Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

> I also do not think their claims of Tor subversion hold water. From what I understand of Tor, directory information (including nodes' key fingerprints) is ultimately verified by the hard-coded keys of very few "trusted" operators of authoritative directory servers.

I'm very fascinated by this. Do you have any links to a faq/technical entry that focuses on these directory servers and their application?



I do not know about a FAQ, but this document describes what I mentioned: https://gitweb.torproject.org/torspec.git?a=blob_plain;hb=HE... (read the section "1. Outline").

    There is a small set (say, around 5-10) of semi-trusted directory
    authorities.  A default list of authorities is shipped with the Tor
    software.  Users can change this list, but are encouraged not to do so,
    in order to avoid partitioning attacks.
 
    Every authority has a very-secret, long-term "Authority Identity Key".
    This is stored encrypted and/or offline, and is used to sign "key
    certificate" documents.  Every key certificate contains a medium-term
    (3-12 months) "authority signing key", that is used by the authority to
    sign other directory information.  (Note that the authority identity
    key is distinct from the router identity key that the authority uses
    in its role as an ordinary router.)
 
    Routers periodically upload signed "routers descriptors" to the
    directory authorities describing their keys, capabilities, and other
    information.  Routers may also upload signed "extra info documents"
    containing information that is not required for the Tor protocol.
    Directory authorities serve router descriptors indexed by router
    identity, or by hash of the descriptor.
 
    Routers may act as directory caches to reduce load on the directory
    authorities.  They announce this in their descriptors.
 
    Periodically, each directory authority generates a view of
    the current descriptors and status for known routers.  They send a
    signed summary of this view (a "status vote") to the other
    authorities.  The authorities compute the result of this vote, and sign
    a "consensus status" document containing the result of the vote.
 
    Directory caches download, cache, and re-serve consensus documents.
 
    Clients, directory caches, and directory authorities all use consensus
    documents to find out when their list of routers is out-of-date.
    (Directory authorities also use vote statuses.) If it is, they download
    any missing router descriptors.  Clients download missing descriptors
    from caches; caches and authorities download from authorities.
    Descriptors are downloaded by the hash of the descriptor, not by the
    relay's identity key: this prevents directory servers from attacking
    clients by giving them descriptors nobody else uses.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: