How do you get a specific .onion address for your hidden service?

Shallot is an older program, there are newer alternatives available now:

Scallion - uses GPU hashing, needs .NET or Mono: http://github.com/lachesis/scallion

Eschalot - uses wordlist search, needs Unix or Linux: http://blacksunhq56imku.onion

Eschalot can find longer human-readable names like seedneedgoldcf6m.onion, hostbathdarkviph.onion, etc.

The performance chart quoted above is a bit obsolete now, 8-10 character long .onions are easy enough to find.

There was a discussion back in the day, when shallot first surfaced, about whether custom names for hidden services are bad or not.

Problem number one: generated keys have a much larger public exponent than the standard keys produced by TOR, which puts a somewhat higher load on the TOR relays.

Answer: it was concluded that the difference is negligible compared to the other encryption tasks the relays perform constantly. In eschalot, the largest public exponent is limited to 4294967295 (4 bytes).

Problem number two: TOR developers can decide to filter and block all the custom names.

Answer: yes, they can, but they have not yet and there is really no reason for them to do so. They can just as easily change the standard for the random names too and cause chaos and mass exodus on the network.

Problem number three: generated names are easily spoofed, since the visitor clicking on a link somewhere out there can be tricked by the seemingly right .onion prefix without checking the whole thing. To demonstrate, which one is the real SilkRoad?

silkroada7bc3kld.onion
silkroadqksl72eb.onion
silkroadcqgi4von.onion
silkroady3c2vzwt.onion
silkroadf3drdfun.onion
silkroadbdcmw7rj.onion

Answer: neither, I generated all of them to demonstrate the problem. If you recognized that those were all fakes, you probably spend more time on the SilkRoad than I care to know about :).

To be fair, completely random addresses are even worse - if somebody edits one of the onion links wikis and replaces one random address with another, the casual visitor using that wiki would not know the difference.

Solution: it's essentially up to the person to pay attention which site he is really visiting, but the site owner can create a human readable address that is easier to remember, even if it's a completely random gibberish. As long as it's long and easy to memorize and identify. Some examples:

fledarmyusertvmu.onion
wifefeelkillwovk.onion
ladyfirehikehs66.onion
woodcubabitenem2.onion

I did not spend the time to intentionally generate good names, just picked some from the list I had left after testing eschalot. With a (very) large wordlist, unique looking names are easy to generate, but it will take time to go through the results and manually locate the ones that are decent.

Well, that was my opinion and it could be wrong.

-- Hiro

You can use brute-force to find a key that partly match the hash you want. One tool for this is Shallot. The readme of Shallot says this about the security:

It is sometimes claimed that private keys generated by Shallot are less secure than those generated by Tor. This is false. Although Shallot generates a keypair with an unusually large public exponent e, it performs all of the sanity checks specified by PKCS #1 v2.1 (directly in sane_key), and then performs all of the sanity checks that Tor does when it generates an RSA keypair (by calling the OpenSSL function RSA_check_key).

To get an idea of the time involved in generating with Shallot, also from the readme:

Time to Generate a .onion with a Given Number of Initial Characters on a 1.5Ghz Processor:

characters | time to generate (approx.)
-------------------------------------------------------------------    
1   | less than 1 second    
2   | less than 1 second    
3   | less than 1 second   
4   | 2 seconds    
5   | 1 minute    
6   | 30 minutes    
7   | 1 day    
8   | 25 days  
9   | 2.5 years  
10 | 40 years  
11 | 640 years  
12 | 10 millenia  
13 | 160 millenia  
14 | 2.6 million years

Adding to Johan Nilsson's answer (as I can't post comments): It seems that even 13-character named .onion URLs have been created, a comment on this Tor blog entry mentions a 13-character onion URL: deeproadworksbwj.onion (don't connect to it, I don't know what it is or if it's good).