diff --git a/tor/Dockerfile b/tor/Dockerfile
index 2fc0bdd..3971308 100644
--- a/tor/Dockerfile
+++ b/tor/Dockerfile
@@ -3,6 +3,7 @@ FROM alpine:3.3
 ARG ARM_VERSION=1.4.5.0
 ARG TOR_VERSION=0.2.7.6
 ARG TOR_USER_ID=45553
+ARG GPG_Mathewson="B35B F85B F194 89D0 4E28  C33C 2119 4EBB 1657 33EA"
 
 ENV TERM=xterm
 
@@ -23,7 +24,10 @@ RUN BUILD_DEPS=" \
  && wget -q https://www.torproject.org/dist/tor-${TOR_VERSION}.tar.gz \
  && wget -q https://www.torproject.org/dist/tor-${TOR_VERSION}.tar.gz.asc \
  && gpg --keyserver keys.gnupg.net --recv-keys 0x165733EA \
- && gpg --verify tor-0.2.7.6.tar.gz.asc \
+ && FINGERPRINT="$(LANG=C gpg --verify tor-${TOR_VERSION}.tar.gz.asc tor-${TOR_VERSION}.tar.gz 2>&1 \
+  | sed -n "s#Primary key fingerprint: \(.*\)#\1#p")" \
+ && if [ -z "${FINGERPRINT}" ]; then echo "Warning! Invalid GPG signature!" && exit 1; fi \
+ && if [ "${FINGERPRINT}" != "${GPG_Mathewson}" ]; then echo "Warning! Wrong GPG fingerprint!" && exit 1; fi \
  && tar xzf tor-${TOR_VERSION}.tar.gz \
  && cd tor-${TOR_VERSION} \
  && ./configure --disable-asciidoc \