[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] Encrypting the DataDir



Is there a clear threat model justifying use of disk encryption here?
The decryption keys sit in system memory so an adversary with physical
access will surely win. I just don't see the point.

Also I do not have a sense for how big the data directory can get...
so I'm not actually trying here to be helpful in the way you requested.


Cheers,
David


On Mon, May 29, 2017 at 08:07:53PM +0200, Cristian Consonni wrote:
> On 15/05/2017 12:21, aeris wrote:
> > Private key are under encrypted volume and may be protected
> 
> On 21/05/2017 10:02, Roger Dingledine wrote:
> > On Sun, May 21, 2017 at 09:12:39AM +0200, Petrusko wrote:
> >> @aeris, do they ask you to uncrypt the volume ? (good luck to you...)
> >> What can be the best ? Uncrypt the relay to help police when asking,
> >> when this relay is only a relay and storing nothing else ?
> >
> > That's actually why the torservers.net people suggest *not* using disk
> > encryption. Having no barriers makes it much easier for the police to
> > realize that there's nothing useful to them. See also point two of
> >
> https://blog.torproject.org/blog/trip-report-tor-trainings-dutch-and-belgian-police
> 
> From the Tor Exit Guidelines:
> «Disk encryption might be useful to protect your node keys, but on the
> other hand unencrypted machines are easier to "audit" if required. We
> feel it's best to be able to easily show that you do Tor exiting, and
> nothing else (on that IP or server).»
> https://trac.torproject.org/projects/tor/wiki/doc/TorExitGuidelines
> 
> I was wondering if the argument about not encrypting the disk applies
> just to the full-disk encryption or if it is applicable also to the caso
> of encrypting just the DataDir on a fairly small file-based volume (say
> 100MB).
> 
> In the second case, how big can the DataDir get?
> 
> Cristian
> _______________________________________________
> tor-relays mailing list
> tor-relays@xxxxxxxxxxxxxxxxxxxx
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Attachment: signature.asc
Description: PGP signature

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays