Sniff Tor onions address from a relay

Question

Currently working on a Tor study, I would have a question regarding the tor hidden services.

I read lot of technicals papers to better understand the tor working on this point, like these good articles: The Tor dark net: https://www.cigionline.org/sites/default/files/no20_0.pdf Content and popularity analysis of Tor hidden services: http://arxiv.org/pdf/1308.6768.pdf

But I couldn't get a clear answer to my interogations.

So the question is simple, I would like to know if it's possible, from a relay node, to sniff the traffic to get the onions address accessed through this node ?

In this case, the traffic is fully end to end encrypted, but is it only the data that are encrypted, or the onions address also ? For me, the onion address is a metadata, and not usefull information, so maybe it's not encrypted and we could get these metadatas ?

Thanks in advance for your explanations.

Answer 1

I have worked on finding ALL Onion Addresses in TOR service and as I found, there is no clear way of finding all the Onions. Actually in the next generation of Onion Addresses, HSDirs can not see the Onion Addresses. You may see the full question HERE. As Alexey Vesnin said, you may get a portion of addresses not all of them, because the addresses are put inside a Distributed Hash Table. Check the TOR description on the TOR project's page.

Step two: the onion service assembles an onion service descriptor, containing its public key and a summary of each introduction point, and signs this descriptor with its private key. It uploads that descriptor to a distributed hash table. The descriptor will be found by clients requesting XYZ.onion where XYZ is a 16 character name derived from the service's public key. After this step, the onion service is set up.

Therefore I started a project named Onion Harvester. The aim of the project is to find all Onion addresses and update the list by contribution of volunteer clients. The project main site is OnionHarvester.com

I'll release the project on second week of Jan 2018, but you may visit the source and the repository and how it works. Feel free if you have any question about it.

• The Project site
• The Github for Client
• The Github for Server
• The Project Description in My Personal Site

Answer 2

Yes, you even don't need to dump it, but become a *HSDir** flagged relay, I.e. a hidden services directory. However, there's not much use of it,because you will see a rendezvous points and maybe some HS onions, but they are easy to change. What is your purpose of doing it?