concurrent circuits for traffic fragmentation

Brian Szymanski ski at
Fri Jun 4 03:38:06 UTC 2010

On 06/03/2010 11:13 PM, Mansour Moufid wrote:
> Hello,
> Regarding the recent publicity, I was hoping to make a few comments. I
> apologize in advance if this has been discussed before.
> While Tor makes no claims of protecting unencrypted traffic at and
> past exit nodes, it should be possible to mitigate the threat of
> sniffing to a certain degree by fragmenting traffic. What I mean by
> that is that a Tor client should be able to use more than one circuit
> in the network at a time. For example, if a PDF file is downloaded
> through Tor, half of it could pass through one exit node, and the
> other through a second.

Interesting thought.

... But wouldn't your proposal open tor up to further timing attacks and
other sorts of analysis - in other words, it's easier to notice N new
circuits going between two nodes than it is to notice one.

... And there's no reason to expect that fragmentation is significantly
useful in terms of making endpoint connections less insecure - sniffing
the first packet of a ssh connection is more than enough. Leaking half
of a classified document is not necessarily significantly better than a
whole classified document.  Etc. Perhaps if you gave every byte in the
connection a different route, you would do ok, but performance would be
unusable, if the packets even made it through.

In short, tor does not and IMO should not try to eliminate the need for
encrypted protocols like ssh and https. This doesn't seem like a win to me.

Or am I missing something?

Brian Szymanski

More information about the tor-dev mailing list