Add new ID style(to defeat current attack method)
Opened this issue · 1 comments
A: Hey B, I started a ricochet! My ID is "ricochet:abcdef".
B: Adding you now.
C: (Eavesdropper)Hmm... A is using "abcdef". I'll port-scan "abcdef.onion" to collect when he's offline & online.
Currently, two attack methods are deployed against Hidden services(this is well-known attack);
- Port scan the xxxxx.onion(to know which port is used for the service)
- Collect the .onion domain by becoming a fake DIRserver on Tor Network(to know "xxxxx" server name)
To make sure ONLY B can connect to A, A's ID must like this:
Before; "ricochet:abcdef"
After; "ricochet:xefubaifdg!h7anerv87tkesywfeEed"
Details:
ricochet:
xefubaifdg (onion name, XOR or ROTed by the "h7..." key)
! (separation flag)
h7anerv87tkesywfeEed (A key for HidServAuth, and for XOR/ROT decryption)
Ricochet:
- xefubaifdg -=- h7anerv87tkesywfeEed > "abcdef"
- Add this line to torrc automatically: "HidServAuth abcdef.onion h7anerv87tkesywfeEed"
The solution you describe does not defeat the attack you describe. The eavesdropper still has the full ricochet address, including the onion hostname and client key.
See #155 for some analysis of uses for the hidden service authorization feature.
See #49 for some discussion on other ways to defeat the out-of-band address eavesdropper you're describing and some other adversaries that take advantage of permanent ricochet addresses being exposed.
In general, we're not going to be able to fully obscure presence from non-contacts until there's a fundamentally different way to implement contact requests. There's some research happening in that area.