
Anomalous keys in Tor relays - aburan28
https://nymity.ch/anomalous-tor-keys/
======
mirimir
Thread to watch:

[https://lists.torproject.org/pipermail/tor-
dev/2017-April/01...](https://lists.torproject.org/pipermail/tor-
dev/2017-April/012161.html)

------
fluxist
Targeted hidden services:

    
    
       222222avkcjpcbwi
       22222tolarsrblkw
       22u75kqyl666joi2
       bxgxtfeka5jlfoxi
       e65rngozye7xbzlo
       escrowxzvepij47i
       freebay3yuvebsog
       ghemfwgrouuy5rsl
       h7f3q4yiw6rfpzwz
       jumpwtfbk44aa37y
       kpvz7ki2v5agwt35
       luavqzwze3mduxyw
       lzxsffcd6pn4bg2w
       n3q7l52nfpm77vnf
       silkroadvb5piz3r
       tc43p6yceci5gh2y
       thehub7gqe43miyc
       tssa3saypkimmkcy
       tz4732fxpkehod36
       vljyah4v3i3xiebn
       wd43uqrbjwe6hpre
       xcvwjwwnzjh3og2s
       xnyvcjj6ybauprjx
    

Presence of the original Silk Road would indicate at least a pre-2014 start.
Also a few other early darknet markets in there.

~~~
jwilk
Where did you get this list? AFAICT the article (§5.4) mentions only 4
targeted services:

    
    
      22u75kqyl666joi2.onion
      n3q7l52nfpm77vnf.onion
      silkroadvb5piz3r.onion
      thehub7gqe43miyc.onion

~~~
phw
I'm one of the authors. You are right, these are the only onion services that
were most likely targeted. The others are part of our publicly available
dataset, but most likely false positives.

------
m-j-fox
This is good work. Just like a competent IT department should pen test their
own network, Tor needs white-hat hackers working to shake out the
vulnerabilities.

------
kerouanton
Great work and paper. The fact 53% of the Tor relays have either shared prime
factors or non-standard RSA components is worrying. This kind of research is
mandatory.

~~~
avian
You are misunderstanding the summary. Researchers found ~3500 keys with shared
factors in a historical dataset of ~4M keys. None of the relays with
vulnerable keys they found are online today.

~~~
kerouanton
Thank you for the clarification. I've probably read it too fast.

