[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Tor Exit node on Intel Atom 230 anyone?



On Tue, Oct 07, 2008 at 06:35:14PM +0200, Eugen Leitl wrote:
> the server went offline a few days before the contract expired,
> and EUServ support (always sluggish) went completely incommunicado.
> Methinks the server was seized for forensic examination. It isn't too
> far-fetched to conjecture they logged the entire traffic on authority
> request, and then yielded the Tor node key for subsequent decryption.

Just to clarify here, Tor's design resists the strategy you describe
here of logging traffic and then later breaking into the Tor relay
to get its key. The long-term identity key for a relay is only used
to sign descriptors.

The actual key exchange for circuit encryption is done with ephemeral
keys, which are discarded when the circuit is done.

I've just cleaned up the faq entry on this topic and moved it to the
new faq I've been growing:
https://www.torproject.org/faq#KeyManagement

--Roger