Opened 11 years ago

Last modified 7 years ago

#821 closed enhancement (Deferred)

How to improve privacy on Tor

Reported by: NoNameAmI Owned by:
Priority: High Milestone:
Component: Core Tor/Tor Version:
Severity: Keywords:
Cc: NoNameAmI, nickm, arma, knappo Actual Points:
Parent ID: Points:
Reviewer: Sponsor:


Tor has one major weakness right now. It seems that it only connects to 3 nodes. This opens Tor up to attacks that could easily be avoided.

How to avoid it:
Make Tor come up with a random number between 3 and 5 and then use that number to determine how many nodes to connect to.

One circuit could be 3, another 5, another 4. It prevents an attack from some entity using many many tor relay servers.

I believe since Tor is aimed at protecting users privacy, this is a very important feature request. I'm surprised it hasn't been implemented yet.

[Automatically added by flyspray2trac: Operating System: All]

Child Tickets

Change History (6)

comment:1 Changed 11 years ago by nickm


There is no attack we know of that is harder against 4-node paths than against 3-node paths. Remember, the best
traffic analysis attacks against Tor are end-to-end traffic correlation attacks, where an attacker who can watch
both ends of a circuit can match the timing and volume patterns of the traffic on each end. For these attacks,
it does not matter how many nodes are in the middle of the circuit.

comment:2 Changed 11 years ago by NoNameAmI

If an attacker or entity owned many Tor nodes, they could at times be all nodes in the circuit. If the number of nodes
are hard coded to 3, they could use that to prove who you are. If Tor chooses the number of nodes in a circuit at random,
they can't say for certain if the person in the circuit that isn't them is the original person or just another node,
unless they somehow happen to be all nodes in the longer circuit. This type of attack needs to be fixed before it
becomes a problem.

comment:3 Changed 11 years ago by knappo

If the Pathlength is not exact 3 but between 3 and 5 it would be harder for an attacker to control every node in the path.
Of course, currently an End-To-End-Attack is the best way to defeat Tor's privacy but I hope in the future we are able to
include some random latency on every hop to harden Tor against this attack. If this latency is implemented the next best
attack would be to control every node in between the client and the target which will be harder if the path length is
longer on most connections.

comment:4 Changed 11 years ago by nickm

NoNameAmi: Look into the predecessor attack against the Crowds system; the attacker doesn't need to know the circuit
length to guess whether a node is relaying or originating traffic. An original paper about it is here:

knappo: I agree that if end-to-end correlation attacks were foiled, then we would want to look into other foiling other
attacks that are strictly harder than end-to-end correlation. But it isn't simply a matter of "adding random latency":
there have been many ways to "add random latency" analyzed in the research literature, and they're all either 1) not
effective enough to be worth it, or 2) so slow that you wouldn't be able to use Tor for TCP any more. These defences
are getting better, but we don't seem even close to something that would be a good idea to add to Tor.

I'm closing this this entry as "Deferred": figuring out how to do this kind of thing and analyzing whether it has
real benefit is the kind of design-intensive and-research-intenstive work that belongs on or-dev, not on the

comment:5 Changed 11 years ago by nickm

flyspray2trac: bug closed.

comment:6 Changed 7 years ago by nickm

Component: Tor ClientTor
Note: See TracTickets for help on using tickets.