Cryptographic Differences with v3 Onions

I’ve been reading up about the v3 onion services that Tor is using now, and I wondered what some of the differences are. For instance, I know that the v3 onions use Elliptic Curve Cryptography, but what necessarily makes that better than what was used previously? And also, can even these hidden services be de-anonymized?

1 Like

Well apart from the upgraded crypto, v3 onion services have a few extra benefits:

  1. The address is a lot longer and harder to impersonate.
  2. the HSdir’s* will no longer be able to discover your .onion address, where a v2 onion address can be discovered by them, this is done by some crypto fairy dust that’s quite difficult to explain in lay-mans terms, i encourage people to read the tor documentation for this.
  3. Because v3 services use elliptic curve crypto, it is also a lot lighter on CPU usage.

For further explanation, I recommend people to read these two links:
https://blog.torproject.org/tors-fall-harvest-next-generation-onion-services
https://gitweb.torproject.org/torspec.git/tree/rend-spec-v3.txt

*A HSdir is a special tor node that will collect and give out onion service advertisements. Its how your Tor client knows which rendezvous point to connect to for the initial handshake.

3 Likes