[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: How can I trust all my Tor nodes in path

Nick Mathewson writes:

> Hi, Seth!
> On Fri, Dec 01, 2006 at 01:15:39PM -0800, Seth David Schoen wrote:
>  [...]
> > Hmmm, if someone owns (not just eavesdrops on) all three nodes, they can
> > connect the sessions in a more reliable way than just a timing attack.
> > One approach would be to record TCP port pairs, which temporarily identify
> > a connection on one end with a connection on the other end.  For example,
> > my local machine knows that I'm currently using TCP port 43514 to make a
> > connection to the SSH service on the server; the server also knows that
> > the client connecting to it is using TCP port 43514.  Thus, both ends know
> > that client:43514 <----> server:22 (at this particular moment) refers to
> > the same TCP session.
> Actually, Tor tunnels multiple circuits over each TLS connection, so
> remembering ports won't do the job.  An attacker who can compromise an
> entire circuit's worth of servers will also need to remember the
> circuit IDs for each circuit.  Still, it wouldn't be hard for an
> attacker to modify Tor to log this.

Whoops, thanks for the clarification!  That makes more sense.

Seth Schoen
Staff Technologist                                schoen@xxxxxxx
Electronic Frontier Foundation                    http://www.eff.org/
454 Shotwell Street, San Francisco, CA  94110     1 415 436 9333 x107