Cryptography Reference
In-Depth Information
assumption if the number of proxies is large and the eavesdropping
capabilities of any adversary are small.
The latest versions of the system can also offer
hidden servers
through the cooperation of special proxy nodes acting as
rendezvous
points
,
directory servers
, introduction points, and
valet servers
.A l
of these live on top of the normal network of entry nodes and exit
nodes, often with the same machine offering multiple services. The
directory server contains a list of hidden servers out on the network
and the introduction points that will act as their proxies and hide
their existence. When a connection is established, the rendezvous
points will act as a midway point, hiding the identies of the client
and the now hidden server from each other.
Here is the rather complicated first structure for hiding hidden
servers behindmultiple layers of introduction as illustrated by Figure
10.4 [ØS07b].:
1. When a hidden server wants to join the onion network, it looks
around for an introduction point. When it finds a trustable
server that will do the job, it sets up a secure link and waits.
2. The hidden server tells the
directory server
about the introduc-
tion point. This directory server can assign a special name
much like the DNS system used for normal domains. In prac-
tice, the domains with the suffix
.onion
are used to indicate
these addresses.
3. When Alice wants to find the hidden server, she sends the
.onion
address to the directory server which sends her to the
introduction point.
4. Alice shops around for a
rendezvous point
to act as the mid
point for the communications. (This is marked as “meet” in
Figure 10.4 to save space.) Note that the rendezvous point will
not ordinarily know who Alice may be because the communi-
cation is hidden by the chain of proxies in the circuit that Al-
ice established with the rendezvous point. So Alice will need to
identify her connection with some sort of pseudonym. Note,
this could be a weak point if Alice is able to control the ren-
dezvous point too.
5. Alice begins a key negotiation with the hidden server and for-
wards this information with the location of the rendezvous
point to the introduction point.
