Tor entry node decrypt request?

Hello,

Just a question about TOR. Can the entry node (the first node you connect to) KNOW if it is the entry node? If it can, and it is operated by a malicious individual - it should be able to see what site you are trying to connect to since that info has to be passed along. And since the exit node can decrypt the request, so can any other node in theory.

And further, isn't just one bad node along the path able to do the same?

Is this correct thinking?

pwr

 

Hi pwr,

As I understand it, the Tor entry node receives an encrypted request that is passed along.

Thus, due to the encryption, it cannot see what site you are attempting to visit.

-- Tom

 

Yes.

No.

No. It gets handed data encrypted in three russian-doll layers. It can only unlock the first layer and pass it to the next node on the circuit.

No. Tor is designed to distrust other nodes because anyone can participate. It requires the collusion of the entry and exit nodes on a circuit to trivially compromise the communications integrity and link identification back to a source IP. At least, that is only one direct way to compromise tor, historically there are many more.

 

So the "path" and encryption is set up before data enters TOR?

Thanks for your answers =)

 

Correct. From the host, your computer, the path (circuit) is selected, and the data encrypted like so: [entry-node(middle-node(exit-node(DATA)))]. 3 layers of encryption, and that is why it is called "onion" routing.

 

Thanks for the explantion, it's quite clever to layer it like this =) Has the encryption ever been broken?

 

Encryption is usually never broken, because it is not the weak link; however, the Tor network has been compromised numerous times by other methods including participatory attacks, sidechannel attacks, influence attacks, etc.