Valet Services: Improving Hidden Servers with a Personal Touch

  • Lasse Øverlier
  • Paul Syverson
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4258)


Location hidden services have received increasing attention as a means to resist censorship and protect the identity of service operators. Research and vulnerability analysis to date has mainly focused on how to locate the hidden service. But while the hiding techniques have improved, almost no progress has been made in increasing the resistance against DoS attacks directly or indirectly on hidden services. In this paper we suggest improvements that should be easy to adopt within the existing hidden service design, improvements that will both reduce vulnerability to DoS attacks and add QoS as a service option. In addition we show how to hide not just the location but the existence of the hidden service from everyone but the users knowing its service address. Not even the public directory servers will know how a private hidden service can be contacted, or know it exists.


Validity Period Directory Server Distribute Hash Table Connection Request Anonymous User 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Anderson, R.J.: The eternity service. In: Proceedings of Pragocrypt 1996 (1996)Google Scholar
  2. 2.
  3. 3.
    Bennett, K., Grothoff, C.: GAP – practical anonymous networking. In: Dingledine, R. (ed.) PET 2003. LNCS, vol. 2760, Springer, Heidelberg (2003)CrossRefGoogle Scholar
  4. 4.
    Berthold, O., Federrath, H., Köpsell, S.: Web MIXes: A system for anonymous and unobservable Internet access. In: Federrath, H. (ed.) Designing Privacy Enhancing Technologies. LNCS, vol. 2009, pp. 115–129. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  5. 5.
    Borisov, N.: Anonymous Routing in Structured Peer-to-Peer Overlays. PhD thesis, UC Berkeley (Spring 2005)Google Scholar
  6. 6.
    Boucher, P., Shostack, A., Goldberg, I.: Freedom systems 2.0 architecture. In: White paper, Zero Knowledge Systems, Inc. (December 2000)Google Scholar
  7. 7.
    Chaum, D.: Untraceable electronic mail, return addresses, and digital pseudonyms. Communications of the ACM 4(2) (February 1981)Google Scholar
  8. 8.
    Clarke, I., Sandberg, O., Wiley, B., Hong, T.W.: Freenet: A distributed anonymous information storage and retrieval system. In: Proceedings of Designing Privacy Enhancing Technologies: Workshop on Design Issues in Anonymity and Unobservability, July 2000, pp. 46–66 (2000)Google Scholar
  9. 9.
    Danezis, G., Lesniewski-Laas, C., Kaashoek, M.F., Anderson, R.: Sybil-resistant dht routing. In: de Capitani di Vimercati, S., Syverson, P.F., Gollmann, D. (eds.) ESORICS 2005. LNCS, vol. 3679, Springer, Heidelberg (2005)CrossRefGoogle Scholar
  10. 10.
    Dingledine, R., Freedman, M.J., Molnar, D.: The Free Haven Project: Distributed anonymous storage service. In: Federrath, H. (ed.) Designing Privacy Enhancing Technologies. LNCS, vol. 2009, Springer, Heidelberg (2001)CrossRefGoogle Scholar
  11. 11.
    Dingledine, R., Mathewson, N., Syverson, P.: Tor: The second-generation onion router. In: Proceedings of the 13th USENIX Security Symposium (August 2004)Google Scholar
  12. 12.
    Fielding, R., Gettys, J., Mogul, J., Frystyk, H., Masinter, L., Leach, P., Berners-Lee, T.: Hypertext transfer protocol – http/1.1. IETF RFC 2616 (June 1999)Google Scholar
  13. 13.
    Goldberg, I.: A Pseudonymous Communications Infrastructure for the Internet. PhD thesis, UC Berkeley (December 2000)Google Scholar
  14. 14.
    Goldschlag, D.M., Reed, M.G., Syverson, P.F.: Hiding Routing Information. In: Anderson, R. (ed.) IH 1996. LNCS, vol. 1174, pp. 137–150. Springer, Heidelberg (1996)Google Scholar
  15. 15.
    Rubin, A.D., Waldman, M., Cranor, L.F.: Publius: A robust, tamper-evident, censorship-resistant, web publishing system. In: Proceedings of the 9th USENIX Security Symposium, August 2000, pp. 59–72 (2000)Google Scholar
