XMPP federation over Tor hidden services - xnyhps’ blog
vendredi 18 octobre 2013 à 05:47 CAFAI, le 18/10/2013 à 05:47
Tor+federation
One lesser known feature of Tor are hidden services. A user of Tor can set up a server that runs completely inside the Tor network, with a hostname ending in .onion. Users connecting to that host will be guaranteed they are connected to the right host (the server can prove it owns that .onion address), yet the owner of the host will be completely anonymous. Nothing in the protocol will reveal the computer the server runs on.
So here comes what I’ve been working on: federation between hidden services. There are a handful of XMPP servers that also offer a hidden service (for instance, jabber.ccc.de is also reachable as okj7xc6j2szr2y75.onion), but that uses Tor only for the client’s connection.
My goal is to allow users on abcdefghijklmnop.onion to chat with users on zyxwvutsrqponmlk.onion entirely through the Tor network. If everyone installed a local, Tor-federated XMPP server, maybe as a plugin for Adium or Pidgin, then all communication would become very difficult to trace. It can be totally decentralized: no third-parties are needed for two people to chat. No third parties know anything more about the occurrence of chats or the links between people. New identities can be created in seconds. All of this while still supporting many of the features of XMPP: any normal XMPP client with Tor support can be used.
(Permalink)
Tor+federation
One lesser known feature of Tor are hidden services. A user of Tor can set up a server that runs completely inside the Tor network, with a hostname ending in .onion. Users connecting to that host will be guaranteed they are connected to the right host (the server can prove it owns that .onion address), yet the owner of the host will be completely anonymous. Nothing in the protocol will reveal the computer the server runs on.
So here comes what I’ve been working on: federation between hidden services. There are a handful of XMPP servers that also offer a hidden service (for instance, jabber.ccc.de is also reachable as okj7xc6j2szr2y75.onion), but that uses Tor only for the client’s connection.
My goal is to allow users on abcdefghijklmnop.onion to chat with users on zyxwvutsrqponmlk.onion entirely through the Tor network. If everyone installed a local, Tor-federated XMPP server, maybe as a plugin for Adium or Pidgin, then all communication would become very difficult to trace. It can be totally decentralized: no third-parties are needed for two people to chat. No third parties know anything more about the occurrence of chats or the links between people. New identities can be created in seconds. All of this while still supporting many of the features of XMPP: any normal XMPP client with Tor support can be used.
(Permalink)