Understanding Tor Onion Services and Their Use Cases

Understanding Tor Onion Services 

and Their Use Cases 

asn 

Nima Fatemi (mrphs) 

David Goulet (dgoulet) 

License: CC-BY-SA 4.0 International

How Tor Works

Encrypted Link 

Unencrypted Link 

Alice 

Alice picks a 

random 3-hop 

path through 

the relays and 

finally exits the 

network to go 

to Bob. 

Guard 

Middle 

Jane 

Exit 

Bob

What are Onion Services 

● 

The “.onion” addresses 

● 

16 characters long (base32) 

● 

E.g: nzh3fv6jc6jskki3.onion 

● 

Client and Server hide their location 

● 

Everything stays inside the Tor network 

● 

Can be used for all sorts of TCP traffic

History of Onion Service 

Changes in version 0.0.6pre1 - 2004-04-08 

o Features: 

- Hidden services and rendezvous points are implemented. Go to 

http://6sxoyfb3h2nvok2d.onion/ for an index of currently available 

hidden services. (This only works via a socks4a proxy such as 

Privoxy, and currently it's quite slow.)

How many onions?

How much onion traffic?

Estimated Traffic 

As of July 2016, 

~4% of client traffic is Onion Services

Properties and Use cases

Properties 

• Self authenticated 

• End-to-End encrypted 

• Isolation and NAT punching 

• Minimized surface attack 

● 

HSAuth / stealth mode 

● 

Unix Sockets 

• Censorship resistance 

- No DNS or BGP hijacking/poisoning/etc BS

Stealth Mode 

$ vi /etc/tor/torrc 

HiddenServiceDir /var/lib/tor/hidden_service/ 

# Authorized users only 

HiddenServiceAuthorizeClient stealth user1,user2,user3 

$ cat /var/lib/tor/hidden_service/hostname 

ujd82kjkjusj3i88.onion oiujadsfuDIUankjnaei/R # client: user1 

kkioajdyuje99zja.onion 87ajdiuta6dHDYTJAkz7/x # client: user2 

98kjjaokkeoahzu1.onion uAuasdoi18DBfoRjsayu/x # client: user3

Use cases 

● 

● 

● 

● 

● 

● 

● 

● 

● 

● 

● 

● 

Health sector should move to onion services yesterday 

Government services 

Tip-lines / abuse complains / whistleblowing 

Zines and culture (The Torist) 

Securing (vulnerable) infrastructure 

Libraries 

Internet of Things / Home Assistant 

Malicious exit nodes are now useless 

Messaging, file sharing 

Owncloud 

Software distribution (repos) 

All your favorite mobile apps

Keeping your (vulnerable) infra secure 

Unique onion address 

x Compromised 

Web Server 

Static HTML 

visitors 

x 

x 

User 2 

User 1 

DB (MySQL) 

App Server (PHP) 

User 3

How Onion Services Work

Onion Service: Step 1 

IP1-3 

Tor Circuit 

Tor Network 

Introduction Point 

IP1 

IP2 

Step 1: 

Service picks 

introduction points 

and build circuit to 

them. 

Alice 

IP3 

service


IP1-3 




Step 2: 

Service uploads its 

onion service 

descriptor to a 

directory. 

IP1 

IP2 

Directory 

Alice 

IP3 

service


Step 3: 

Alice learns about 

the .onion and 

fetches the 

descriptor from the 

Directory 

IP1-3 

RP 




Rendezvous Point 

IP1 

IP2 

Directory 

Alice 

RP 

IP3 

service

Step 4: 

Alice tells the 

service to meet at 

the Rendevous 

Point 


IP1-3 

RP 





IP1 

IP2 

Directory 

Alice 

RP 

IP3 

Service


Step 5: 

Service connect to 

the Rendezvous 

point. 

IP1-3 

RP 





IP1 

IP2 

Directory 

Alice 

RP 

IP3 

Service


Step 6: 

Alice and the 

Service can now 

the circuit to 

exchange data. 

IP1-3 

RP 





IP1 

IP2 

Directory 

Alice 

RP 

IP3 

Service

Directory 

desc_id = H(onion-address | 

H(time-period | descriptor-cookie | replica)) 

H(“zti6p9h6spbtx5xr” | H(17573 | “” | 0)) 

desc_id = 3xqunszqnaolrrfmtzgaki7mxelgvkje

Directory (2) 

Relays: 

desc_id = 3xqunszqnaolrrfmtzgaki7mxelgvkje 

Base16(desc_id) = 

337871756E737A716E616F6C7272666D747A67616... 

HSDir 1: 33789F22470A22C8BEEF907CED29847781E15C5D 

HSDir 2: 337B7E307550F48DCDADA7481FA8436B2FCDADA9 

HSDir 3: 337DA8971BE4580EAC5D1D7AE4E508020CF04594

Directory (3) 

desc_id rep1 

HSDir n 

HSDir n+1 

HSDir n+2 

Hashring 

HSDir n +2 

HSDir n+1 

HSDir n 

desc_id rep0

And cracks started to form...

Weak Cryptography 

● 

RSA 1024 

● 

SHA1 

… plausible?

Harvesting Onions 

base32 

rendezvous-service-descriptor 3xqunszqnaolrrfmtzgaki7mxelgvkje 

version 2 

permanent-key 

-----BEGIN RSA PUBLIC KEY----- 

MIGJAoGBAJ/SzzgrXPxTlFrKVhXh3buCWv2QfcNgncUpDpKouLn3AtPH5Ocys0jE 

aZSKdvaiQ62md2gOwj4x61cFNdi05tdQjS+2thHKEm/KsB9BGLSLBNJYY356bupg 

I5gQozM65ENelfxYlysBjJ52xSDBd8C4f/p9umdzaaaCmzXG/nhzAgMBAAE= 

-----END RSA PUBLIC KEY----- 

secret-id-part anmjoxxwiupreyajjt5yasimfmwcnxlf 

publication-time 2015-03-11 19:00:00 

protocol-versions 2,3 

introduction-points 

-----BEGIN MESSAGE----- 

... 

