Back to Security Pattern Catalog




Random Exit


Classification Key : Exterior Security, Information Disclosure

Problem

The exit node of an anonymity network forwards a packet to its final recipient. Exit nodes often come under abuse. Having a few exit nodes reduces the number of points an adversary needs to monitor.
How can an anonymity service prevent exit abuse?

Solution

Allow traffic to exit an anonymity network not only at the endpoints a circuit, but also in the middle of a circuit.

Known Uses

Tor initiators can direct traffic to exit partway down the circuit, by using in-band signaling within the circuit. This frustrates traffic shape and volume attacks based on observing the end of the circuit. Crowds proxies on the path of a web request can locally decide, based on a probability of forwarding, whether to forward traffic through another proxy, or become the last node on the path and communicate with the recipient directly.

Source

Hafiz Privacy Patterns

Tags

Anonymity, Privacy


 

Last modified: May 05, 2012

Conceived and Maintained by: Munawar Hafiz