Genuine onion: Simple, Fast, Flexible, and Cheap Website Authentication
Paul Syverson, Griffin Boyce
TL;DR
This paper proposes using Tor's .onion system as a simple, fast, flexible, and cost-effective method for website authentication, offering an alternative to traditional TLS certificates.
Contribution
It introduces a novel approach to website authentication leveraging Tor's .onion infrastructure, emphasizing ease, speed, and security over conventional methods.
Findings
Onion-based authentication is easy and quick to implement.
It offers a cheaper alternative to TLS certificates.
Provides comparable security benefits.
Abstract
Tor is a communications infrastructure widely used for unfettered and anonymous access to Internet websites. Tor is also used to access sites on the .onion virtual domain. The focus of .onion use and discussion has traditionally been on the offering of hidden services, services that separate their reachability from the identification of their IP addresses. We argue that Tor's .onion system can be used to provide an entirely separate benefit: basic website authentication. We also argue that not only can onionsites provide website authentication, but doing so is easy, fast, cheap, flexible and secure when compared to alternatives such as the standard use of TLS with certificates.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsInternet Traffic Analysis and Secure E-voting · Network Security and Intrusion Detection · Advanced Malware Detection Techniques