Same entry and exit node?

Mike Perry mikepery at fscked.org
Fri Oct 14 00:30:39 UTC 2005


Thus spake Arrakistor (arrakistor at gmail.com):

> Consider that if you are running a tor server, and your circuits never
> used  your server as an exit node, that would be rather simple rule to
> identify  you.  To appear anonymous, you have to give every node equal
> statistical probability of being used as an exit node, and then taking
> in balancing I suppose.

> > I notice that everytime I run Tor it opens connections to several nodes.
> > I know this is normal, but recently I ran Tor and checked my IP - it
> > showed that my IP (i.e. the exit node) was the SAME IP as one of the
> > entry nodes I was connected to!
> 

I think the problem Arrakistor is concerned about is the ability of
the endpoint to correlate its exit traffic with the traffic entering
it from his actual IP. This has nothing to do with protecting exit
nodes. It's the fact that in general, you don't want your circuits to
be:

Alice (You) -> Eve -> Charlie -> Eve -> Bob

because Eve could then have a chance of deducing the correlation
between Alice and Bob.

Does Tor protect against this? Is there any reason why it should not?
I suppose you could argue that it is pointless, since Eve could be
controlling two different machines. But I thought the point of the
directory servers/node verification was to combat this attack.


-- 
Mike Perry
Mad Computer Scientist
fscked.org evil labs



More information about the tor-talk mailing list