[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-dev] Tor HS keys password protection against impersonation attacks?

To: tor-dev@xxxxxxxxxxxxxxxxxxxx
Subject: [tor-dev] Tor HS keys password protection against impersonation attacks?
From: "Fabio Pietrosanti (naif)" <lists@xxxxxxxxxxxxxxx>
Date: Sat, 17 Mar 2012 10:52:59 +0100
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sat, 17 Mar 2012 05:53:16 -0400
List-archive: <http://lists.torproject.org/pipermail/tor-dev>
List-help: <mailto:tor-dev-request@lists.torproject.org?subject=help>
List-id: "This mailing list is for discussion by the developers of Tor." <tor-dev.lists.torproject.org>
List-post: <mailto:tor-dev@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=unsubscribe>
Reply-to: tor-dev@xxxxxxxxxxxxxxxxxxxx
Sender: tor-dev-bounces@xxxxxxxxxxxxxxxxxxxx
User-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:10.0.2) Gecko/20120216 Thunderbird/10.0.2

Hi,
thinking about Tor Hidden services, they are managed by using Hidden
Services client keys.

The Tor HS keys are "private keys" that may require to be protected
because they represent also the "identity" of the Tor HS and if stolen,
it would be possible to carry on impersonation attack on connecting to
Tor HS.
Accepting connections on behalf of the real TorHS, with the goal to
steal passwords, provide fake data to clients, exploit them, etc.


The Tor HS keys are even more sensible than the X509v3, as it does provide:
- identity (similar to an internet domain name)
- routing (similar to an internet IP address)
- encryption (they provide e2e encryption, i don't know if there are
attacks on crypto if they get stolen)

So owning a Tor HS key it's like owning a user domain name, acquiring
it's ip address and the x509v3 private key of his digital certificate
bound to his domain name.


As a protection schema it would be possible to create the Tor HS private
key encrypted with a passphrase, like it's possible to do for x509v3 PEM
certificates.

That the passphrase to unlock the Tor HS key, could be provided via Tor
Control Port, so an external process (UI, scripts) could manage the
setup of the passphrase.

That way even in case of seizure of the server running the Tor HS
it would not be possible to who seized the Tor HS Server to do actively
Impersonation attacks of the Tor HS.


-naif
_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

Follow-Ups:
- Re: [tor-dev] Tor HS keys password protection against impersonation attacks?
  - From: Jacob Appelbaum
- Re: [tor-dev] Tor HS keys password protection against impersonation attacks?
  - From: Jeroen Massar

Prev by Author: Re: [tor-dev] Deployability of Python software.
Next by Author: Re: [tor-dev] Tor HS keys password protection against impersonation attacks?
Previous by thread: Re: [tor-dev] [PATCH] tor-exit-notice.html: shorten Cornell URLs
Next by thread: Re: [tor-dev] Tor HS keys password protection against impersonation attacks?
Index(es):
- Author
- Thread