5

As I was looking over Tor specifications and I noticed that when a circuit is generated then on each circuit's node a Diffie-Hellman key exchange is being done over an encrypted path on each Node as the image shows bellow:

In other words:

Diffie-Hellman Key Exchange when circuit is generated

So Let us suppose that Alice Cooper wants to visit a website through the Tor Network:

Alice Cooper Visits google via Tor

Would the N1 perform a Diffie-Hellman Key exchange with N3?

Bruno Rohée
  • 5,351
  • 28
  • 39
Dimitrios Desyllas
  • 381
  • 1
  • 2
  • 13

1 Answers1

6

No, the key exchange is done between the client and each relay. This is the general technique behind onion routing. For the modern Tor protocol, the client will exchange a symmetric key (AES128) with three relays using ECDHE (not DHE), specifically using Curve25519. A message being sent from the client will be encrypted three times with each key, and each relay will strip a single layer of encryption. Once the message reaches the exit relay, there is only one layer left, the layer encrypted with the key known by the exit. The exit decrypts it and sends it on its way.

Note that each link between nodes is additionally encrypted using TLS.

onion routing

Also note that your diagram is incorrect. The SOCKS protocol is not used to connect to the first relay (the guard), but rather to allow a local program on your computer to connect to your Tor client (usually over localhost). The protocol used to connect to the first relay is the Tor protocol itself.

forest
  • 65,613
  • 20
  • 208
  • 262
  • It helps to remember that TOR is an acronym for “The Onion Router”. The client wraps the payload in layers of encryption (like an onion), and then each node on the route gets to unwrap one layer. – nbering Apr 03 '18 at 04:35
  • @nbering That's a backronym, meaning it is not really an acronym and never was, it's just a fun coincidence that it spells out the same thing. It's also Tor, [not TOR](https://www.torproject.org/docs/faq.html.en#WhyCalledTor). – forest Apr 03 '18 at 04:37
  • Oh... good to know. I did a project on Tor in 2001 for school, and all the sources seemed to imply it was intentional, but reliable sources were harder to come by back then. – nbering Apr 03 '18 at 04:55
  • Well the original source of course is the first paper: [Tor: The Second-Generation Onion Router](https://svn.torproject.org/svn/projects/design-paper/tor-design.pdf). – forest Apr 03 '18 at 04:57
  • @nbering Wait, how did you do a project on it in 2001, if the original paper was from 2004? – forest Apr 03 '18 at 05:01
  • It was definitely for a Grade 10 computer science paper. We had to do a project on Privacy. The piece I read was a paper from someone at West Point... that's all the detail I remember aside from the protocol implementation. It might have been generation one. – nbering Apr 03 '18 at 05:07
  • If you see citation #49 in the paper, there's a reference to "Onion Routing" as early as 2000 in academic papers. – nbering Apr 03 '18 at 05:13
  • Ah that makes sense! – forest Apr 03 '18 at 05:13
  • @forest I mentioned SOCS in order to repsesent a common setup that may be used by Average Joe what I wanted to show is that a user uses its browser with a proxy setup using SOCS protocol to connect into google.com . – Dimitrios Desyllas Apr 03 '18 at 10:58