Skip to main content

Playing Server Hide and Seek on the
Tor Anonymity Network

Dr Paul Syverson
Naval Research Laboratory

Date:  Thursday, March 30, 2006
Time: 11:00am-12:00pm
Place: 1230 Engineering

Host: L. Xiao


Can you set up a server that anyone can access but no one can find? Yes you can. Since 2004 we have deployed location hidden servers on the Tor network. Anyone can set one up and hide it using Tor. (Tor is a freely available anonymous communication network developed by the Naval Research Laboratory and the Free Haven Project. It is the most widely deployed and used anonymizing network ever in existence. It currently consists of about 450 servers worldwide and has an unknown (hidden) number of users estimated to be about a quarter million. Tor was named one of the 100 best products of 2005 by PC World.)

Hidden services have many uses from resisting server DDoS to anonymous blogging. has published a guide to "Torcasting" (anonymity preserving and censorship resistant podcasting). And both the Electronic Frontier Foundation and Reporters Without Borders have issued guides that describe using hidden services via Tor to protect the safety of dissidents as well as resist censorship.

Our primary focus in this presentation will be attacks. We will start by briefly describing the basic motivation and design of the Tor network and of hidden services. We will then demonstrate attacks we have recently carried out in experiments on the deployed Tor network that uncover the location of hidden servers in a matter of minutes. We will also tell you how to protect against these attacks. We will present entry gaurd nodes and other countermeasures to these attacks that have recently been implemented and describe how they counter the attacks.


Paul Syverson is inventor of Onion Routing, for which he received the Edison Invention Award, and designer of all three generations of Onion Routing systems, including the latest system, Tor. Dr. Syverson has been designing and analyzing security and privacy systems at the Naval Research Laboratory for sixteen years. He has been chair of eight conferences and workshops ranging from the European Symposium on Research in Computer Security to the Privacy Enhancing Technologies Workshop and the Financial Cryptography Conference. He is the editor of several books on these topics, as well as author of many dozens of papers published in refereed conferences and journals. He is also the author of Logic, Convention, and Common Knowledge, a book that discusses philosophical foundations of logic, and employs game theory and distributed computing in doing so. He is former editor of IEEE Cipher. He has been an invited visitor at the Newton Institute for Mathematical Sciences in Cambridge England and was on the faculty of the first International School on Foundations of Security Analysis and Design in Bertinoro Italy. Degrees: PhD and MA in philosophy (logic), MA in mathematics (all three from Indiana), AB in philosophy from Cornell.