Matej Kovacic matej.kovacic at
Tue May 16 08:24:34 UTC 2006

OK, the problem is what if authority force you to reveal the keys?

I am sure you all know this:
Perfect forward secrecy
    If you lose control of your private keys, no previous conversation
is compromised.

Why not to add aditional feature: to generate keys each time Tor is
started (or even for each "conversation")?

Then you have perfect forward secrecy AND also future secrecy (except an
attacker steals key for each "conversation" at the beginning of it). And
if keys are not stored anywhere, you can't give them.

Or this has already been discussed and I am missing something?
bye, Matej

More information about the tor-talk mailing list