How does "DNS" work on the dark web?

Submitted ⁨⁨11⁩ ⁨hours⁩ ago⁩ by ⁨NutinButNet@hilariouschaos.com⁩ to ⁨nostupidquestions@lemmy.world⁩

As I understand it for the public web we all use, public DNS servers serve to guide browsers to IP addresses associated with domain names. But of course IPs change for anonymity’s sake on the dark web yet “domain names” stay the same.

How does my Tor browser know the correct route to get to the site that I am trying to visit each time and know that it is always accurate and won’t take me to a different site (assuming that the owner hasn’t changed on that site)? How does this work to keep site owners anonymous without exposing their information to anyone?

source

Comments

Sort:hotnew top

chaospatterns@lemmy.world ⁨11⁩ ⁨hours⁩ ago
On Tor dark web domains, you use the .onion domain. Tor is configured as a SOCKS proxy, so it doesn’t perform a DNS query. Instead, Tor itself sees you’re trying to connect to an onion domain name. Then it takes the URL and translates that into a public key that it knows how to find in its own hidden service directory.

Only the actual hidden service has a valid private key corresponding to that public key in the URL so cryptography (and the assumption that quantum computers don’t exist) ensures you’re talking to the right server.

Tl;dr effectively no DNS for onion hidden services

source
- trolololol@lemmy.world ⁨2⁩ ⁨hours⁩ ago
  What prevents me from doing all of that with a pre existing domain that belongs to a competitor?
  
  If you get a state sponsored actor could it overtake things by brute force?
  
  I am imagining this distributed nature of tor is similar to crypto currencies, where if you convince a big enough part of the network that an event did happen, for all practical purposes it’s as if it did happen.
  
  source
- LeapSecond@lemmy.zip ⁨10⁩ ⁨hours⁩ ago
  From the link, since I think this is the part most equivalent to DNS.
  
  The Onion Service assembles an Onion Service descriptor, containing a list of its introduction points (and “authentication keys”), and signs this descriptor with the Onion Service’s identity private key.
  
  The Onion Service upload that signed descriptor to a distributed hash table, which is part of the Tor network, so that clients can also get it.
  
  source
DoctorPress@lemmy.zip ⁨10⁩ ⁨hours⁩ ago
Good try, FBI

source
- moseschrute@lemmy.world ⁨6⁩ ⁨hours⁩ ago
  Image
  
  source
  - obinice@lemmy.world ⁨5⁩ ⁨hours⁩ ago
    Who is this bloke and why does he look terrified
    
    source
    -> View More Comments
- palordrolap@fedia.io ⁨9⁩ ⁨hours⁩ ago
  The NSA and GCHQ have both run their own TOR nodes and presumably already have an excellent understanding of how it works, so there's bound to be at least one person, if not an entire department, at the FBI who already understands TOR better than most of the people reading this comment.
  
  source
  - felbane@lemmy.world ⁨3⁩ ⁨hours⁩ ago
    TOR was invented by the US military so I’d be really fuckin shocked if the other branches of government/allies weren’t acutely aware of how it works and what its strengths and weaknesses are.
    
    source