TOR is for anonymization; so how to add encryption as well?
andrew at torproject.org
andrew at torproject.org
Mon Dec 28 02:55:17 UTC 2009
On Sun, Dec 27, 2009 at 08:47:49PM +0530, arshad3m at gmail.com wrote 4.4K bytes in 132 lines about:
: 1) is no one able to decrypt the tor's encryption?
Not that we know of. Tor uses ephemeral keys for all encryption
exchanges. If your adversary can crack the rsa encryption in under 10
minutes, nothing is going to help you.
: 2) how can i trust the person who runs the tor's exit node?
You don't. By design, your tor client doesn't trust the tor network.
We routinely scan for misbehaving nodes, notify the operators, and/or
simply drop them off the network. Otherwise, the vast majority of nodes
are run by people like you trying to help others and increase their own
anonymity by mixing their tor circuits with others.
--
Andrew Lewman
The Tor Project
pgp 0x31B0974B
Website: https://torproject.org/
Blog: https://blog.torproject.org/
Identi.ca: torproject
***********************************************************************
To unsubscribe, send an e-mail to majordomo at torproject.org with
unsubscribe or-talk in the body. http://archives.seul.org/or/talk/
More information about the tor-talk
mailing list