExA77jFAT3Y
 bvnIUo3+ZquDGk3xQlmXRa5Zizi0ggolhQjYVPqP9HsAp9UInYjJVkGXxoIpOTqnJPZn
 aDELgMYG5ty+UoyGVw5KdqeEJPGgR/4g1MBxofbkeMjziA5+aTqXrfjn/2K8sB471FLH
 /oKA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20130820;
 h=x-gm-message-state:subject:to:references:from:message-id:date
 :user-agent:mime-version:in-reply-to;
 bh=VERoliGU7eUmHXKbhHHxMqbsr3WXluYtPQMHVX0Aw04=;
 b=ElBxSk0ElMJ2WItO6rOFwSMRKK4FKd4iasH/MTvWin1XK9n8zuA0KGOd8++U6wEnfO
 WdGEuESzZtAwRLzgfhbcTD7rf7/ltS1rGlH6OfFKvzr7Xh/+u/M1Dh3G352rhbvUr3JL
 dYXRPjcOlo70kgrEoHeB/xXUoCuWHBKet1D6fA/6tpXHb5jR3EnWWENXRm80RhTMr0Tk
 Fywe5o/06U5SbnjeEnDIG6zncVNTqm4kTEJbNNSLern4I69q4OhSpfmyr5J3O0V5cA7g
 lzQuwj9jJVmcHCpAx/Y1CxRRo6Sdyi7OkbLWerG4mMSf1z4w7YI9GCKBuRBma+kvfsql
 E7iA==
X-Gm-Message-State: AEkoouvP2O3kle7x/JgiFurfsp2uAdBZ0swrhPUZJGnSTTwW8siru6z9x2axPV5wF+Fydw==
X-Received: by 10.98.100.67 with SMTP id y64mr153752268pfb.84.1470577721291;
 Sun, 07 Aug 2016 06:48:41 -0700 (PDT)
Received: from [10.124.161.129] (c-73-114-67-108.hsd1.vt.comcast.net.
 [73.114.67.108])
 by smtp.googlemail.com with ESMTPSA id m78sm40989423pfj.66.2016.08.07.06.48.39
 for <tor-talk@lists.torproject.org>
 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
 Sun, 07 Aug 2016 06:48:40 -0700 (PDT)
To: tor-talk@lists.torproject.org
References: <CAJ8LpWr4e_nPMTEMfHsUX45R5RkQSSuCK7sUYSiQ89iP2PvdcQ@mail.gmail.com>
 <20160807020852.GA15862@localhost>
 <CAJ8LpWpLHogUGgi5t65DBmFV9msYLHxFgd4=Bb1tsQJ-5ebvYw@mail.gmail.com>
From: Marina Brown <catskillmarina@gmail.com>
Message-ID: <0cc9b55e-f374-e1aa-aea3-2b61b2aff179@gmail.com>
Date: Sun, 7 Aug 2016 09:49:41 -0400
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101
 Thunderbird/45.2.0
MIME-Version: 1.0
In-Reply-To: <CAJ8LpWpLHogUGgi5t65DBmFV9msYLHxFgd4=Bb1tsQJ-5ebvYw@mail.gmail.com>
X-Content-Filtered-By: Mailman/MimeDel 2.1.18
Subject: Re: [tor-talk] How stealth onions actually function?
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Reply-To: tor-talk@lists.torproject.org
Content-Type: multipart/mixed; boundary="===============3545864240452649779=="
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--===============3545864240452649779==
Content-Type: multipart/signed; micalg=pgp-sha256;
 protocol="application/pgp-signature";
 boundary="oSrjm74weHMKmpEmCDGNRFk2B96SvsmkP"

