The Onion Name System

Open access

Abstract

Tor onion services, also known as hidden services, are anonymous servers of unknown location and ownership that can be accessed through any Torenabled client. They have gained popularity over the years, but since their introduction in 2002 still suffer from major usability challenges primarily due to their cryptographically-generated non-memorable addresses.

In response to this difficulty, in this work we introduce the Onion Name System (OnioNS), a privacy-enhanced decentralized name resolution service. OnioNS allows Tor users to reference an onion service by a meaningful globally-unique verifiable domain name chosen by the onion service administrator.We construct OnioNS as an optional backwards-compatible plugin for Tor, simplify our design and threat model by embedding OnioNS within the Tor network, and provide mechanisms for authenticated denial-of-existence with minimal networking costs. We introduce a lottery-like system to reduce the threat of land rushes and domain squatting. Finally, we provide a security analysis, integrate our software with the Tor Browser, and conduct performance tests of our prototype.

If the inline PDF is not rendering correctly, you can download the PDF file here.

  • [1] Baruch Awerbuch and Christian Scheideler Group spreading: A protocol for provably secure distributed name service Automata Languages and Programming Springer 2004 pp. 183-195.

  • [2] Daniel J Bernstein Dnscurve: Usable security for dns http: //dnscurve.org/ 2009.

  • [3] Daniel J Bernstein Niels Duif Tanja Lange Peter Schwabe and Bo-Yin Yang High-speed high-security signatures Journal of Cryptographic Engineering 2 (2012) no. 2 77-89.

  • [4] BitInfoCharts Crypto-currencies statistics https://bitinfocharts.com/ 2016.

  • [5] Blockchain.info Hashrate distribution https://blockchain.info/pools 2016.

  • [6] Joseph Bonneau Jeremy Clark and Steven Goldfeder On bitcoin as a public randomness source IACR Cryptology ePrint Archive 2015 (2015) 1015.

  • [7] John Brooks Anonymous peer-to-peer instant messaging https://github.com/ricochet-im/ricochet 2016.

  • [8] Ryan Castellucci Namecoin https://namecoin.info/ 2015.

  • [9] Donncha O’ Cearbhaill Onion balance https://github.com/DonnchaC/onionbalance 2016.

  • [10] Botan Developers Botan: Crypto and tls for c++11 http: //botan.randombit.net/ 2016.

  • [11] Roger Dingledine Nick Mathewson and Paul Syverson Tor: The second-generation onion router Tech. report DTIC Document 2004.

  • [12] Ittay Eyal The miner’s dilemma Security and Privacy (SP) 2015 IEEE Symposium on IEEE 2015 pp. 89-103.

  • [13] Internet Engineering Task Force Dns security (dnssec) hashed authenticated denial of existence https://tools.ietf.org/html/rfc5155 2008.

  • [14] Michael T Goodrich Roberto Tamassia and Andrew Schwerin Implementation of an authenticated dictionary with skip lists and commutative hashing DARPA Information Survivability Conference & Exposition II 2001. DISCEX’01. Proceedings vol. 2 IEEE 2001 pp. 68-82.

  • [15] David Goulet and George Kadianakis Random number generation during tor voting https://gitweb.torproject.org/torspec.git/tree/proposals/250-commit-reveal-consensus.txt 2015.

  • [16] katmagic Shallot https://github.com/katmagic/Shallot 2012.

  • [17] Trace Mayer Bitcoin mining hardware guide https://www.bitcoinmining.com/bitcoin-mining-hardware/ 2016.

  • [18] Ralph C Merkle A digital signature based on a conventional encryption function Advances in Cryptology-CRYPTO’87 Springer 1988 pp. 369-378.

  • [19] Satoshi Nakamoto Bitcoin: A peer-to-peer electronic cash system Consulted 1 (2008) no. 2012 28.

  • [20] Simon Nicolussi Human-readable names for tor hidden services Bachelor thesis Leopold-Franzens-Universitat Innsbruck Institute for Computer Science 2011 http: //www.sinic.name/docs/bachelor.pdf.

  • [21] Lasse Overlier and Paul Syverson Locating hidden servers Security and Privacy 2006 IEEE Symposium on IEEE 2006 pp. 15-pp.

  • [22] Colin Percival and Simon Josefsson The scrypt passwordbased key derivation function Tech. report September 2012 https://tools.ietf.org/html/draft-josefsson-scryptkdf-00.

  • [23] GNU Project Microhttpd https://www.gnu.org/software/libmicrohttpd/ 2016.

  • [24] The Tor Project Tor metrics https://metrics.torproject.org/ 2015.

  • [25] Next-generation hidden services in tor https://gitweb.torproject.org/torspec.git/tree/proposals/224-rendspec-ng.txt 2016.

  • [26] Nolen Scaife Henry Carter and Patrick Traynor OnionDNS: A seizure-resistant top-level domain IEEE Conference on Communications and Network Security (2015).

  • [27] Matthew Thomas and Aziz Mohaisen Measuring the leakage of onion at the root Tech. report Verisign Labs 2014.

  • [28] Matthias Wachs Martin Schanzenbach and Christian Grothoff A censorship-resistant privacy-enhancing and fully decentralized name system Cryptology and Network Security Springer 2014 pp. 127-142.

  • [29] K. T. Wallenius Biased sampling: The non-central hypergeometric probability distribution Ph.D. Thesis Stanford University Department of Statistics. (1963).

  • [30] Philipp Winter Roya Ensafi Karsten Loesing and Nick Feamster Identifying and characterizing sybils in the tor network arXiv preprint arXiv:1602.07787 (2016).

Search
Journal information
Metrics
All Time Past Year Past 30 Days
Abstract Views 0 0 0
Full Text Views 498 304 16
PDF Downloads 287 163 5