[tor-dev] Is Taking Checksum of Packet Payloads a Vulnerability?

Daniel Cohen danielc192 at gmail.com
Sat Dec 17 16:23:22 UTC 2011


I am new to Tor, but after reading about its design, and reading a few
research papers on its vulnerabilities (specifically timing attacks), I had
the following thought:

Suppose Alice is connecting to Bob via Tor, using HTTPS encryption. She
sends a packet to the Tor entry node (call it En). The packet travels
through the network, emerges from an exit node (call it Ex), and arrives at

Alice => En => Tor Network => Ex => Bob

Now suppose that Alice's connection is being monitored, as well as a group
of the exit nodes (which are either hostile or having their packets
sniffed). When the encrypted packet leaves Alice on its way to En, it is
sniffed, and a checksum is made of its encrypted payload. The packet then
continues through the network as usual, and emerges from an exit node.

It appears to me that the attacker need only check packets coming out of
exit nodes to see if their payload checksums match that of the packet
observed leaving Alice. Unlike timing attacks, which require a reasonable
number of packets to confirm Alice's identity, this attack would require
only one, since checksums have an almost 0% chance of collision. If a
packet with the same payload checksum as Alice's is discovered, it almost
certainly originated from her.

Is this a problem with Tor's architecture? If so, has this issue already
been addressed?


Daniel Cohen
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20111217/683dcedc/attachment.html>

More information about the tor-dev mailing list