Onion Services Security Overview

In this page we document existing risk analysis and threat models about the Onion Service technology itself or from other tools relying on it.

Last updated on 2025-02-06.

Core Onion Services

• Onion Service security overview at the vanguards documentation.
• Proving Security of Tor's Hidden Service Identity Blinding Protocol (2013), offering proofs on descriptor unforgeability and unlinkability properties.
• Proposal 344 deals with protocol information leaks in Tor, and some of those may affect Onion Services.
• The research paper Onion Services in the Wild: A Study of Deanonymization Attacks has a survey on existing de-anonymization techniques against Onion Services and it's users.
• Check also the Research references for further and deep discussion on Onion Services security.

Tools

• Onionbalance Security Overview.
• Oniongroove Threat Model.
• Onionspray security pages.
• Quiet Threat Model.
• OnionShare Security Design (v2.6).
• Briar Threat Model.