[tor-talk] I have a quick question about security of tor with 3 nodes
Seth David Schoen
schoen at eff.org
Thu Aug 28 19:59:16 UTC 2014
John Doe writes:
> How can I set the number of relays in the configuration file? Also can you explain why 3 is enough? I hear things of analysis being able to track people trough the various relays they use. This worries me some. Care to help me understand?
https://www.torproject.org/docs/faq.html.en#ChoosePathLength
The link there to the threat model discussion is broken. A link that
works is
https://svn.torproject.org/svn/projects/design-paper/tor-design.html#subsec:threat-model
Historically, this is one of the most common questions about Tor.
There's evidence that some people have successfully deanonymized some Tor
users, but I don't know of evidence that this has been done by tracing
each individual hop of the path (tracing the users "through" each relay
in turn) or that there's a case where that would be the easiest way to
deanonymize a user.
I guess it's possible that that would be the easiest way if _all three_
relays are malicious and are working together; the problem with trying to
add more relays as a response to that is that the Tor design has assumed,
seemingly correctly, that having just a malicious entry and exit relay
that are working together is enough to deanonymous a user in practice.
Adding more middle relays can't affect the probability of that situation.
--
Seth Schoen <schoen at eff.org>
Senior Staff Technologist https://www.eff.org/
Electronic Frontier Foundation https://www.eff.org/join
815 Eddy Street, San Francisco, CA 94109 +1 415 436 9333 x107
More information about the tor-talk
mailing list