[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] I have a quick question about security of tor with 3 nodes



On 08/28/2014 11:49 AM, John Doe wrote:

<SNIP>

> My question goes like this. How is tor safe sufficiently with 3 only
> nodes during your connection using it? I found a method of using tor
> through another tor but I find information both on forums and your
> trac log that this may not be secure and you are going to block this
> feature in future???
> 
> Please can you explain to me how tor is secure using only 3 nodes?

Your client downloads information about all available relays from
directory servers. It picks three that have the guard flag as its entry
guards. Then it starts constructing three-relay circuits, all starting
with one of the entry guards, and ending with a relay that has the exit
flag.

Before the client sends data packets (cells) out through circuits, it
encrypts each multiple times. First it encrypts using the public key of
the exit relay. Next it adds an instruction to forward to that exit
relay, and encrypts to the public key of the middle relay. Then it adds
an instruction to forward to that middle relay, and encrypts to the
public key of the entry guard.

Then it sends that to the entry guard. The entry guard decrypts, and
forwards as instructed to the middle relay. The middle relay decrypts,
and forwards as instructed to the exit relay. And the exit relay
forwards to the specified destination.

The entry guard knows the client and the middle relay, but not the exit
relay or the destination. The middle relay knows the entry guard and the
exit relay, but not the client or the destination. The exit relay knows
the middle relay and destination, but not the entry guard or the client.

> Also if users can do anything to add protection with this?

You can specify more or less relays to use in circuits, but less is
unwise, and more is arguably overkill.
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk