Thank you grarpamp, but that's not what I'm trying to prevent/achieve. I simply want to host the private key for a hidden service inside a secure element (a smartcard) to ensure that only the hardware that has direct access to my smartcard can publish the descriptors for the service and decrypt incoming packets. I do realize the host will have complete control over the Tor instance and that's fine, I simply want to prevent it (or a different host) from ever publishing this HS without having access to the smartcard.
The idea is to tie the HS to the physical smart card - whoever holds the smartcard can publish the service, once the card is removed, the service moves with it.
An attacker (with or without physical access to the machine running Tor) would not be able to extract any information that would allow him to impersonate the service at a later time. Of course, he can change the _current_ content or serve his own, but cannot permanently compromise the service by reading its private key.
Thank you, Razvan
-- Razvan Dragomirescu Chief Technology Officer Cayenne Graphics SRL
On Fri, Oct 16, 2015 at 1:56 AM, grarpamp grarpamp@gmail.com wrote:
On Tue, Oct 13, 2015 at 4:08 PM, Razvan Dragomirescu razvan.dragomirescu@veri.fi wrote:
essentially, I want to be able to host hidden service keys on the card.
I'm
trying to bind the hidden service to a hardware component (the
smartcard) so
that it can be securely hosted in a hostile environment as well as impossible to clone/move without physical access to the smartcard.
The host will have both physical and logical access to your process space, therefore you're compromised regardless of where you physically keep the keys or how you acccess them.
Though there are trac tickets you can search for involving loading keys into tor controller via remote tunnel without need to leave and mount or access physical devices in /dev. _______________________________________________ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev