[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: 2-node circuits Vs 3-node circuits



On Tue, Apr 24, 2007 at 05:53:33PM -0700, Steve Southam wrote:
> Is there really any difference in terms of anonymity and encryption 
> between circuits containing 2 nodes or 3 nodes?
> In a 2-node circuit, if someone is snooping node 1 they can see the IP 
> address of the client but not the traffic and not the destination IP 
> address.
> If you're snooping node 2 you can see the destination IP address but not 
> the source.
> If 3 really is better than 2, then why not use 4 or 5 to be even better?

There are some differences. One of them is in the amount of coordination
required to do the attack in the 2-hop case vs the 3-hop case. From
the design paper: "If Alice always uses two hops, then both ORs can be
certain that by colluding they will learn about Alice and Bob." Another
has to do with the fact that the first hop is constrained based on our
"entry guard" design, which may leak a lot of info in the 2-hop case.

See also
http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#VariablePathLength

See http://archives.seul.org/or/dev/Apr-2007/msg00023.html and follow-up
messages for a current discussion.

--Roger