Hello,

inspired by the recent discussions on guard discovery, I went ahead and implemented a small patch for Tor that tries to help defend against Hidden Service guard discovery attacks.

It basically allows the operator to specify a set of nodes that will be pinned as middle nodes in Hidden Service rendezvous circuits. The option only affects HS rendezvous circuits and nothing else.

Of course, it doesn't fix guard discovery, it just pushes guard discovery to the next hop, so that they need to compromise two boxes to win.

You can find my branch in 'sticky_mids' at https://git.torproject.org/user/asn/tor.git .

(Here it is in HTTP shape: https://gitweb.torproject.org/user/asn/tor.git/shortlog/refs/heads/sticky_mi... )

I don't expect this to be merged in mainline Tor, but if any HS operators feel like they need it, here it is.

I coded it fast and it seems to work for me, but please inform me of any bugs.

You can use it by adding a line like this in your torrc: """ HSRendezvousMiddleNodes TorLand1 """

(BTW, I'm not advocating TorLand1, it's just a random relay name I thought of. Please use your own web of trust.)