user_image

Rob G. Jansen, PhD

Computer Scientist, Researcher, and Principal Investigator
U.S. Naval Research Laboratory, Washington, DC, USA

Publication Details

  1. Citation

    Paul Syverson, Rasmus Dahlberg, Tobias Pulls, and Rob Jansen:
    Onion-Location Measurements and Fingerprinting. Proceedings on Privacy Enhancing Technologies, vol. 2025, no. 2, 2025.

    Author Links

    Venue Links

    Abstract

    Onion-Location makes it easy for websites offering onion service access to support automatic discovery in Tor Browser of the random-looking onion address associated with their domain. We provide the first measurement study of how many websites are currently using Onion-Location. We also describe the open-source tools we created to conduct the study. Onion-Location has been criticized elsewhere for its lack of transparency and vulnerability to blocking. Perhaps even more troubling, we show that Onion-Location is vulnerable to very accurate fingerprinting. We present recommended changes to and alternatives to Onion-Location as well as steps towards even more secure onion discovery and association.

    Bibtex

    @article{onionloc-popets2025,
      title = {Onion-Location Measurements and Fingerprinting},
      author = {Syverson, Paul and Dahlberg, Rasmus and Pulls, Tobias and Jansen, Rob},
      journal = {Proceedings on Privacy Enhancing Technologies},
      volume = {2025},
      number = {2},
      year = {2025},
      doi = {10.56553/popets-2025-0074},
    }