On Sun, Aug 31, 2014 at 12:28:06AM +0200, Aymeric Vitte wrote:
Two is probably enough, assuming the first one does not know it is
the first one, ie is not triggered by a CREATE_FAST request.
No, I don't think this makes sense. It doesn't matter if the first
hop knows it's first. It only matters if the two relays don't collude
to share notes -- since of them sees the user, and the other sees the
user's destination.
The reason Tor uses three hops rather than two is because the first hop
serves as an entry guard. The entry guard defends against the "over time,
if you didn't use one, the chance of getting screwed would go up every
time you switch circuits" issue. But the downside of sticking with the
same first hop is that it acts as a sort of identifier for the user.
If you only used two hops, and the first stayed static, then the exit
relay could build a profile of the sorts of things users do when they come
from that guard. How bad is that? I don't know, but the safe answer is to
put another dynamic (i.e. not associated with the user) relay in between.
For more reading on path selection, you might like
http://freehaven.net/anonbib/#ccs2011-trust
and
https://www.petsymposium.org/2010/papers/hotpets10-Bauer.pdf
Le 29/08/2014 09:55, John Doe a écrit :
Surely this is not as simple as that which you said. Why have even
a middle node if it is only the first and last nodes that count? I
cannot believe this is a simple thing of the first and last nodes giving
people up.
For a summary of some of the "first-last" correlation attacks and pointers
to the papers behind them, see
https://blog.torproject.org/blog/one-cell-enough
--Roger