Skip to content
Closed
Milestone started on Sep 1, 2022

Arti: Onion service support

Deliverable : Onion Services: Arti has client and service support for Onion Services.

From the "funding plan":

To start the second year of Arti’s work, we plan to produce a complete implementation of the current (v3) onion service protocol, with support for both client-side and server-side implementations.

We also plan to include a full range of Tor’s tools for security and denial-of-service improvements to onion services, to make them safer to run on the internet. As we go, we’ll incorporate ideas from existing research to try to produce the most secure onion service implementation possible.

From the grant proposal:

To start the second year of Arti’s work, we plan to produce a complete implementation of the current (v3) onion service protocol, with support for both accessing and creating onion services.

One part of this work includes implementing protections against Guard discovery and Guard confirmation attacks for onion services. A guard discovery attack enables an adversary to determine the guard node(s) that are in use by a Tor client and/or Tor onion service. Once the guard node is known, traffic analysis attacks that can de-anonymize an onion service (or onion service user) become easier. (See 2022 paper from: Oldenburg, Acar, and Diaz for recent research on these attacks). We have an approved proposal to mitigate guard discovery attacks with a design called Vanguards that we will implement with Zcash's support, meaning Arti will protect all Tor users against this kind of de-anonymization attack.

We also plan to include a full range of Tor’s tools for security and denial-of-service improvements to onion services, to make them safer to run on the internet. As we go, we’ll incorporate ideas from existing research to try to produce the most secure onion service implementation possible.

This is no small task: as you can see from the v3 onion services ticket, onion services require a complex set of subprotocols in addition to the main Tor implementation. We’ll be drawing on the experience we’ve gained in the past from building these protocols in C, and from designing Arti to support protocol extensions.

[...]

We anticipate that onion services will require the largest amount of new mid- and low-level functionality in this project. To implement onion services, the largest pieces we must deliver are:

  • Missing message types used for the onion service protocol and its directory formats
  • New low-level protocol features used to implement the parts of the core Tor protocols used by onion services
  • A mid-level “connector” state machine for clients, to look up and connect to onion services
  • A mid-level “provider” state machine that will provide and publish onion services
  • A new high-level API to run, publish, maintain, and monitor a set of onion services.