[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: TOR is for anonymization; so how to add encryption as well?

On Sun, Dec 27, 2009 at 08:47:49PM +0530, arshad3m@xxxxxxxxx wrote 4.4K bytes in 132 lines about:
: 1) is no one able to decrypt the tor's encryption?

Not that we know of.  Tor uses ephemeral keys for all encryption
exchanges.  If your adversary can crack the rsa encryption in under 10
minutes, nothing is going to help you.

: 2) how can i trust the person who runs the tor's exit node?

You don't.  By design, your tor client doesn't trust the tor network.
We routinely scan for misbehaving nodes, notify the operators, and/or
simply drop them off the network.  Otherwise, the vast majority of nodes
are run by people like you trying to help others and increase their own
anonymity by mixing their tor circuits with others.

Andrew Lewman
The Tor Project
pgp 0x31B0974B

Website: https://torproject.org/
Blog: https://blog.torproject.org/
Identi.ca: torproject
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/