Past, Present and Future of Tor Hidden Services
Abstract
Using the Internet reveals the IP addresses of both communication parties to everybody, who is
able to observe the communication. Anonymity systems like Tor hide the IP addresses and the
communication in such a way that the communication cannot be linked between the two parties.
Tor is a low-latency anonymity network designed for interactive applications, which allows
its users to stay anonymous while using the Internet, for example for Web browsing, e-mail or
instant messaging. In order to achieve anonymity the users’ traffic is routed through the Tor
network by choosing three random network nodes. Thus, the user stays anonymous, because
his real IP address is not used to access the service and no single node in the network can link
the user to the service he is accessing. In addition, Tor provides location-hidden services to allow
services to operate anonymous as well. With location-hidden services the location of a service,
i.e. its IP address, is not revealed by using the service. At the moment the Tor Project works on
an overhaul of the design of location-hidden services.
This paper introduces Tor, explains its design and specification with the goal to understand,
how Tor is working to achieve its anonymity goals. It explains why Tor is built in the way as it is
implemented today, but also states Tor’s limitations and situations in which Tor cannot guarantee
anonymity. Furthermore, location-hidden services are introduced as well. The current hidden
services design is examined in-depth with its shortcomings and drawbacks and it is presented
why this design needs to be renewed. This gives a rationale for a new design of hidden services.
The proposed new design is described as well. The paper finishes with a summary of open research
questions, which are not yet addressed by the new hidden services design.
The goal of this paper is to provide the reader with a thorough understanding of Tor and its
location-hidden services. It goes beyond most introductions of Tor as it looks into Tor’s protocol
specifications and explains the choices made by the designers and developers of Tor. After reading
this paper the reader should be able explain, how Tor is built, why it is implemented this way,
but also what Tor’s limitations are regarding anonymity and what aspects of Tor are not yet well
understood. The focus of this paper is laid on the main Tor application and anonymity. It does
not consider application-level issues such as the Tor Browser or the usage of Tor as a censorship circumvention tool.