[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] trusting .onion services

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] trusting .onion services
From: Mirimir <mirimir@xxxxxxxxxx>
Date: Thu, 21 Jan 2016 21:52:38 -0700
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 21 Jan 2016 23:52:54 -0500
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/simple; d=riseup.net; s=squak; t=1453438361; bh=VSRxeLbvwnmZJJa6WLzpQTZzRozoHXvPz/Oux+5+SAk=; h=Subject:To:References:From:Date:In-Reply-To:From; b=YCwqcL1B/KwvCJsrF5fACPqIBqyBPt8rAMd3BFyywwEurs4C2wEFURxhsB4vQDXgA MQmGDcX0zxApOmFD+pWbec6X6+h5ybLBCsYdwWgM4tJxDXZhpeT9+TLXWLJe0RzpyD tDKpEiHtwfYIYnY0EIQOdd/6at4gap+6+dqE442g=
In-reply-to: <n7p1ov$fib$1@xxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <20160116212250.GA14827@xxxxxxxxxxxx> <n7p00n$ia8$1@xxxxxxxxxxxxx> <n7p1ov$fib$1@xxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.5.1

On 01/20/2016 03:29 PM, Oskar Wendel wrote:

<snipped many great thoughts about revoking HS descriptors via HSDirs>

> What do you all think?

I agree that HSDirs are the places to handle this. The network already
trusts them not to MitM connections, and send users to malicious HS,
right? And I presume that there is testing for dishonest HSDirs. If not,
there should be.

It would be safest, I think, to simply delete HS descriptors upon
receipt of a valid revocation message, signed by the private key. As
long as operators backup private keys, they can always revoke them. It's
true that adversaries could revoke HS descriptors after stealing private
keys. However, having the site unreachable is arguably the safest
outcome after key compromise.

Private HS keys are often vulnerable, virtually unprotected in remote
hosts. So it's risky to rely on them alone for verifying revocation
messages. However, one could add the option of supplying public GnuPG
keys to HSDirs, signed by HS keys. There could be a time limit on that,
so that it won't become an attack vector. Then HSDirs would require
revocation messages signed by both private HS and GnuPG keys.

It would also be necessary to propagate signed revocation messages among
HSDirs. Each HSDir would check signatures. There's still the risk that
malicious HSDirs would ignore revocation messages. That would require
checking by peers.

Sane?

-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

References:
- [tor-talk] trusting .onion services
  - From: Rejo Zenger
- Re: [tor-talk] trusting .onion services
  - From: Oskar Wendel
- Re: [tor-talk] trusting .onion services
  - From: Oskar Wendel

Prev by Author: Re: [tor-talk] trusting .onion services
Next by Author: Re: [tor-talk] Using VPN less safe?
Previous by thread: Re: [tor-talk] trusting .onion services
Next by thread: Re: [tor-talk] trusting .onion services
Index(es):
- Author
- Thread