Gaai Chia – WindowsTechs.com

MITM in Tor: Authentication when an Entry node is sending data back to the Client

Posted on March 22, 2022 by Gaai Chia

Diagram: Server -> Exit Node -> Middle Node -> Entry Node -> Client
In Entry Node -> Client, how does the entry node authenticate that the receiver is a real client but not a MITM?

Continue reading MITM in Tor: Authentication when an Entry node is sending data back to the Client→

How insecure are self-signed certificates? Why does Tor still use them?

Posted on March 19, 2022 by Gaai Chia

How insecure are self-signed certificates?
Why does Tor still use them?

Continue reading How insecure are self-signed certificates? Why does Tor still use them?→

Why does Tor use self-signed certificates? Isn’t it insecure?

Posted on March 16, 2022 by Gaai Chia

Aren’t self-signed certificates vulnerable against MITM attack? What measures did Tor take to prevent MITM attack against self-signed certificates?

Continue reading Why does Tor use self-signed certificates? Isn’t it insecure?→

Tor: How does entry nodes communicate with middle nodes? How does middle nodes communicate with exit nodes?

Posted on March 16, 2022 by Gaai Chia

In Tor, when a client communicates with an entry node, they exchange the parameters such as the prime number and the generator with each other through DH.
What about when an entry node communicating with a middle node, or a middle node com… Continue reading Tor: How does entry nodes communicate with middle nodes? How does middle nodes communicate with exit nodes?→

When a server is sending data back to client, is it vulnerable against MITM attack? How to prevent such kind of MITM attack?

Posted on March 13, 2022 by Gaai Chia

Case One: A Tor exit node sending data forward to a website server.
In this case, a MITM attack can easily success because the traffic is not encrypted. However, the MITM does not know who sent the data originally, it only knows the fact t… Continue reading When a server is sending data back to client, is it vulnerable against MITM attack? How to prevent such kind of MITM attack?→

Can Tor bridges really prevent ISPs from knowing the fact that you are using Tor?

Posted on March 12, 2022 by Gaai Chia

Using Tor bridges for censorship circumvention routes your traffic to a bridge before an entry node. If the IP of the bridge is constant, isn’t it abnormal that you are always connecting to the same IP and thus allow an ISP to know that yo… Continue reading Can Tor bridges really prevent ISPs from knowing the fact that you are using Tor?→

Which type of Diffie-Hellman does Tor use?

Posted on March 12, 2022 by Gaai Chia

Does Tor use Ephemeral DH, Static DH or Anonymous DH? I have heard that the latter two are not secure so I am worried if Tor uses them.

Continue reading Which type of Diffie-Hellman does Tor use?→

How are session keys transferred between a client and a server?

Posted on March 10, 2022 by Gaai Chia

Session keys are generated during TLS handshake and are transferred from clients to server through asymmetric encryption FOR ONCE.
However, I have heard that session keys are single-use, which mean a new set of session keys are going to be… Continue reading How are session keys transferred between a client and a server?→