Tor in the Internet of Things (IoT)
The integration of hidden services in the Internet of Things (IoT) offers a solution to the limitations of IPv4 addresses. IoT devices, including connected vehicles, smart home systems, automated lighting, IP cameras, and various sensors (temperature, vibration, PM2.5), traditionally rely on Bluetooth for communication and data transfer. These devices typically connect to a central unit equipped with both Bluetooth and a network interface card to transmit data.
In a world where IPv6 is not yet widespread, and IPv4 addresses are scarce, an innovative approach, named “The Internet of Onion Things,”1 was proposed. Unlike traditional IP-based addressing, .onion addresses in the Tor network use cryptographic keys, specifically RSA-1024 in Tor v2 and Ed25519 in Tor v3, as unique identifiers for websites.
Taking Ed25519 (Tor v3) as an example, it starts with generating a 256-bit private key, which translates to a configuration space of 2²⁵⁶, allowing for the creation of 2²⁵⁶ unique website addresses.
Address Quantity Comparison: IPv4 (2³²) < IPv6 (2¹²⁸) < Tor v3 (2²⁵⁶)
Ed25519 Overview2
Ed25519 keys originate from a 32-byte (256-bit) uniformly random binary seed, typically the output of a SHA256 hash on random input. This seed undergoes a SHA512 hash, resulting in 64 bytes (512 bits), divided into two halves. The first 32 bytes are converted into a curve25519 private scalar “a” after some bit manipulations. The public key is then derived by multiplying this scalar by the generator point “B”, resulting in a 32-byte (256-bit) group element “A”.
Interestingly, Tor’s network can operate atop the existing IPv4 or IPv6 infrastructure, allowing the limited 2³² addresses of IPv4 to expand significantly. This expansion alleviates concerns about the scarcity of IPv4 addresses for devices like IP cameras.
An added advantage of using .onion addresses in IoT is the increased difficulty for attackers to target these devices. The vast address space of 2²⁵⁶ in Tor v3 presents a much higher challenge for scanning and attacking compared to the 2³² space of IPv4.
Applications of “The Internet of Onion Things”3
This concept has been practically applied in various ways, as detailed in the provided resource.
Enjoy Reading This Article?
Here are some more articles you might like to read next: