[tor-talk] I have a quick question about security of tor with 3 nodes

Mirimir mirimir at riseup.net
Sat Aug 30 00:59:19 UTC 2014


On 08/29/2014 01:55 AM, John Doe wrote:
> Surely this is not as simple as that which you said. Why have even a
> middle node if it is only the first and last nodes that count? I
> cannot believe this is a simple thing of the first and last nodes
> giving people up.

Some do use just entry guard and exit relay, for lower latency.

Even the NSA, with global intercepts, is apparently not doing
full-network traffic correlation among Tor relays. Maybe they will after
Bluffdale is fully functional.

But Sybil attacks are clearly feasible, and require just some cloud
servers and the skills to use them. See Johnson et al. (2013).[0] It
seems that Sybil attacks against Tor are limited in scale not so much by
an adversary's resources, but rather through oversight by Tor Project
staff. Even though Tor is an open network, relays that behave
suspiciously get evicted.

[0] Johnson et al. (2013) Users Get Routed: Traffic Correlation on Tor
by Realistic Adversaries.
http://www.ohmygodel.com/publications/usersrouted-ccs13.pdf


More information about the tor-talk mailing list