  16. 16.
    Murdoch, S.J., Danezis, G.: Low-cost traffic analysis of Tor. In: Proceedings of the 2005 IEEE Symposium on Security and Privacy, May 2005, IEEE CS, Los Alamitos (2005)Google Scholar
  17. 17.
    Øverlier, L., Syverson, P.: Locating hidden servers. In: Proceedings of the 2006 IEEE Symposium on Security and Privacy, IEEE CS, Los Alamitos (2006)Google Scholar
  18. 18.
    Pfitzmann, A., Pfitzmann, B., Waidner, M.: ISDN-mixes: Untraceable communication with very small bandwidth overhead. In: Proceedings of the GI/ITG Conference on Communication in Distributed Systems, February 1991, pp. 451–463 (1991)Google Scholar
  19. 19.
  20. 20.
    Ratnasamy, S., Francis, P., Handley, M., Karp, R., Schenker, S.: A scalable content-addressable network. In: SIGCOMM 2001: Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications, pp. 161–172. ACM Press, New York (2001)CrossRefGoogle Scholar
  21. 21.
    Raymond, J.-F.: Traffic Analysis: Protocols, Attacks, Design Issues, and Open Problems. In: Federrath, H. (ed.) Designing Privacy Enhancing Technologies. LNCS, vol. 2009, pp. 10–29. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  22. 22.
    Reiter, M., Rubin, A.: Crowds: Anonymity for web transactions. ACM Transactions on Information and System Security 1(1) (June 1998)Google Scholar
  23. 23.
    Rowstron, A., Druschel, P.: Pastry: Scalable, distributed object location and routing for large-scale peer-to-peer systems. In: IFIP/ACM International Conference on Distributed Systems Platforms (Middleware), November 2001, pp. 329–350 (2001)Google Scholar
  24. 24.
    Serjantov, A., Sewell, P.: Passive attack analysis for connection-based anonymity systems. In: Snekkenes, E., Gollmann, D. (eds.) ESORICS 2003. LNCS, vol. 2808, Springer, Heidelberg (2003)Google Scholar
  25. 25.
    Stavrou, A., Keromytis, A.D.: Countering DoS attacks with stateless multipath overlays. In: CCS 2005: Proceedings of the 12th ACM conference on Computer and communications security, pp. 249–259. ACM Press, New York (2005)CrossRefGoogle Scholar
  26. 26.
    Stoica, I., Morris, R., Karger, D., Kaashoek, M.F., Balakrishnan, H.: Chord: A scalable peer-to-peer lookup service for internet applications. In: SIGCOMM 2001: Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications, pp. 149–160. ACM Press, New York (2001)CrossRefGoogle Scholar
  27. 27.
    Waldman, M., Mazières, D.: Tangler: a censorship-resistant publishing system based on document entanglements. In: Proceedings of the 8th ACM Conference on Computer and Communications Security (CCS 2001), November 2001, pp. 126–135 (2001)Google Scholar
  28. 28.
    Wright, M., Adler, M., Levine, B.N., Shields, C.: An analysis of the degradation of anonymous protocols. In: Proceedings of the Network and Distributed Security Symposium - NDSS 2002, IEEE, Los Alamitos (2002)Google Scholar
  29. 29.
    Wright, M.K., Adler, M., Levine, B.N., Shields, C.: The predecessor attack: An analysis of a threat to anonymous communications systems. ACM Trans. Inf. Syst. Secur. 7(4), 489–522 (2004); A preliminary version of this paper appeared in [28]CrossRefGoogle Scholar
  30. 30.
    Zhao, B.Y., Huang, L., Stribling, J., Rhea, S.C., Joseph, A.D., Kubiatowicz, J.: Tapestry: A resilient global-scale overlay for service deployment. IEEE Journal on Selected Areas in Communications 22(1), 41–53 (2004)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Lasse Øverlier
    • 1
    • 2
  • Paul Syverson
    • 3
  1. 1.Norwegian Defence Research EstablishmentKjellerNorway
  2. 2.Gjøvik University CollegeGjøvikNorway
  3. 3.Naval Research Laboratory Code 5540Center for High Assurance Computer SystemsWashington DCUSA

Personalised recommendations