gAtO lOOkInG - at the Tor-network intelligence, how does it do what it does. Tor takes volunteers Onion-relays and organizes them into different categories they are called “flags” –
— known-flags Authority BadExit Exit Fast Guard HSDir Named Running Stable Unnamed V2Dir Valid —
Of course there are only now 10 authority flags-servers own and controlled by some of the top people in the Tor-project community. These 10 Authority-relays control all the intelligence that Tor need to run and keep everything working automatic. Every few hours these relays gather the OR-relays and depending on how long they have been turned on, how much bandwidth they have what version of Tor-software and OS they have and put this together into one document then it does a calculation and assigns flags to the 3,500 or so volunteer OR-relays throughout the world. After it’s all said and done they produce a “Consensus Document and sends this information to every HSDir -OR-relay so that clients can find hidden service websites in Tor. The HSDIR relays have all the DNS information to find Tor-hidden service -websites…//
consensus document – May-2013
valid-after 2013-05-17 12:00:00
fresh-until 2013-05-17 13:00:00
valid-until 2013-05-17 15:00:00
voting-delay 300 300
known-flags Authority BadExit Exit Fast Guard HSDir Named Running Stable Unnamed V2Dir Valid
params CircuitPriorityHalflifeMsec=30000 UseOptimisticData=1 bwauthpid=1 pb_disablepct=0
dir-source tor26 14C131DFC5C6F93646BE72FA1401C02A8DF2E8B4 18.104.22.168 22.214.171.124 80 443
contact Peter Palfrader
dir-source turtles 27B6B5996C426270A5C95488AA5BCEB6BCC86956 126.96.36.199 188.8.131.52 9030 9090
contact Mike Perry <mikeperryTAfsckedTODorg>
dir-source maatuska 49015F787433103580E3B66A1707A00E60F2D15B 184.108.40.206 220.127.116.11 443 80
contact 4096R/23291265 Linus Nordberg <email@example.com>
dir-source dannenberg 585769C78764D58426B8B52B6651A5A71137189A dannenberg.ccc.de 18.104.22.168 80 443
contact Andreas Lehner <firstname.lastname@example.org>
dir-source urras 80550987E1D626E3EBA5E5E75A458DE0626D088C 22.214.171.124 126.96.36.199 443 80
contact 4096R/4193A197 Jacob Appelbaum <email@example.com>
dir-source moria1 D586D18309DED4CD6D57C18FDB97EFA96D330566 188.8.131.52 184.108.40.206 9131 9101
contact 1024D/28988BF5 arma mit edu
dir-source dizum E8A9C45EDE6D711294FADF8E7951F4DE6CA56B58 220.127.116.11 18.104.22.168 80 443
contact 1024R/8D56913D Alex de Joode <firstname.lastname@example.org>
dir-source gabelmoo ED03BB616EB2F60BEC80151114BB25CEF515B226 22.214.171.124 126.96.36.199 80 443
contact 4096R/C5AA446D Sebastian Hahn <email@example.com>
dir-source Faravahar EFCBE720AB3A82B99F9E953CD5BF50F7EEFC7B97 188.8.131.52 184.108.40.206 80 443
contact 0x0B47D56D SiNA Rabbani (inf0) <sina redteam io>
r ididnteditheconfig6 AB+dZViiymIEpTtbx+9cX5Y32i0 sjraCwjE8lzInizQ0UPqTI1AHkE 2013-05-17 10:29:13 220.127.116.11 9001 9030
s Exit Fast Running V2Dir Valid
v Tor 0.2.3.25
p accept 20-23,43,53,79-81,88,110,143,194,220,389,443,464,531,543-544,554,563,636,706,749,873,902-904,981,989-995,1194,1220,1293,1500,1533,1677,1723,1755,1863,2082-2083,2086-2087,2095-2096,2102-2104,3128,3389,3690,4321,4643,5050,5190,5222-5223,5228,5900,6660-6669,6679,6697,8000,8008,8074,8080,8087-8088,8332-8333,8443,8888,9418,9999-10000,11371,19294,19638
r MukiMukiAmaguri ADwuo9jHaHhVHIjp8/rSBaoXkj8 qZ48RT3ftleevrpO/kNy1qeBAS0 2013-05-16 18:16:19 18.104.22.168 9001 9030
s Fast HSDir Running Stable Unnamed V2Dir Valid
v Tor 0.2.2.39
p reject 1-65535
r= Version of Tor- -OS -timestamp -IP address
s= Flags of the Onion-relay
w= bandwidth that the relays has
p= Exit relay information
The 10 servers on top of the documents are the Tor- Authority the servers that have all the real power in Tor controlled by – SiNA Rabbani (inf0) <sina redteam io> – Sebastian Hahn <firstname.lastname@example.org> – Alex de Joode <email@example.com> – arma mit edu – Andreas Lehner <firstname.lastname@example.org> – Linus Nordberg <email@example.com> – Mike Perry <mikeperryTAfsckedTODorg> – Jacob Appelbaum – Peter Palfrader <firstname.lastname@example.org> -
These are the real master of the Tor network nah… just joking it’s in the code- gAtO oUt
There is a small set (say, around 5-10) of semi-trusted directory authorities. A default list of authorities is shipped with the Tor software. Users can change this list, but are encouraged not to do so, in order to avoid partitioning attacks.
Every authority has a very-secret, long-term “Authority Identity Key”. This is stored encrypted and/or offline, and is used to sign “key certificate” documents. Every key certificate contains a medium-term (3-12 months) “authority signing key”, that is used by the authority to sign other directory information. (Note that the authority identity key is distinct from the router identity key that the authority uses in its role as an ordinary router.)
Routers periodically upload signed “routers descriptors” to the directory authorities describing their keys, capabilities, and other information. Routers may also upload signed “extra info documents” containing information that is not required for the Tor protocol. Directory authorities serve router descriptors indexed by router identity, or by hash of the descriptor.
Routers may act as directory caches to reduce load on the directory authorities. They announce this in their descriptors.
Periodically, each directory authority generates a view of the current descriptors and status for known routers. They send a signed summary of this view (a “status vote”) to the other authorities. The authorities compute the result of this vote, and sign a “consensus status” document containing the result of the vote.
Directory caches download, cache, and re-serve consensus documents.
Clients, directory caches, and directory authorities all use consensus
documents to find out when their list of routers is out-of-date.
(Directory authorities also use vote statuses.) If it is, they download
any missing router descriptors. Clients download missing descriptors
from caches; caches and authorities download from authorities.
Descriptors are downloaded by the hash of the descriptor, not by the
relay’s identity key: this prevents directory servers from attacking
clients by giving them descriptors nobody else uses.
All directory information is uploaded and downloaded with HTTP.
[Authorities also generate and caches also cache documents produced and
used by earlier versions of this protocol; see dir-spec-v1.txt and
dir-spec-v2.txt for notes on those versions.]