[tor-talk] Is Taking Checksum of Packet Payloads a Vulnerability?

Gregory Maxwell gmaxwell at gmail.com
Sat Dec 17 17:52:58 UTC 2011

On Sat, Dec 17, 2011 at 11:49 AM, Daniel Cohen <danielc192 at gmail.com> wrote:
> Is this a problem with Tor's architecture? If so, has this issue
> already been addressed?

You're mistaking the normal purpose of entry nodes.

Normally if Alice is using Tor then she is running it herself. If she
is running it herself the traffic is encrypted between her and the
subsequent nodes. I don't just mean the end to end https— Tor itself
encrypts the traffic so that the traffic leaving her node can only be
read by the next hop. Effectively, for this purpose, the traffic
'enters' the tor network inside Alice's  computer.  The packets
observable as not identifiable as the ones leaving the network later.

If Alice was in fact not running Tor herself, then the 'entry' node
could completely compromise her privacy without checksums or exit
sniffing or anything like that, which is why Tor is not used that way.

More information about the tor-talk mailing list