VPN - Tor: can VPN provider see the data?

Question

If I switch VPN on, then use Tor browser, can the VPN provider still see what is passing through Tor?

I am thinking it can't, right? Because the Tor browser encrypts the data into the Onion layer before it sends to the first node?

Answer 1

Between your Tor client and the guard node, the communications are encrypted with three layers of AES128. The first layer is a key shared between you and the guard node. The second layer is a key shared between you and the middle node. The third layer is a key shared between you and the exit node. Each layer provides 2¹²⁸ possible combinations of keys. Simple math dictates that 2¹²⁸×3 equals 2¹³¹, so the three layers total up to the equivalent of 2¹³¹ possible keys.^*

Assuming you are using Tor browser correctly so you are not leaking DNS, the VPN will only be able to see your IP, the IP of the guard node you are connecting to, and the encrypted communications between you and the guard. In order to break them, it would have to either brute force at most 2¹³¹ keys (on average half, or 2¹³⁰ keys), or break the algorithm used to exchanged keys safely, called curve25519. This would require either a major breakthrough in mathematics, or a breakthrough in cryptoanalytic quantum computers. Neither seem likely to appear in the near future, and if they are, they are the kind of things which will be used by FVEY (NSA, GCHQ, etc), not by petty commercial VPN providers who want to snoop on your data.

To answer your literal question: no, the VPN cannot see your data. It only sees encrypted data between you and your guard node.

However, you should be aware that, while Tor is very secure, there are theoretical attacks against it which an actor between you and the guard node, or the guard node itself could pull off. Most of these are termed traffic analysis attacks, because, while they don't involve decrypting the data directly, they involve finding loopholes that end up discovering what the data is without actually finding the encryption key. Tor does have many defenses which makes this more difficult, far too many to name exhaustively, such as padding data into chunks of exactly 514 bytes (previously 512 bytes). However they are not perfect. It is very unlikely that your VPN will be able to pull any of these off, as they often require additional attacks against the entire Tor network.

_{* There's also a separate TLS connection between each node, which a VPN provider would also have to break.}

Answer 2

It depends on how you're using Tor. If you're using the 'Tor browser bundle' then you're probably fine in most cases. If you aren't using the browser bundle though, there's a chance that your DNS requests are going to be sent over the VPN, thus the VPN would know which domains you're visiting.

Another unlikely scenario would be if the VPN happened to host Tor exit nodes. If they controlled the exit node you use, they could use timing correlation to determine what you're looking at.

In the past there's been some risk with javascript de-anonymizing people, or people using certain protocols which may leak your identity.

In any case, using Tor isn't foolproof. It's good, but not without known issues.