: : :

Add Comment | Related Links | TrackBack
Related Content

Evil Entities Can Easily Circumvent Tor Network

Tor is a distributed network that provides privacy, security, and anonymity on the Internet. The idea is based on the concept of "Onion Routing". It bounces your data packet around several random Tor routing nodes, before you data packet is transmitted to the final destination. Each Tor routing node only know the previous node and the next node. It does not have knowledge of the full data packet path (circuit). Therefore, no one could trace your IP and your data route. This concept is illustrated in the following diagram (acquired from Tor documentation).

Attached Image:


Chieh Cheng
Fri, 22 Feb 2008 19:27:23 +0000

However, it appears that an evil entity can easily cause the Tor network to loose it's ability to protect the sender and receiver identification. All an evil entity has to do to track where all the data packets are coming from and going to is to infuse a large number of Tor router nodes. Perhaps, a number that is equal to or greater than the number of Tor routers currently in the Tor network will work.

You see, anyone can download the Tor software and set-up a Tor router. Tor works, because of the large number of nodes in its network. It could grow and shrink based on the number of folks running Tor nodes. And with this distributed routing means security in numbers; there is no one authoritative server to take down. That's the beauty of distributed networks. However, it's a double-edged sword. An large entity with unlimited budget and resources, such as your government, can easily introduce a large number of logging Tor routers. By logging the time, the previous node, and the next node, the evil entity acquire the ability to paste together the circuit and acquire the intelligence. The following modified diagram shows what could happen if the evil entity introduces approximately the same number of nodes as currently exists in the Tor network. Evil entity nodes are marked in red.

Attached Image:

1 - htw2.png

Chieh Cheng
Fri, 22 Feb 2008 19:39:43 +0000

At this writing, there are 2389 nodes operating on the Tor network (based on the TorStatus page). An evil entity can easily inject 2500 nodes. In fact, each computer server could run multiple nodes.

The only possible way to defeat this kind of spying is to grow the Tor network to a point where no evil entities could possibly inject enough nodes to eavesdrop. And the best way to do so, is to get everyone that uses Tor to run a routing node. Currently, users can install the Tor client and use the Tor network without allowing itself to be a Tor routing node. As stated in the TheOnionRouter/TorFAQ, "The current Tor network is quite small compared to the number of people trying to use it." Perhaps the implementer of Tor should set Tor routing on by default, thus, turning its user clients into routing clients. This act would increase the difficulty for an evil entity to inject more nodes. And if you are a Tor user, it would server your own interest to turn on routing; it's a matter of security in numbers.

Whether it's possible to out-number any evil entity through the user base is always going to be a valid question. But by making it harder, it would be less likely for an evil entity to justify the expense of running large number of Tor nodes. It's like an additional onion layer of security.

Chieh Cheng
Fri, 22 Feb 2008 21:39:55 +0000

Add Comment | Related Links | TrackBack
Related Content

Did your message disappear? Read the Forums FAQ.

Related Links

Add Comment

Spam Control | * indicates required field
Your Name: *
Remember Me!
Comment: *
File attachment is optional. Please do not attach a file to your submission unless it is relevent.
Attach File:
(20 MB Max)
Spam Protection: * Answer of 5 + 1?
Click button only once, please!


TrackBack only accepted from WebSite-X Suite web sites. Do not submit TrackBacks from other sites.

Send Ping | TrackBack URL | Spam Control

No TrackBacks yet. TrackBack can be used to link this thread to your weblog, or link your weblog to this thread. In addition, TrackBack can be used as a form of remote commenting. Rather than posting the comment directly on this thread, you can posts it on your own weblog. Then have your weblog sends a TrackBack ping to the TrackBack URL, so that your post would show up here.

Messages, files, and images copyright by respective owners.

Articles | Wiki
Forums | Latest | RSS
Library | Links | News
Search | Store | Help

36 Users Online

Hacking Digital Cameras
Fun for Photographers

Amazon Associate

Copyright © 2004 - 2022. All Rights Reserved.