2-node circuits Vs 3-node circuits

James Muir jamuir at scs.carleton.ca
Wed Apr 25 15:16:33 UTC 2007 

Michael_google gmail_Gersten wrote:
> So what is the point of create-fast and entry guards?

Entry guards help defend against the Øverlier-Syverson attack on hidden 
services.

Create-fast eliminates some unnecessary public key operations when a 
client negotiates ephemeral keys with its entry guard (they are 
unnecessary because the client already has a confidential and authentic 
TLS connection with its entry guard).  Basically, Create-fast makes 
surfing the web through Tor faster for clients.

> I may be wrong on this. It's my understanding that the first hop in
> the chain is created differently, via create-fast, than the nodes
> after it; this means that someone spying on network traffic that sees
> "create-fast" knows that they are looking at a source node, and can
> tell the originating IP.

Remember that all of the Tor network links are TLS encrypted.  So the 
create-fast command shouldn't be visible to entities outside the 
network.  However, which nodes serve as entry guards is public knowledge 
(this information is posted in the Tor directory).  So, if an ISP 
monitors TLS connections to a known entry guard, then they can collect a 
list of IP addresses of Tor clients.  But remember 1) Tor isn't designed 
to hide the fact that you're using Tor, and 2) using Tor isn't a crime 
(well, in my country it isn't :-)

> If the first node is made no different than the normal nodes, and
> entry guards are not used, then no one knows which node is the first,
> and no one knows what to spy on / correlate traffic with. Right?

Let's say all Tor nodes are equal now (i.e. there are no such thing as 
Entry Guards anymore).  If I monitor one node (say I'm an ISP), then I 
can collect IP addresses of hosts using or participating in the Tor 
network.  Some of these IP address will be from other Tor nodes, and 
some will be from Tor clients.  For any IP address I collect which is 
not listed in the directory, I can be certain that this is the IP 
address of a Tor user (i.e. someone who runs a Tor client and not a Tor 
node).  So even without CREATE_FAST, an ISP can still collect IP 
addresses of Tor users.

> Also, what if the path length was "mostly 2, occasionally 3 if the end
> node is not a tor node, but always 3 (2 intermediate notes) ending on
> the tor/end node"? Would that help the unpredictable-ness, without
> causing slowdown?

Tor clients can use fewer or more than 3 hops if they wish (you might 
have to modify the source code), but as Roger mentioned, using fewer 
than 3 hops is not recommended.  If you use mostly 2-hop circuits, then 
most of the time your entry node will know exactly which other Tor node 
to coerce (e.g. using a subpoena) to determine who you are communicating 
with.

-James

More information about the tor-talk mailing list