Mixing Up The Tor Network
I may be wrong, but if the Internet was created again, it would be built with embedded security, and not require secure tunnels. And the Tor network would — possibly — showcase a secure infrastructure, and where each node along a route adds their own encryption key, and cannot see any of data in the traffic. With this, each node creates an encryption key, and then when Bob sends data to Alice, he encrypts with all of the keys of the nodes. Each node then takes off its layer of encryption by decrypting with its own key [background]:
But, there’s a weakness: the exit node, as the traffic is only encrypted with the key that the exit node knows, and can thus examine the traffic flow.
Overall, this is still likely to be SSL tunnel, but the exit node can reveal the destination of the traffic. A malicious exit node could also perform a person-in-the-middle attack, and where they could try and degrade the connection so that it does not use an encrypted tunnel.
Recent attack
And this threat has become real, and where a threat actor has managed to place exit nodes onto the Tor network and then undertaken SSL stripping attacks for cryptocurrency accesses…
