April 7, 2015
Srdjan Matic
Anonymity networks such as Tor are a critical privacy-enabling technology. Tor’s hidden services protect the location of the server hosting the service and provide encryption at every hop from a client to the hidden server. This presentation we will introduce CARONTE, a platform to measure the prevalence of content leaks in hidden services, i.e., information in the content or configuration of the hidden service that gives away the location of the hidden server. Compared to prior approaches that deanonymize hidden services CARONTE implements a novel approach that does not rely on flaws on the Tor protocol and assumes an open-world, i.e., it does not assume a short list of candidate servers is known in advance. CARONTE finds content leaks leading to deanonymization in 4.7% of hidden services. It also uncovers that 84% of the deanonymized hidden services are not trying to hide their location and that 21% of hidden services are running on Tor relays.