[tor-talk] Better Privacy for Tor Node Operators

tagnaq tagnaq at gmail.com
Sun Apr 24 17:18:49 UTC 2011

the original subject was
"reducing the negative anonymity impact for Tor node operators running
nodes at home" but then I thought it is a bit to long for a subject line :)

As a tor user you gain anonymity - as a Tor node operator you loose

I would call this a valid statement under certain circumstances.

The positive site effect of a dynamic IP address (lease <1d or even <1w)
is, that your IP is of less use to people trying to track you based on
your IP address.

If you run a Tor node at your home IP address you will loose the
positive side effect of a dynamic IP address and your IP layer anonymity
decreases to that of a static IP address because your node identity
links all your public IP addresses.
Actually it is even worse than being on a static IP address because an
IP address (alone) does not offer the same amount of certainty as
cryptographic ID's do (node fingerprint).
A tracker would have to wonder if IP address Y was assigned to the same
person if he/she sees it again after some months - there is no such
doubt if the IP hosts a Tor node.

For a Tor node operator (running a node at home) the server descriptor
archive becomes a data retention database, but the server descriptor
archive is not the problem.

This issue is even more relevant for Tor nodes running on mobile devices
(e.g. a laptop) If you are running a Tor node on your notebook you
should reset longterm keys and Nickname depending on your location.

Even the fact that you are running a tor node is sensitive information
because this reduces your anonymity set from on out of ~2^32 to one out
of 2^32 ;)

I submitted a Tor feature request to reduce the privacy impact for Tor
node operators running nodes at home:

best regards,
PS: I'm speaking only about non-exit nodes here because running an exit
at home and mixing your traffic with an exit is not a good idea[1].


More information about the tor-talk mailing list