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--oSrjm74weHMKmpEmCDGNRFk2B96SvsmkP
From: Marina Brown <catskillmarina@gmail.com>
To: tor-talk@lists.torproject.org
Message-ID: <0cc9b55e-f374-e1aa-aea3-2b61b2aff179@gmail.com>
Subject: Re: [tor-talk] How stealth onions actually function?
References: <CAJ8LpWr4e_nPMTEMfHsUX45R5RkQSSuCK7sUYSiQ89iP2PvdcQ@mail.gmail.com>
 <20160807020852.GA15862@localhost>
 <CAJ8LpWpLHogUGgi5t65DBmFV9msYLHxFgd4=Bb1tsQJ-5ebvYw@mail.gmail.com>
In-Reply-To: <CAJ8LpWpLHogUGgi5t65DBmFV9msYLHxFgd4=Bb1tsQJ-5ebvYw@mail.gmail.com>
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable

On 08/07/2016 12:16 AM, Nurmi, Juha wrote:
> Thanks Matthew!
>=20
> So stealth makes onions really hidden by encrypting the list of intro
> points. Nobody knows how many hidden services are out there. Great!
>=20
> -Juha
>=20
>=20
> On Sun, Aug 7, 2016 at 5:08 AM, Matthew Finkel <matthew.finkel@gmail.co=
m>
> wrote:
>=20
>> On Sat, Aug 06, 2016 at 10:24:53AM +0300, Nurmi, Juha wrote:
>>> Hi,
>>>
>>> I have been playing with stealth onion services[1] to protect some of=
 my
>>> SSH servers from SSH MITM. I like to keep my servers as hidden as
>> possible.
>>>
>>> Great to have this option on Tor :) I have some questions about it an=
d I
>>> didn't find much information.
>>
>> The only documentation I know that exists is the spec[3].
>>
>>>
>>> Could someone tell me how it actually functions? What is the differen=
ce
>>> between basic and stealth? In addition, can an attacker verify that
>> onions
>>> with stealth option exists and are online?
>>
>> The spec has a more detail, but briefly both authentication methods re=
ly on
>> a pre-shared secret between client and service. The distinction is mad=
e
>> where
>> that shared-secret is used.
>>
>> When a service uses basic authentication instead of publishes its
>> introduction
>> points in plaintext, it encrypts the list of intro points with a key
>> chosen at
>> random and then encrypts that symmetric key multiple times using the s=
hared
>> secret for each client it has configured. With this, all clients can
>> retrieve
>> the hidden service descriptor from the HSDir but if a client doesn't h=
ave a
>> valid shared secret then they can't find the intro points from the
>> descriptor.
>>
>> From the spec:
>>    When generating a hidden service descriptor, the service encrypts t=
he
>>    introduction-point part with a single randomly generated symmetric
>>    128-bit session key using AES-CTR as described for v2 hidden servic=
e
>>    descriptors in rend-spec. Afterwards, the service encrypts the sess=
ion
>>    key to all descriptor cookies using AES. Authorized client should b=
e
>> able
>>    to efficiently find the session key that is encrypted for him/her, =
so
>>    that 4 octet long client ID are generated consisting of descriptor
>> cookie
>>    and initialization vector.
>>
>> Stealth authentication is similar, except it publishes a hidden servic=
e
>> descriptor for each configured client.
>>
>>    With all else being equal to the preceding authorization protocol, =
the
>>    second protocol publishes hidden service descriptors for each user
>>    separately and gets along with encrypting the introduction-point pa=
rt of
>>    descriptors to a single client.
>>
>>    [...]
>>
>>    A hidden service generates an asymmetric "client key" and a symmetr=
ic
>>    "descriptor cookie" for each client. The client key is used as
>>    replacement for the service's permanent key, so that the service us=
es a
>>    different identity for each of his clients. The descriptor cookie i=
s
>> used
>>    to store descriptors at changing directory nodes that are unpredict=
able
>>    for anyone but service and client, to encrypt the introduction-poin=
t
>>    part, and to be included in INTRODUCE2 cells
>>
>>>
>>> Moreover, several research papers measure the total number of onions =
and
>> we
>>> know that someone is crawling TorHS Directories.
>>> Does HiddenServiceAuthorizeClient protect you against these measureme=
nts?
>>>
>>> I tested my stealth service without the passphrase on Tor client and =
Tor
>>> says "Closing stream for '[scrubbed].onion': hidden service is
>> unavailable
>>> (try again later)."
>>>
>>> Tor manual describes HiddenServiceAuthorizeClient option[2]:
>>>
>>> "If configured, the hidden service is accessible for authorized clien=
ts
>>> only. The auth-type can either be 'basic' for a general-purpose
>>> authorization protocol or 'stealth' for a less scalable protocol that=

