[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] I have a quick question about security of tor with 3 nodes

John Doe writes:

> How can I set the number of relays in the configuration file? Also can you explain why 3 is enough? I hear things of analysis being able to track people trough the various relays they use. This worries me some. Care to help me understand?


The link there to the threat model discussion is broken.  A link that
works is


Historically, this is one of the most common questions about Tor.

There's evidence that some people have successfully deanonymized some Tor
users, but I don't know of evidence that this has been done by tracing
each individual hop of the path (tracing the users "through" each relay
in turn) or that there's a case where that would be the easiest way to
deanonymize a user.

I guess it's possible that that would be the easiest way if _all three_
relays are malicious and are working together; the problem with trying to
add more relays as a response to that is that the Tor design has assumed,
seemingly correctly, that having just a malicious entry and exit relay
that are working together is enough to deanonymous a user in practice.
Adding more middle relays can't affect the probability of that situation.

Seth Schoen  <schoen@xxxxxxx>
Senior Staff Technologist                       https://www.eff.org/
Electronic Frontier Foundation                  https://www.eff.org/join
815 Eddy Street, San Francisco, CA  94109       +1 415 436 9333 x107
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to