→ 3g2upl4pq6kufc4m.onion

HSDir Camping Attack 

Relays: 

desc_id = 3xqunszqnaolrrfmtzgaki7mxelgvkje 

Base16(desc_id) = 

337871756E737A716E616F6C7272666D747A67616... 

HSDir 1: 33789F22470A22C8BEEF907CED29847781E15C5D 

HSDir 2: 337B7E307550F48DCDADA7481FA8436B2FCDADA9 

HSDir 3: 337DA8971BE4580EAC5D1D7AE4E508020CF04594

HSDir Camping Attack (2) 

desc_id rep1 

HSDir n 

HSDir n+1 

HSDir n+2 

Hashring 

HSDir n +2 

HSDir n+1 

HSDir n 

desc_id rep0

HSDir Deanonymization Attack 

13:37:02 UTC 

M 

Directory 

13:37:00 UTC 

M 

Alice 

G 

Is this connection related 

to Onion Service??? 

IP 

RP


Circuit killed at 

13:37:03 UTC 

Directory 

Alice 

G 

13:37:03 UTC 

M M M 

IP 

M 

M 

RP



13:37:03 UTC 

Directory 

Alice 

G 


13:37:05 UTC 

IP 

M 

M 

RP


G 

Circuit A opens - 13:37:00 UTC 

Circuit A dies - 13:37:03 UTC 

Circuit B opens - 13:37:03 UTC 

Circuit C opens - 13:37:03 UTC 

Circuit B dies - 13:37:05 UTC 

Circuit C traffic - 13:37:XX UTC 

Directory 

Request for xyz.onion - 13:37:02 UTC 

Circuit A dies - 13:37:03 UTC 

xyz.onion was visited by Alice

Guard Discovery Attack (1/2) 

Attacker wants to learn the guard of an onion service, and has 

signed up a few middle relays on the network: 

● 

The attacker can force the onion service to create Tor circuits. 

● 

The attacker can figure out if her middle node was picked on a 

circuit. 

Attacker learns guard node in use

Guard Discovery Attack (2/2) 

ok... 

Circuit #1 

M 

RP 1 

Hey. How about 

you create over 

9000 circuits? :) 

M 1 RP 3 

Circuit #2 

G M 2 M RP 2 

Onion Service 

Attacker 

Circuit #3 

M 3 

M

The Next Generation 

Onion Service

Better Cryptography 

● {ed|curve}25519 

● 

Keccak (sha3)

Directory Predictability 


H(time-period | descriptor-cookie | replica)) 

Invariant 

time-period span 

11:00 UTC 11:00 UTC 

11:00 UTC 

+24 

+48 

desc_id k 1 

desc_id k 2 

...

Shared Randomness 


H(time-period | random-value | descriptor-cookie | replica)) 

Invariant 

gabelmoo 

longclaw Faravahar moria1 dannenberg tor26 matsuka 

dizum 

random-value 

(every 24 hour)

New Address Size 

From 16 characters: 

nzh3fv6jc6jskki3.onion 

... to 52 characters: 

a1uik0w1gmfq3i5ievxdm9ceu27e88g6o7pe0rffdw9jmntwkdsd.onion 

(ed25519 public key base32 encoded) 

How do we fix the UX disaster?

Guard – Current Design 

G 

M 

M 

RP 

Onion Service

Vanguard proposal 

No intersection 

between Guard sets 


G 

3 months 

G 3 

G 3 Guard set 6 

Guard set 1 

Guard set 3 

G 1 G 2 

G n 

G 1 

Guard set 2 

G 2 

G 1 G 2 G n 

G 1 G 2 G n 

Guard set 4 

G 1 G 2 G n 

G 1 

Guard set 5 

G 2 

G 1 G 2 G n 

~11 days 

G 1 G 2 G n 

12 hours 

M 

M 

G 

RP 

RP 

RP 

Guard 


Alice 

Bob

Onion Balance 

https://github.com/DonnchaC/onionbalance

Single Onion Services 

Service side loses 

anonymity 


Rendezvous 

Point

Development Progress Report

Development of Next Gen Onion Services 

● 

We are actively developing Next Gen Onion Services 

● 

We always need more help in design analysis. 

Dig in the [tor-dev] mailing list where all our design. 

● 

We have limited development firepower. We are always 

looking for people that can test or review code. Show up in 

#tor-dev IRC on OFTC.

Takeaways

How to keep your onions healthy 

● 

● 

● 

● 

● 

● 

Don't run relays on onion servers 

Use Unix Sockets and avoid TCP all together 

Keep your Tor update 

Audit your configs (webserver, etc) 

Use stealth auth whenever you can 

OPSEC 

https://help.riseup.net/en/security/network-security/tor/onionservices-best-practices

Community 

● 

● 

● 

● 

● 

We need more creative ideas and experimentation with 

onion services 

We need more people and orgs running Onion Services 

Many applications can benefit from native Tor support. 

(see GPG, Bitcoin, FB for Android, etc.) 

We need quick and easy ways for people to setup onion 

services (TAILS Server) 

Ways for people to quickly find useful and relevant onion 

services (search engines?)

Thank you!

Understanding Tor Onion Services and Their Use Cases

Create successful ePaper yourself

Delete template?

Save as template?