Attacks on Onion Discovery and Remedies via Self-Authenticating Traditional Addresses

Abstract: Onion addresses encode their own public key. They are thus self-authenticating, one of the security and privacy advantages of onion services, which are typically accessed via Tor Browser. Because of the mostly random-looking appearance of onion addresses, a number of onion discovery mechanisms have been created to permit routing to an onion address associated with a more meaningful URL, such as a registered domain name. We describe novel vulnerabilities engendered by onion discovery mechanisms recently introduced by Tor Browser that facilitate hijack and tracking of user connections. We also recall previously known hijack and tracking vulnerabilities engendered by use of alternative services that are facilitated and rendered harder to detect if the alternative service is at an onion address. Self-authenticating traditional addresses (SATAs) are valid DNS addresses or URLs that also contain a commitment to an onion public key. We describe how the use of SATAs in onion discovery counters these vulnerabilities. SATAs also expand the value of onion discovery by facilitating self-authenticated access from browsers that do not connect to services via the Tor network.