[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Hello I have a few question about tor network

êíì writes:

> I subscribe tor-talk
> Hello I'm Korean student studying security
> First of all sorry for my bad english. 
> I have a few question about tor network
> 1. Tor network is 100% security network? that can not be hacked by other cracker?
> 2. If not, How can cracker attack tor network that tor can't prevent?


I would suggest looking at Tom Ritter's overview presentation about Tor.
It is very detailed.  Hopefully the technical level will be appropriate
for you and the English content will be clear.


He gives a number of discussions of limitations of Tor and possible
attacks.  There are also attacks that try to deanonymize users (finding
the true IP address of a user responsible for a circuit) or hidden
services (finding the true IP address of a server responsible for a
hidden service) under various conditions and circumstances.  This is an
ongoing area of research for academic studies, and also probably for
governments that want to identify Tor users.

Particular research on Tor has been written about on the Tor blog at


and also collected as part of the anonymity bibliography at


Of course only some of the later papers there relate to Tor, because Tor
didn't even exist at the time that the anonymity field first began! :-)

There are a lot of attacks that are effective at least some of the time.
If you look at the original Tor design paper, they assume that someone
who is watching the place where a user enters the network (the first
node in the chain, today called entry guard) and the place where the
user's communications exit the network (the exit node) will be able to
break the user's anonymity by noticing that the amount and timing of data
going in on one side matches the amount and timing of data coming out on
the other side.  This is pretty serious and has been used to deanonymize
people in real life.  Some of the research papers propose ways of trying
to deanonymize users or hidden services under more restrictive
conditions, where the attacker controls or monitors less of the network,
or controls or monitors something other than entry and exit traffic.

One issue about this is understanding what counts as a successful
attack.  I'm still concerned that Tor users may not understand the issue
presented in the original design about how someone watching both sides
can recognize them!

Another kind of attack that hasn't been discussed very much is the
idea of hacking the individual servers that provide the Tor network,
either by exploiting software vulnerabilities in the Tor server itself
or by exploiting vulnerabilities in other software that these servers
run like Linux or OpenSSH.  This sort of attack could be quite serious
if it affected many different Tor nodes at the same time, because the
nodes could be reprogrammed by the attacker to start logging data and to
cooperate to reveal users' activities.  There's no specific publicly-known
vulnerability that can be used to do this right now; an attacker would
need to find or buy knowledge of a new one (although there might be some
portion of Tor nodes that are slow to apply server software updates,
which might still be vulnerable to older software bugs or might have
stayed vulnerable for a longer period of time).

It's important to understand the difference between hidden services and
exit traffic when reading the academic research, because a lot of
research focuses on deanonymizing hidden services, which poses different
challenges from deanonymizing regular users.  Attacks against hidden
services can be quite serious, but they only represent a small fraction
of the overall use of the Tor system.

Seth Schoen  <schoen@xxxxxxx>
Senior Staff Technologist                       https://www.eff.org/
Electronic Frontier Foundation                  https://www.eff.org/join
815 Eddy Street, San Francisco, CA  94109       +1 415 436 9333 x107
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to