I read that Tor proxy maintains a session key with tor nodes and uses it while encrypting data but why do Tor nodes maintain keys with other tor nodes?
-
1Maybe this video will clear things up for you: https://www.youtube.com/watch?v=LAcGiLL4OZU – tlng05 Mar 02 '15 at 15:35
-
I have actually watched that video but the problem is I am not getting that proper word when he is explaining that part...will you please help me with it? – user3857907 Mar 02 '15 at 16:06
2 Answers
The Why has a simple reason that is valid every where you need to establish a secured communication between two machines: exchange application data over the secured channel they have established. All messages sent between two onion routers are encrypted using session key. In other words, as long as those session keys are maintained the communication is secured. Periodic key rotation limits the window of opportunity for impersonating an onion router.
Tor nodes need to encrypt two different types of traffic.
- Traffic moving through a circuit on the way to its destination.
- Traffic between Tor nodes to establish circuits, find hidden services, etc.
In order for a source to encrypt data to a destination (1) a session key is established with the source and each Tor node in the circuit. For more details you can read this question and answer.
For communication between nodes Tor has a separate protocol that it uses, and it secures those communications with TLS. These TLS connections are separate from traffic moving through a circuit because that traffic doesn't need to know what the Tor nodes are communicating to each other. That data only needs to reach its destination. You can read more about how Tor performs that communication with this related question and answer.