How do you get a specific .onion address for your hidden service?

  • .onion addresses normally should be made of a base32 string of the first 80 bits of the SHA1 hash of the private key of the server (see .onion address specification).

    Today I ran into a service which clearly doesn't have an arbitrary address: http://sms4tor3vcr2geip.onion/

    How does that work and is it secure?

    It is actually an encoding of a hash of the PUBLIC key, not private, per the spec you linked ("a base32 encoding of a10-octet hash of Bob's service's public key").

  • Hiro

    Hiro Correct answer

    8 years ago

    Shallot is an older program, there are newer alternatives available now:

    Scallion - uses GPU hashing, needs .NET or Mono:

    Eschalot - uses wordlist search, needs Unix or Linux: http://blacksunhq56imku.onion

    Eschalot can find longer human-readable names like seedneedgoldcf6m.onion, hostbathdarkviph.onion, etc.

    The performance chart quoted above is a bit obsolete now, 8-10 character long .onions are easy enough to find.

    There was a discussion back in the day, when shallot first surfaced, about whether custom names for hidden services are bad or not.

    Problem number one: generated keys have a much larger public exponent than the standard keys produced by TOR, which puts a somewhat higher load on the TOR relays.

    Answer: it was concluded that the difference is negligible compared to the other encryption tasks the relays perform constantly. In eschalot, the largest public exponent is limited to 4294967295 (4 bytes).

    Problem number two: TOR developers can decide to filter and block all the custom names.

    Answer: yes, they can, but they have not yet and there is really no reason for them to do so. They can just as easily change the standard for the random names too and cause chaos and mass exodus on the network.

    Problem number three: generated names are easily spoofed, since the visitor clicking on a link somewhere out there can be tricked by the seemingly right .onion prefix without checking the whole thing. To demonstrate, which one is the real SilkRoad?


    Answer: neither, I generated all of them to demonstrate the problem. If you recognized that those were all fakes, you probably spend more time on the SilkRoad than I care to know about :).

    To be fair, completely random addresses are even worse - if somebody edits one of the onion links wikis and replaces one random address with another, the casual visitor using that wiki would not know the difference.

    Solution: it's essentially up to the person to pay attention which site he is really visiting, but the site owner can create a human readable address that is easier to remember, even if it's a completely random gibberish. As long as it's long and easy to memorize and identify. Some examples:


    I did not spend the time to intentionally generate good names, just picked some from the list I had left after testing eschalot. With a (very) large wordlist, unique looking names are easy to generate, but it will take time to go through the results and manually locate the ones that are decent.

    Well, that was my opinion and it could be wrong.

    -- Hiro

    The eschallot link seems to be down... any other place to obtain this program?

    Found eschalot: skunksworkedp2cg.onion It has a link to the eschalot source code, I didn't test it yet.

    The clone is current, the onion link above is dead, but there is a mirror: http://nope7beergoa64ih.onion/eschalot/

License under CC-BY-SA with attribution

Content dated before 7/24/2021 11:53 AM

Tags used