Reimplementing Tor from Scratch for a Single-Hop Proxy
3 months ago
- #VPN
- #Tor
- #Networking
- The author, a student, needed a fast VPN for mundane tasks like accessing email and installing Linux packages at school, without the anonymity features of Tor.
- Tor's multi-hop routing was too slow, leading the author to explore connecting directly to an exit node, which Tor intentionally disables for security reasons.
- The author discovered that Tor blocks direct client connections to exit nodes by checking identity digests to prevent single-hop proxy usage.
- By starting a relay node and using its keys, the author bypassed Tor's restrictions to establish a direct connection to an exit node, improving speed.
- The project involved reimplementing Tor from scratch in C++ for better control and debugging, focusing on cryptography and networking.
- Key steps included TLS handshakes, version exchanges, certificate verification, and key exchanges to establish a secure connection.
- The author successfully benchmarked the custom implementation (Kurrat) against Tor Browser, finding it faster for their needs.
- The implementation emphasizes error handling with std::optional and modular design for portability and maintainability.
- The code is open-source, with contributions and installation instructions available on GitHub.