Kerberos Technical Wiki

Comprehensive darknet terminology, protocols, and cryptographic concepts for Kerberos market users and researchers.

/network_protocols

Onion Routing

Multi-hop encrypted proxy system. Each Tor relay knows only previous/next hop, not source/destination. Provides layered anonymity through circuit switching.

Hidden Services

.onion domains hosted on Tor network. Rendezvous points enable server anonymity. TLS encryption + onion routing = double-hop privacy.

Circuit Building

Tor creates 3-hop circuits (guard/middle/exit or intro/rendezvous for HS). Rotated every 10 minutes. Path selection resists timing attacks.

/cryptography

PGP (GnuPG)

OpenPGP standard. RSA/ECDH asymmetric encryption + SHA256 signatures. Keyservers distribute public keys globally. Fingerprint verification prevents MITM.

Monero (XMR)

RingCT confidential transactions + stealth addresses + Ring Signatures (10-16 participants). Untraceable amounts, unlinkable payments.

Perfect Forward Secrecy

Ephemeral session keys. Compromised long-term keys don't decrypt past sessions. Diffie-Hellman key exchange + TLS 1.3.

/security_concepts

OpSec

Operational Security. Compartmentalization, need-to-know principle, air-gapped signing, ephemeral identities, metadata hygiene.

Fingerprinting

Browser/OS characteristics used for tracking. Canvas, WebGL, fonts, timezone, hardware APIs. Tor Browser resists most vectors.

Correlation Attacks

Timing/traffic analysis across network boundaries. Mitigated by padding, traffic shaping, circuit isolation, guard node selection.

/darknet_infrastructure

Market Architecture

PostgreSQL backend + PHP/JS frontend + Redis cache. PGP-signed announcements. Monero-only payments. Escrow + dispute resolution.

Threat Model

State actors, ISP surveillance, endpoint compromise, supply chain attacks, vendor collusion, exit scams. Defense-in-depth required.

Availability Metrics

99.9% onion uptime. Multi-mirror redundancy. DDoS protection via Tor + Cloudflare Magic Transit. Geographic node diversity.