Can we do HSDesc fetches using PIR, so HSDir can't learn popularity?
In his CCC talk Dr. Gareth Owen showed how he was able to collect hidden service statistics in a straight forward manner and determine popularity of each address.
This is a proposal on how to negate that, unfortunately I'm not sure if this solution is even possible, but here it goes.
Say an HSDir has the descriptors for onion addresses aaa.onion bbb.onion ccc.onion.
The user wants to access bbb.onion. The user's client is supposed to know which HSDir should would have the descriptor, so instead of asking for bbb.onion directly, it asks that HSDir to send ALL of its descriptors over.
The HSDIR would then encrypt the descriptors each with their own onion address and send them over.
(Is it possible to make it a single file and make it comparable to sending a gpg message to multiple recipients, gpg -r aaa.onion -r bbb.onion -r ccc.onion?)
The user receives the encrypted descriptors and tries to decrypt them one by one with the onion address bbb.onion until he gets the correct one.
This way the HSDir can't know which specific onion was requested, and the user won't know what are the other addresses.
You probably figured out by now I'm not an academic :p thanks for reading