[tor-talk] Do onion services have forward secrecy?

Jeremy Rand jeremyrand at airmail.cc
Fri Jun 23 07:57:54 UTC 2017


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

My understanding is that the communication between circuit hops has
forward secrecy, but I've been unable to find any documentation on
whether forward secrecy exists for traffic sent between a Tor client
and a Tor onion service (not just the forward secrecy existing between
adjacent hops).  Or, put another way -- if the machine hosting a
hidden service is compromised after data is exchanged, *and* some/all
of the Tor relays on the circuit were compromised prior to the data
being exchanged, is it feasible for the adversary to decrypt the data
being exchanged?

Some Googling didn't yield anything, other than this unanswered
StackExchange question:
https://tor.stackexchange.com/questions/760/what-is-the-reasoning-behind
- -keeping-hidden-service-onion-rsa-keys-at-1024-lengt

Cheers,
- -- 
- -Jeremy Rand
Lead Application Engineer at Namecoin
Mobile email: jeremyrandmobile at airmail.cc
Mobile OpenPGP: 2158 0643 C13B B40F B0FD 5854 B007 A32D AB44 3D9C
Send non-security-critical things to my Mobile with OpenPGP.
Please don't send me unencrypted messages.
My business email jeremy at veclabs.net is having technical issues at the
moment.
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJZTMn9AAoJELPy0WV4bWVwfC0QAM8YoBjW5pZODqEwmgMkviEy
mlDO0w7Jx3vPKKDFaURkpfY+A+I1C4QUGEBcFFn9oxRi1irap8oUuc03lx5hbmNS
O4NVmmRtvQ9fufzjc3u1W6QntU7lRYWGd/6t3OLBO0Bx6A8Z8YIvXGg0eQviIZ7o
goER9fREvDQ6GcZm02Q8bXoYI78ddjXa9bl1iJH+Gv2f4lVgD3f5HDJEDrK2iQtl
Ob2e39o+i0jQE77PZAirLlyA+3fNgU7tGvZrm6vHaDivN1RON/0SOST/+uZAMfNI
+TNI+QCx9cR7VGpTRY5iEyYL+x9hwWnpv4gjfrz28No4n4ozSjl8WfOAZmlPQ5tC
7GfKWxvUXY86TdE0OaOAzdOEPjiwfC9skDUHHPfeamQE2hAUH8K+pIJpNCfPSA5C
dfsGCLoNRGUjsF1MWE0BxNMs6BRN67i5AYLi8FKekb5lB4uxpxORnDDHMyC6SosV
V0xLz0+dX9WBQbHnGiUGlEELkkuI/OBkjex3gD0oAUZ6/aMwgHHHRIf5kZcmZpc5
iNcyMmoT5VsLfbjQyn3+MWxQokFjHuRf0sE43Ht71p23Uh7QXictDPqi4fLqy2e2
M1eggz0ahDX8/ZxkaXKqJIYfTDr0L+VQch51ApruPcBF5W8+iJknF19HDyYi7tiD
G0MEcQIxez5UTvcSmLmS
=Z45k
-----END PGP SIGNATURE-----


More information about the tor-talk mailing list