Re: [tor-relays] descriptor-id calc tool?
nusenu: >>> Is there a tool out there that tells me which HSDir is/will probably be >>> responsible for a given onion address (and at what time)? >> >> There's no tool, unless you can reverse SHA1. >> (Or brute-force a set of popular onion addresses.) > > I probably was not very clear in my question. I'm not aiming for the > reverse path, just the normal calculation a tor client does given an > onion address but instead of just calculating the current descriptor-id, > print descriptor-ids for the future N days for onion address M (for the > pre-prop224 world). For the "current-only" case you might use stem: https://gist.github.com/nusenu/8339cfd5351b64c47676241a40ee2942 signature.asc Description: OpenPGP digital signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
[tor-relays] descriptor-id calc tool?
>> Is there a tool out there that tells me which HSDir is/will probably be >> responsible for a given onion address (and at what time)? > > There's no tool, unless you can reverse SHA1. > (Or brute-force a set of popular onion addresses.) I probably was not very clear in my question. I'm not aiming for the reverse path, just the normal calculation a tor client does given an onion address but instead of just calculating the current descriptor-id, print descriptor-ids for the future N days for onion address M (for the pre-prop224 world). > In short, it's the first 3 fingerprints following descriptor-id: > > permanent-id = H(public-key)[:10] > descriptor-id = H(permanent-id | H(time-period | descriptor-cookie | replica)) > where H is SHA1. > The spec is: > https://gitweb.torproject.org/torspec.git/tree/rend-spec.txt#n222 > https://gitweb.torproject.org/torspec.git/tree/rend-spec.txt#n505 > > The implementation is: > https://gitweb.torproject.org/tor.git/tree/src/or/rendcommon.c#n127 signature.asc Description: OpenPGP digital signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] The 9001-9051-v0.2.8.9 Gang: 57 relays and counting...
Donncha O'Cearbhaill: > nusenu: >> This group is still growing. >> >> Note that the following table is _not_ sorted by FP. >> >> The FP links these relays even across ISP, and given the FP column >> pattern it might be obvious what they are after. >> >> They do not have the hsdir flag yet. >> >> https://raw.githubusercontent.com/nusenu/tor-network-observations/master/2017-02-24_9001-9051-v0.2.8.9.txt >> > > Nusenu, thank you for reporting these relay. They are now in the process > of being removed from the network. Thanks for letting us know. It would be nice if you could share: - if you reached out to the operator (via abuse contacts) - removal reason - what was removed - method (by FP, IP, IP-range, ...) - how long they will be blacklisted - time of removal thanks, nusenu signature.asc Description: OpenPGP digital signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] The 9001-9051-v0.2.8.9 Gang: 57 relays and counting... // hsdir calc tool?
nusenu: > This group is still growing. > > Note that the following table is _not_ sorted by FP. > > The FP links these relays even across ISP, and given the FP column > pattern it might be obvious what they are after. > > They do not have the hsdir flag yet. > > https://raw.githubusercontent.com/nusenu/tor-network-observations/master/2017-02-24_9001-9051-v0.2.8.9.txt > Nusenu, thank you for reporting these relay. They are now in the process of being removed from the network. I really appreciate the careful attention that you pay to the Tor network. Many thanks for keeping users safe. > > Is there a tool out there that tells me which HSDir is/will probably be > responsible for a given onion address (and at what time)? > > thanks, > nusenu > > > > ___ > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] The 9001-9051-v0.2.8.9 Gang: 57 relays and counting... // hsdir calc tool?
> On 27 Feb 2017, at 23:48, nusenuwrote: > > This group is still growing. > > Note that the following table is _not_ sorted by FP. > > The FP links these relays even across ISP, and given the FP column > pattern it might be obvious what they are after. > > They do not have the hsdir flag yet. > > https://raw.githubusercontent.com/nusenu/tor-network-observations/master/2017-02-24_9001-9051-v0.2.8.9.txt > > Is there a tool out there that tells me which HSDir is/will probably be > responsible for a given onion address (and at what time)? There's no tool, unless you can reverse SHA1. (Or brute-force a set of popular onion addresses.) In short, it's the first 3 fingerprints following descriptor-id: permanent-id = H(public-key)[:10] descriptor-id = H(permanent-id | H(time-period | descriptor-cookie | replica)) where H is SHA1. The spec is: https://gitweb.torproject.org/torspec.git/tree/rend-spec.txt#n222 https://gitweb.torproject.org/torspec.git/tree/rend-spec.txt#n505 The implementation is: https://gitweb.torproject.org/tor.git/tree/src/or/rendcommon.c#n127 As an aside, this attack is not possible with next-generation hidden services, because the HSDir identities are hashed with the daily shared random value: https://gitweb.torproject.org/torspec.git/tree/proposals/224-rend-spec-ng.txt#n791 T -- Tim Wilson-Brown (teor) teor2345 at gmail dot com PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B ricochet:ekmygaiu4rzgsk6n xmpp: teor at torproject dot org signature.asc Description: Message signed with OpenPGP ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
[tor-relays] The 9001-9051-v0.2.8.9 Gang: 57 relays and counting... // hsdir calc tool?
This group is still growing. Note that the following table is _not_ sorted by FP. The FP links these relays even across ISP, and given the FP column pattern it might be obvious what they are after. They do not have the hsdir flag yet. https://raw.githubusercontent.com/nusenu/tor-network-observations/master/2017-02-24_9001-9051-v0.2.8.9.txt Is there a tool out there that tells me which HSDir is/will probably be responsible for a given onion address (and at what time)? thanks, nusenu signature.asc Description: OpenPGP digital signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays