Measuring the Leakage of Onion at the DNS Root
The Tor project provides individuals with a mechanism of communicating anonymously on the Internet. Furthermore, Tor is capable of providing anonymity to servers, which are configured to receive inbound connections only through Tor (more commonly called hidden services). In order to route requests to these hidden services, a namespace is used to identify the resolution requests to such services. A namespace under a non-delegated (pseudo) top-level-domain (TLD) of .onion was elected. Although the Tor system was designed to prevent .onion requests from leaking into the global DNS resolution process, numerous requests are still observed in the global DNS.
In this talk I propose to present the state of .onion requests received at the global public DNS A and J root nodes, and a complementary measurement from the DITL (day in the life of the Internet) data repository. I will also present potential explanations of the leakage, and highlights of trends associated with global censorship events.