On Tue, Oct 01, 2013 at 04:42:53PM -0400, Jonathan D. Proulx wrote:
As I understand it there are three risk layers in each Tor node:
- The node operator (who has r00t)
- The data center (who has net)
- The legal jurisdiction
I've recently started running a couple of relays on public IaaS providers. To my thinking this doesn't present significant security issues beyond a hosted physical server,
[snip]
The one novel thing this may make easier is stealing the hosts private keys, which would make traffic analysis easier (but I don't thing significantly better) and allow impersonation of the node which would not otherwise be possible (well it maybe possible to steal from memory on a running system given physical access and sufficient equipment, time and expertise but nearly impossible if not actually so).
I'd assume that any private keys present in RAM on an IaaS cloud are disclosed to the cloud vendor, and thence to the NSA. It's a tiny matter of software to do this, and the vendors explicitly give themselves permission to do so in the ToS you agreed to, so why wouldn't they?
I'd welcome a public (and ideally legally binding) statement from an IaaS vendor that they do not disclose customer keys. A "transparency report" disclosing how many law enforcement / intelligence community (LE/IC) requests were satisfied, and how many keys were disclosed, would go a long ways towards closing the credibility gap here.
The picture with colo hardware is a little more nuanced. If you rent hardware from a vendor it probably is managed via IPMI, which is probably hooked up to a VLAN with other devices on it, which is a rat's nest of vulnerability: http://fish2.com/ipmi/how-to-break-stuff.html https://www.usenix.org/conference/woot13/illuminating-security-issues-surrou...
Even if your server cannot be compromised by an IPMI network attack, an attacker with physical access (due to a subpoena, NSL, bribery, or surreptitious insertion) can deploy a commercially available hardware attack against USB or PCIe to extract key material.
In summary, it seems likely that IaaS is pwned wholesale. Colo hardware is somewhat more expensive to attack and possibly succeeds in raising the bar from "software" to "attacker has to roll a truck to pwn me", which is my current recommendation for threat modeling.
-andy