[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] adding smartcard support to Tor

Thank you grarpamp, but that's not what I'm trying to prevent/achieve. I simply want to host the private key for a hidden service inside a secure element (a smartcard) to ensure that only the hardware that has direct access to my smartcard can publish the descriptors for the service and decrypt incoming packets. I do realize the host will have complete control over the Tor instance and that's fine, I simply want to prevent it (or a different host) from ever publishing this HS without having access to the smartcard.

The idea is to tie the HS to the physical smart card - whoever holds the smartcard can publish the service, once the card is removed, the service moves with it.

An attacker (with or without physical access to the machine running Tor) would not be able to extract any information that would allow him to impersonate the service at a later time. Of course, he can change the _current_ content or serve his own, but cannot permanently compromise the service by reading its private key.

Thank you,
Razvan

--
Razvan Dragomirescu
Chief Technology Officer
Cayenne Graphics SRL

On Fri, Oct 16, 2015 at 1:56 AM, grarpamp <grarpamp@xxxxxxxxx> wrote:
On Tue, Oct 13, 2015 at 4:08 PM, Razvan Dragomirescu
<razvan.dragomirescu@xxxxxxx> wrote:
> essentially, I want to be able to host hidden service keys on the card. I'm
> trying to bind the hidden service to a hardware component (the smartcard) so
> that it can be securely hosted in a hostile environment as well as
> impossible to clone/move without physical access to the smartcard.

The host will have both physical and logical access to your
process space, therefore you're compromised regardless
of where you physically keep the keys or how you acccess
them.

Though there are trac tickets you can search for involving
loading keys into tor controller via remote tunnel without need
to leave and mount or access physical devices in /dev.
_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev