How can I trust all my Tor nodes in path
Nick Mathewson
nickm at freehaven.net
Fri Dec 1 22:18:51 UTC 2006
Hi, Seth!
On Fri, Dec 01, 2006 at 01:15:39PM -0800, Seth David Schoen wrote:
[...]
> Hmmm, if someone owns (not just eavesdrops on) all three nodes, they can
> connect the sessions in a more reliable way than just a timing attack.
> One approach would be to record TCP port pairs, which temporarily identify
> a connection on one end with a connection on the other end. For example,
> my local machine knows that I'm currently using TCP port 43514 to make a
> connection to the SSH service on the server; the server also knows that
> the client connecting to it is using TCP port 43514. Thus, both ends know
> that client:43514 <----> server:22 (at this particular moment) refers to
> the same TCP session.
Actually, Tor tunnels multiple circuits over each TLS connection, so
remembering ports won't do the job. An attacker who can compromise an
entire circuit's worth of servers will also need to remember the
circuit IDs for each circuit. Still, it wouldn't be hard for an
attacker to modify Tor to log this.
yrs,
--
Nick Mathewson
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 652 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20061201/ffeb9976/attachment.pgp>
More information about the tor-talk
mailing list