[tor-dev] Is Taking Checksum of Packet Payloads a Vulnerability?

Dave Jevans djevans at ironkey.com
Sat Dec 17 16:40:33 UTC 2011


This attach will not work.  Alice's tor client on her computer creates a
 Multi layered encrypted connection, hence the term onion routing.  If Alice's connection to the exit node goes through 3 tor nodes (eg entry, middle, exit) then the connection is encrypted three times with different keys as it enters the entry node EN.  This decrypts the first layer, and this traffic is sent to the middle node.   This node decrypts the second layer of the onion, and sends ti to the exit node.   The exit node decrypts the third level of onion encryption and forwards to Bob.

Thus a packet sniffer doing checksums anywhere in between wil Not see the same traffic, and will not be able to correlate between Alice's packets and those that traverse to Bob, or between any of the intermediate nodes.



On Dec 17, 2011, at 8:25 AM, "Daniel Cohen" <danielc192 at gmail.com> wrote:

> Hi,
> 
> I am new to Tor, but after reading about its design, and reading a few research papers on its vulnerabilities (specifically timing attacks), I had the following thought:
> 
> Suppose Alice is connecting to Bob via Tor, using HTTPS encryption. She sends a packet to the Tor entry node (call it En). The packet travels through the network, emerges from an exit node (call it Ex), and arrives at Bob.
> 
> Alice => En => Tor Network => Ex => Bob
> 
> Now suppose that Alice's connection is being monitored, as well as a group of the exit nodes (which are either hostile or having their packets sniffed). When the encrypted packet leaves Alice on its way to En, it is sniffed, and a checksum is made of its encrypted payload. The packet then continues through the network as usual, and emerges from an exit node.
> 
> It appears to me that the attacker need only check packets coming out of exit nodes to see if their payload checksums match that of the packet observed leaving Alice. Unlike timing attacks, which require a reasonable number of packets to confirm Alice's identity, this attack would require only one, since checksums have an almost 0% chance of collision. If a packet with the same payload checksum as Alice's is discovered, it almost certainly originated from her.
> 
> Is this a problem with Tor's architecture? If so, has this issue already been addressed?
> 
> Thanks,
> 
> Daniel Cohen
> _______________________________________________
> tor-dev mailing list
> tor-dev at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev


More information about the tor-dev mailing list