Is it true (yet?) that each router in Tor maintains a connection to each other router? Because? [closed]

Question

Is it true (yet?) that each router in Tor maintains a connection to each other router? Because? [closed]

Navigation

#1 by (7 votes)

9

Each onion router ) maintains a TLS connection with every other onion router.

The paper is ten years ago (2004), when there were a much smaller number of relays in the Tor network. There are more than 5000 .

Does not this number break open sockets or something?
Does it impose a performance penalty on relays?
Does maintaining or not have these connections affect some security primitive?
And what kind of messages do they exchange on those open connections when they are not part of the same circuit?

P.S .: sorry if the translation "onion router" gives shivers to someone. I find it funny;)

redes tor

asked by anonymous 04.04.2014 / 20:03

1 answer

What is the difference between using [CDATA []] inside a tag script? Can I integrate PayPal into my site without the user signing in or creating an account?

score 7 · Accepted Answer

The fact that each Relay node has to connect to any other node of the same type does not mean that the connections need to be open 100% of the time - only while they are being used. I do not know the protocol in detail, but according to this thread at a given moment only one subset of the possible connections are in fact open. There is a configurable limit for the maximum number of open sockets simultaneously, for that reason.

I do not know about performance, but network security is impacted by the number of nodes. According to these two questions in security.SE, if an attacker (for example the NSA) creates a large number of Relays, and a start and stop connection in a Relay controlled by them (even though it leaves and between again) it is possible to correlate the packet size and the date / time of the connection, and thus conclude that the IP address "A" communicated with the "B" - and in many cases (or all), also know the content of this communication.

If the connection only starts at a node controlled by the attacker, you can not know the content, just make a profile (ie know that the IP "A" uses Tor) - what depending on the country and its regime can be everything what they need to know.

Whether there is defense for this or not, I can not say, there is a lot of information and I am not really familiar with this protocol. What I do know is that there are several types of nodes: Entry / Exit , which communicate with Tor clients; Relay , which communicate with each other, and may or may not also be Entry / Exit; Bridge , which is not listed in the Tor directory, so as to make it difficult to identify and block all nodes; etc. In some circumstances, a client can be configured to restrict which nodes can be used as Entry, but according to FAQ this should not normally be done, and may even make anonymity worse.

As for the last question, I do not think there is any communication between the nodes when they are not participating in a circuit at that moment (i.e. transmitting a packet from point A to point B). So much so that the sockets can be closed - if they are not, it is for efficiency reasons.