[tor-bugs] #5968 [Tor]: Improve onion key and TLS management
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Apr 10 00:12:51 UTC 2013
#5968: Improve onion key and TLS management
-------------------------+--------------------------------------------------
Reporter: mikeperry | Owner:
Type: enhancement | Status: new
Priority: major | Milestone: Tor: 0.2.5.x-final
Component: Tor | Version:
Keywords: tor-relay | Parent: #5456
Points: | Actualpoints:
-------------------------+--------------------------------------------------
Comment(by nickm):
If the attacker can steal the identity key for a server, they could
publish their own descriptors to the authorities, containing their own TLS
cert hash and IP. The server operator might notice, but the users
wouldn't.
Sticking this int the _micro_descriptors seems pretty heavyweight. Maybe
I don't understand the attack, though. If the attacker can steal the
identity key for a server, it seems to me that they could also steal the
onion key, replace the server's Tor software, trojan the server in some
other way, publish descriptors with a different onion key, and so on. I
don't think that "identity key compromise" is something that a server can
really recover from in our design.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/5968#comment:7>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list