[tor-relays] New security feature in upcoming tor 0.2.7.x: OfflineMasterKey

nusenu nusenu at openmailbox.org
Wed Nov 18 23:12:33 UTC 2015


Hi,

I'd like to highlight a "new" security feature in the expected upcoming
tor stable release:

offline master keys

I'm posting this here now - before the actual release - because if you
upgrade without thinking about this feature your ed25519 master key will
be generated the first time tor 0.2.7.x starts up and at that point in
time it might be already to late for the - 'master key never touched my
online relay' - option.

Why are offline master keys better then online master keys?

- you can keep the key under your control while using (semi-trusted)
hosting providers
- impact of relay compromise or seizure is less fatal and limited in
time (default worst case: 30days)
- the bad guys have to come back every 30 days to steal your keys again

The default expiry for signing keys is 30 days but can be configured
(torrc).

It is also important to note that if you enable this feature your relays
need more care (depending on how you configure key expiry).
If you forget about it and the signing key expires your relay will
shutdown. Something that will be noticed by a relay operator monitoring
its relays and bw usage.


Even if you are running 0.2.7.x already you can make use of this feature
by moving your master key from the relay to an offline system + torrc
configuration.

Documentation is currently a bit light but s7r is working on improving
it. https://trac.torproject.org/projects/tor/ticket/16645
related tor-dev thread:
https://lists.torproject.org/pipermail/tor-dev/2015-November/009905.html


ansible-relayor will eventually support offline master keys but it will
take some time until tor 0.2.7.x reaches all platforms including
OpenBSD. A first (unreviewed) poc has been committed in a dedicated branch.

https://github.com/nusenu/ansible-relayor/commit/2c4040df7848f382ced02b43f35ca8a9f07ab284

Automation is key in making this feature usable (with short key expiry).


You might want to consider this feature - especially if you run a
significant portion of the tor network.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20151118/b4dc6dfd/attachment.sig>


More information about the tor-relays mailing list