Bitcoin Forum
July 02, 2022, 07:50:24 PM *
News: Latest Bitcoin Core release: 23.0 [Torrent]
 
  Home Help Search Login Register More  
  Show Posts
Pages: [1]
1  Other / Off-topic / Re: [BETA] tor sshfs, a secure filesystem on the tor network. on: May 14, 2011, 09:01:37 PM
I hope you have 100% up time if you run I2P, because if the server ever goes down it is as good as traced. All I2P nodes act as relays for other nodes, and although there are more I2P relays than Tor (~5,000 I2P - 2,000 Tor) there still are not many. So it is not hard for a single attacker to find every single I2P nodes I2P address. And monitor up time of the relay versus up time of the hidden service. If both go down at the same time, then the hidden service (Eepsite actually) is determined. This is called an intersection attack and I2P is terribly weak to it. They tried to solve the issue with multi-homing but it actually doesn't help at all because tunnels rotate every ten minutes usually, but multihomed Eepsites use different tunnels, so you can just look for tunnel change outside of ten minutes with malicious final node in your chain, and if it changes in less than ten minutes in the same time period a node went down you can assume that node is one of the homes of the Eepsite.

Tor hidden services are not nearly as weak to this attack, because they are not usually run as relay. Tor hidden services are weak for their own reasons though, mostly because it is very easy to find their entry guards. And after you find their entry guards you are only one hop away from the hidden service. A hidden service on Tor opens a new circuit for every rendezvous point a client asks it to connect to. So if a client adds some bad nodes to the network, they can then force the hidden service to open like two thousand circuits and send it a stream modulated in a certain pattern. Then looking for this pattern in their flooded nodes, will quickly identify three entry guards the hidden service always enters through. Now they are one hop from the hidden service, and have various ways they can attempt to compromise the entry guards or hidden service from this positioning.

I would suggest Freenet in darknet mode for a content store. But even Freenet is not that hot, the biggest issue being that content is not encrypted in layers but rather a message is encrypted one single time and then travels through series of encrypted tunnels. This is bad if the encrypted data is known by many people, but if you are storing unique content that only you access it is not as much of a risk.

Pages: [1]
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!