2-node circuits Vs 3-node circuits

Steve Southam ssoutham at ironkey.com
Wed Apr 25 03:43:54 UTC 2007


> I may be wrong on this. It's my understanding that the first hop in
> the chain is created differently, via create-fast, than the nodes
> after it; this means that someone spying on network traffic that sees
> "create-fast" knows that they are looking at a source node, and can
> tell the originating IP.
I don't think people spying on network traffic could see this because of 
the outer TLS layer, but it does let node operators know that a client 
is at the other end of this circuit.
>
> If the first node is made no different than the normal nodes, and
> entry guards are not used, then no one knows which node is the first,
> and no one knows what to spy on / correlate traffic with. Right?
I think so.
>
> Also, what if the path length was "mostly 2, occasionally 3 if the end
> node is not a tor node, but always 3 (2 intermediate notes) ending on
> the tor/end node"? Would that help the unpredictable-ness, without
> causing slowdown?
>
I don't get how the end node can be not a tor node.



More information about the tor-talk mailing list