Is it possible to make the Tor onion-routing path longer?

  • By default, Tor uses an onion-routing path with three hops: entry, relay (middle) and exit. Is it possible to configure (or, if necessary, recompile) Tor to use more than three hops? This would lessen the probability that all the hops would be under control of an attacker, right?

    For info on why this is a bad idea, see this FAQ entry

  • Yes, it is possible (through a source-code change), but it is a bad idea. If an attacker is observing (or controls) the first and last hop of your circuit they will very likely be able to de-anonymize you. Changing to four (or more) hop paths doesn't affect the probability of this occurring but it does slow down your Tor connection and increases the load on the Tor network.

    Since you're using 4 and not 3 nodes, isn't it more possible to pick a malicious node in the path?

    @alaf Yes, but it doesn't increase the chance that you pick bad first and last hops. (Unfortunately, my statement is not quite true: see http://freehaven.net/anonbib/#ccs07-doa for why longer paths can hurt your anonymity more.)

    One of the mechanisms that an attacker may employ to figures out which relay is the first hop and which relay is the last hop of a client is by compromising the middle node. Once an attacker compromised the middle node, then she knows which hop is the first node and which hop is the last node the client is using, and now the attacker can compromise these hops to de-anonymise the client. The Guard is specially vulnerable now because it is stationary for weeks and months. If there were several middle nodes, then the attacker was not able to obtain this information from any of the middle nodes

License under CC-BY-SA with attribution


Content dated before 7/24/2021 11:53 AM