Il 21.06.2013 09:37 grarpamp ha scritto:
At the level of the resultant TCP tunnel (at the application layer,
through
an exit or to an onion) all real IP's are effectively anonymized. Tor
uses
a mix of PKI, DH, EC, etc in extending its paths and so on. Your
question involves that, ie: does your client negotiate using some
identifiables from that with each endpoint... Take a look at
tor-spec.txt
and path-spec.txt.
Hmmm, ok. What I actually can't understand is: when contacting an hidden
service, the message for it gets encrypted using its public key. And
some other security layers, ok, but the message uses the HS public key.
The response, should work the same way, no? I mean: the hidden service
encrypts the response using the client's key, so it knows that. The HS
actually know the client's key: it can't correlate the key with a
location, an ip address or a name, but this can be exploited so that 2
different hidden service's administrators could actually know that
request X on hidden service A and request Y on hidden service B has been
made from the same client (as the responses have been encrypted with the
same public key).
Can't understand where i'm wrong. As I hope to be wrong.
Thankyou
--
NoWhereMan
[email protected]
_______________________________________________
tor-talk mailing list
[email protected]
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