>> also
>>> hides service activity from unauthorized clients. Only clients that a=
re
>>> listed here are authorized to access the hidden service."
>>>
>>
>> This is exactly one reason why stealth hidden services are great.
>>
>>> [1] https://github.com/juhanurmi/stealth-ssh
>>> [2] https://www.torproject.org/docs/tor-manual.html.en
>> [3] https://gitweb.torproject.org/torspec.git/tree/rend-spec.txt#n844
>> --
>> tor-talk mailing list - tor-talk@lists.torproject.org
>> To unsubscribe or change other settings go to
>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>>


I use stealth onions to create a private email service - here is a
prototype of one service i am working on. It is really rough. It uses
debian postfix as a mailserver and a modified tails as a client.

https://github.com/catskillmarina/torgroups/

--- Marina




--oSrjm74weHMKmpEmCDGNRFk2B96SvsmkP
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCAAGBQJXpzx1AAoJEDlDHyZNnAMbebcP/0NC1kVXWDpkvcIjeF4hcIz5
CoxmdC+eoTeRY1FAPVINRg5MaSw5+Jshpy0Ls9HeQFQvfGccxEMJ5QWf9nz5ogWt
TeNE9b8eARf2lFAP044axJAR2HrmI2n5UgojyHSDvxtHodMenn1ZBSQQei0kdbgH
YpyfsNi0LTXilVkwbdcUlbyi8Hb0qm29JuELJ4FuaL22xTPSSlmEhIiAueqq3dof
7vFRDMZt0G5gzlZJHEEVI97jFw5+xiAhD/w5CUTA0lDloSOLWSrPIIKSdD8BEZNe
MSovmUK3KADnCDMN630V1WX9+tlud3mmdNhmJrZOOI24mZTHBiJzzZ/wsk8VRCbe
gOaZ58keIti7ij/CXM3VjJuPSvM9PmkG6azANj6x27y4XuKI8mVaWPcgR9REdbyR
qgxCT0/jD+Fqb03K3QFYV2sAMESyilKX7f9pJXsk7KNR1XGtMh2wlG0I7TSlMyRv
UQ8+eVv4MTonS57b5Wc9Wsk8GVpQf8BVrKYn/WhmckZDftcbwfJb5XvzIZiTn/vL
A4gIEJ/RDYCCRliPUl/H6buJgCpnwrZ9wNwvECEXPrhYOZsLbFkalKRrZnl59ejc
IYjqLxape4yujj3wC8r3d319x+bEpCqByKKj1/cwORK9TfRFikBwSShTV7nbyzJb
SogleErZhOxVlxsnM5In
=3lso
-----END PGP SIGNATURE-----

--oSrjm74weHMKmpEmCDGNRFk2B96SvsmkP--

--===============3545864240452649779==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: base64
Content-Disposition: inline

LS0gCnRvci10YWxrIG1haWxpbmcgbGlzdCAtIHRvci10YWxrQGxpc3RzLnRvcnByb2plY3Qub3Jn
ClRvIHVuc3Vic2NyaWJlIG9yIGNoYW5nZSBvdGhlciBzZXR0aW5ncyBnbyB0bwpodHRwczovL2xp
c3RzLnRvcnByb2plY3Qub3JnL2NnaS1iaW4vbWFpbG1hbi9saXN0aW5mby90b3ItdGFsawo=

--===============3545864240452649779==--

