I’m doing some proof of concept tests, and my main objective is to make VOIP calls over TOR.
I know that there are several ways to compromise my anonymity using VOIP services
I know that the TOR network was not made for this
I know I will have a considerable loss of quality.
However my main objective is just to prove that it is possible to make a VOIP call on the TOR without compromising the anonymity of my IP.
For this I’m using the following configuration:
- HOST MACHINE
CPU Intel Core i9-7900X.
64GB RAM Memory.
Internet Dedicated LINK 500 MB / s
Host Machine using Nord VPN (premium) configured to use UDP protocol and 128-bit encryption
VM1: Oracle Virtual Box with Whonix Gateway
VM2: Oracle Virtual Box with Whonix Workstation
On Whonix Workstation (VM2) I installed a second VPN called Hotspot Shield and also configured it with the UDP protocol and 128-bit encryption.
Why am I using these settings?
In a normal situation, during a VOIP call, the system would send several UDP packets, some of which would be lost. As UDP is a protocol that doesn’t need confirmation, lost packets have no importance, causing only minor connection failures and voice distorctions.
However, when we trying to make a VOIP call on the TOR network, we have a different situation.
As it is known, the TOR network operates exclusively withTCP / IP protocol, so the VOIP packets that should be sent in UDP are now sent in TCP / IP.
Thus, the VOIP system doesn’t discard the lost packages. On the contrary, at each packet loss the VOIP system requests that it be resent. Absurdly increasing the latency.
What did I do?
I put 2 VPNs, one “in front” and one “in the behind” the TOR network.
So what happens (at least I think) is that the first VPN takes VOIP data packets in UDP format to the TOR network.
Upon reaching the TOR network, the UDP packet is re-encapsulated through the TCP / IP protocol.
When leaving the TOR network and entering the second VPN, the packet is is re-encapsulated (for the third time) in UDP format (again).
In this way if any of the packets are lost within the TOR network the VOIP system will not request it again because the VOIP system is only seeing the packets in UDP format.
This VPN + TOR + VPN configuration has significantly reduced latency making VOIP over TOR calls acceptable.
So what I’d like to know is:
Can the VPN + TOR + VPN configuration compromise the security of my IP in any way?
By adding these 2 VPNs, am I adding any risk of data leakage, packet decryption or even can I “break” something inside Whonix?
In short what I want to know is if using VPN + TOR + VPN my IP address is still protected.
And what are the additional risks of using this VPN + TOR + VPN configuration?