Theoritical tor whonix encryption

since we all know that TOR doesnt encrypt the connection but making it untraceable by making the connection go through different circuits… so i was asking, why not making this happen through whonix tor concept? and i want to give different models for this.

NOTE BEFORE READING :- anyone who read these models should make sure that this is just from theory prospective and it is coming just from my simple imagination but not based on real study or readings. all i want from these models to c if they r possible or not.


WS = WorkStation

WG = GateWay (sure mean the out connection is Torified)

E = encryption or encrypted connection

1- host — WS-- E isolated connection --GT—webpage

2- host — E—WS—GT—webpage

3- host—WS E’ (not-understandable)—GT E" (understandable)—webpage

what do i mean by E’ & E" or E not understandable & E understandable or E negative & E positive ?

i think i can define that by:- the encrypted connection which is go forward.

for example:-

host ip is 111.111.111.11 going to go to E’ and it is going to be xxx.xxx.xxx.xx (this will not going to be understandable to the internet protocol)

then xxx.xxx.xxx.xx going to go to the E"; and E" will do 3 functions:-

A- it will change formula of the encryption from xxx.xxx.xxx.xx to uuu.uuu.uuu.uu

B- it will translate this uuu.uuu.uuu.uu to 999.999.999.99 then Torified
(going connection)

C- it will re-translate the encryption but witha coming connection , like:-

999.999.999.99 to uuu.uuu.uuu.uu then to xxx.xxx.xxx.xx .

then E’ will translate the xxx.xxx.xxx.xx to the original ip which is 111.111.111.11


btw if we cant put E’ on WS, the process E’ E" can be in GT only or the E’ in the host and E" in GT . so no problem where does the process locate if it able to work.

if this theory can be done well i dont c how they gonna c the real ip even if TOR connection compromised. because the process of encryption the ip will be done inside the OS not outside like in VPN.

Why?

The connection is already encrypted so why do you want to add another layer of encryption?

In other words, it’s true that tor doesn’t encrypt the connection but if one is accessing an encrypted connection through SLL and port 43 it’s still encrypted, just not by tor. Tor doesn’t magically turn an encrypted connection into an unecrypted one.

Why?

The connection is already encrypted so why do you want to add another layer of encryption?

to increase the avoidance of compromised ppl when using TOR (like ignorance ppl of TOR warnings/cautions)

In other words, it's true that tor doesn't encrypt the connection but if one is accessing an encrypted connection through SLL and port 43 it's still encrypted, just not by tor. Tor doesn't magically turn an encrypted connection into an unecrypted one.

ssl or vpn or proxy , all r depending on the one who will provide these servers which mean u should put a blind trust at certain point with these providers because u cant check for sure if they r really dont manage to c ur traffics or collecting data …etc or not.

so that why i have put the suggestion or model number 3 , which is like saying:-

why do i need to go to an outside server in order to encrypt my connection ? why not making that within the virtualmachine ?

so all the process of encrypting the connection going to be inside the OS which i myself using it; so it will give for sure higher confidence than the host->vpn->tor->website for example.

if u suggest using host->tor->vpn->website thats not advisable because u gonna freeze the connection through one circuit only. beside the outside connection from ur host will still be giving ur real ip.

so model 3 if it possible by any case it will change the security of the connection thats going through TOR to its higher levels.

true ur connection inside TOR still not encrypted but even though it is not a problem because it is encrypted before even reaching TOR.

You can’t encrypt IP addresses. Specifically not on your host computer. Whatever you do on your computer, when packages leave the local network, on the external network they only appear with the IP given by the ISP. And that one is always traceable. Whatever IP magic you use in the internal network won’t have affect on how it will appear on the external network. If this was possible, if IP hiding was that simple, there would be people already using this without Tor.

Correct. Let us be clear here, however…all the ISP can see is the traffic to the first hop (the Tor entry node). That is how they can tell one is using Tor (assuming that one is not using the various tricks to try to obfuscate Tor.)

So while the ISP can trace the IP the only info they have is that IP Address X is using Tor.

Right.

aha i c now. so one last question:-

if there is an ISP decided to give anonymous IPs to their users and they r not interesting in ppl information, is that possible ? or it is a fixed principle or mechanism within the ISP/IP (internet) system ?

That would be very helpful. Possible in theory they could do some useful stuff. I never heard any of that type existing.

[quote=“nurmagoz, post:7, topic:1364”]aha i c now. so one last question:-

if there is an ISP decided to give anonymous IPs to their users and they r not interesting in ppl information, is that possible ? or it is a fixed principle or mechanism within the ISP/IP (internet) system ?[/quote]

This is where the issue of metadata retention enters…

With limited metadata collection one in fact has an anonymous IP. Let’s use my ISP as an example–it assigns dynamic IP and keeps IP logs for nine months. So once nine months has gone by that means there is no way to tell what my IP did. So my data usage as become anonymous to my ISP because it has deleted all record of it.

But there is nothing fixed about nine months. It could be three minuets, three weeks, three days. They could not keep logs at all–in which case the only way to see your IP would be to look at your connection in real time.

However, this is the best that can be done–no logs. The reason is physical–data transfer exists across a physical medium and that physical medium must always bridge two physical objects. Think of the kids toy of two cans on a string–if someone can follow the string from one end of the can they will always be able to get to the other can.

So a genuine anonymous IP is impossible–the best that can be done is a kind of pseudo-anonimity where no data is retrained.

Here is a way to visualize what is happening with Tor…

This is a simple internet connection

This is that same connection Torified–(with Tor being the plate of spaghetti)

All traffic analysis and other such attacks are doing is trying to unravel the plate of spaghetti. Such attacks only work, however, because eventually all data must exit at a user. At some point in time, with a big enough pile of pasta, the attacks become computationally too expensive to work successfully–but they never become physically impossible(1).

edit: (1) Assuming that P!=NP

aha i c , so it is fixed by the system mechanism. in this case even if there is an existing country that want to give the freedom of browsing to their ppl by default that wont be possible. except if they deleted the metadata, but not by install X system or changing X in the internet.

thnx for clearing that.

  • Also putting all clients behind a NAT’ed shared IP and not keeping logs is nice. The early days in mobile networks perhaps.
  • Registrationsless sim cards if still existing anywhere is nice also.
  • Also free wifi hotspots.

yeah true , wish that to become true one day. governments doesnt trust their ppl that why we r having privacy issues.wish we can reach with whonix to a point we will make those governments suffer to leak any human private infos.

[quote=“Patrick, post:12, topic:1364”]- Also putting all clients behind a NAT’ed shared IP and not keeping logs is nice. The early days in mobile networks perhaps.

  • Registrationsless sim cards if still existing anywhere is nice also.
  • Also free wifi hotspots.[/quote]

Even these are not hindrances to a determined and resourceful adversary. For example, if a person uses public wifi someone can do a stakeout at that location to correlate a person’s physical movements with their on-line movements. That is how the FBI used the Stringray to arrest David Ringmaiden.

The truth remains that all data is transferred across a physical medium. All a privacy or anonymity focused individual can do is erect roadblocks, hurdles, etc that make the task of tracking one down more difficult. More difficult but never, in theory, impossible. The positive side is that no one has infinite resources so if someone throws up enough hurdles it might persuade their adversary to find easier prey. Maybe. That’s the /hope/.

True. Just helpful.