[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Tor Exit node on Intel Atom 230 anyone?

To: or-talk@xxxxxxxxxxxxx
Subject: Re: Tor Exit node on Intel Atom 230 anyone?
From: Roger Dingledine <arma@xxxxxxx>
Date: Sun, 23 Nov 2008 02:51:35 -0500
Delivered-to: archiver@xxxxxxxx
Delivered-to: or-talk-outgoing@xxxxxxxx
Delivered-to: or-talk@xxxxxxxx
Delivery-date: Sun, 23 Nov 2008 02:51:41 -0500
In-reply-to: <20081007163514.GK11968@xxxxxxxxx>
References: <48EB2F59.1060900@xxxxxxxxxxxxxxx> <20081007163514.GK11968@xxxxxxxxx>
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx
User-agent: Mutt/1.5.13 (2006-08-11)

On Tue, Oct 07, 2008 at 06:35:14PM +0200, Eugen Leitl wrote:
> the server went offline a few days before the contract expired,
> and EUServ support (always sluggish) went completely incommunicado.
> Methinks the server was seized for forensic examination. It isn't too
> far-fetched to conjecture they logged the entire traffic on authority
> request, and then yielded the Tor node key for subsequent decryption.

Just to clarify here, Tor's design resists the strategy you describe
here of logging traffic and then later breaking into the Tor relay
to get its key. The long-term identity key for a relay is only used
to sign descriptors.

The actual key exchange for circuit encryption is done with ephemeral
keys, which are discarded when the circuit is done.

I've just cleaned up the faq entry on this topic and moved it to the
new faq I've been growing:
https://www.torproject.org/faq#KeyManagement

--Roger

Prev by Author: Re: DoS attack
Next by Author: Re: Tor 0.2.1.6-alpha is out
Previous by thread: Re: not in the list. Not in the tor network map.
Next by thread: tor-0.2.0.32 doesn't compile on Solaris?
Index(es):
- Author
- Thread