Posted on 12 Nov 2016 by Matt TraudtLast upated 02 Dec 2016 at 6:57 pm
So many people share the advice to use a VPN in conjunction wtih Tor, usually by way of placing the VPN between the user and her guard node (connecting to Tor through a VPN). More rarely, the advice is given to place the VPN between her exit and her destination (connecting to a VPN through Tor). On the surface, these ideas sound good, or at least not bad. The first one especially sounds like it must help. More encryption is always better, right?
This post will discuss my reasoning for why using a VPN with Tor is not the obvious security gain that people make it out to be. Users may not lose any safety by adding a VPN, but they certainly aren't gaining any.
First I want to bring up trust. Tor is trustless, a VPN is trusted.
Users don't have to trust every Tor relay that they use in order to stay safe with Tor. As long as the right ones aren't compromised, working together, or otherwise malicious, the user stays protected.
VPN users fully trust their VPN. They trust their VPN provider
Should VPN-provider-X be completely trusted? Maybe. Are they completely trusted by their users? Yes, whether the users realize the amount of trust they are placing in the provider or not.
Assume for just a moment that using only Tor gives Alice the same about of "protection" as using only a VPN. Using only Tor, she doesn't have to trust any single entity. Using a VPN, she has to completey trust her VPN provider.
So why use a tool that requires the user's trust, when she can use a tool that doesn't?
This brings up the question: If Alice chooses she 100% trusts her VPN provider and wants to use Tor with a VPN, does the VPN add any value? I will address this question in two parts based on whether the VPN comes "before" or "after" Tor.
Now I'll start with what is easiest to actually accomplish and is recommended most often. I prefer to discuss this as a series of reasons why someone would even think about using a VPN in this way.
For whatever reason, Tor is blocked for Alice. Maybe her company has a really strict firewall or her country has a super strict firewall. But apparently the firewall wouldn't block a VPN.
Alice should try using a Tor bridge first. A bridge is simply an unlisted Tor guard relay. If she was getting blocked because she was trying to connect to an IP known to be a Tor relay, this would help.
If that doesn't work, maybe her traffic is being blocked because it looks like Tor traffic. It is fingerprintable after all. If this seems to be the case, then Alice should try using a bridge with a pluggable transport. Pluggable transports make Tor traffic look different so it can (hopefully) not be fingerprinted and then blocked. obfs4 is a popular PT that makes the Tor traffic between Alice and her bridge look like encrypted garbage. meek is another PT that makes it look like Alice is talking to a website in the Amazon or Microsoft cloud.
First, Alice should consider whether or not her adversary is even capable of extracting information from her ISP. Is what she's doing even illegal where she lives? Is it embarassing? To what lengths will her adversary go (or can her adversary go) in order to figure out who she is? If Alice is just trying to hide an embarassing habit from her spouse or circumvent her incompetent country's censorship, hiding her Tor usage may not even be necessary.
If Alice determines that she really does need to hide her Tor usage, she should first consider using bridges or bridges with pluggable transports. See the preceeding section for information on those.
I would like to preface this with: a global passive adversary (GPA) isn't something everyone should just assume they have to deal with.
A GPA can watch and record Internet traffic "all over," where "all over" is a large enough number of places that, in the context of Tor, they can watch/record traffic entering the Tor network as well as watch/record traffic leaving the Tor network. One way to accomplish this would be for the GPA to run Tor relays themselves, but that isn't a necessity. They could work with/hack/compromise ISPs and ASes "all over" until they get a good view of Tor's edge traffic.
A VPN between Alice and her entry point into the Tor network sounds like it would help, right? The GPA watching and correlating traffic will correlate her traffic to her VPN's IP address, not hers.
My rebuttal is best summed up with rhetorical questions: if her adversary is powerful enough to be able to watch traffic entering and exiting the Tor network, aren't they also capable of watching traffic enter and exit a single VPN provider?
Why would anyone ever assume that the GPA they're protecting themselves against would be stopped dead in its tracks by a VPN? If they can watch traffic leaving "enough" of the almost 1000 Tor exits and "enough" of the roughly 2500 Tor guards, then why would all of the following be impossible?
If Alice thinks she has a GPA to worry about, I think she is a fool for assuming the GPA can't find her behind a VPN.
I will now switch gears to discussing connecting to a VPN through the Tor network. People usually consider doing this because they want to appear to have an IP address that doesn't change and isn't associated with Tor.
First I will ignore safety and talk about speed. I should preface this with: I've never actually tried this, but have a good enough understanding about how this stuff works that I'm confident I can make some claims.
The most common way to connect to a VPN, as far as I'm aware, is with OpenVPN. OpenVPN works best when using UDP, but it technically supports using TCP. Tor cannot transport UDP, so if using OpenVPN, then the user must us it in TCP mode.
What's so bad about TCP mode? The details get rather technical unfortunately, but I'll try to sum it up.
TCP guarantees reliable in-order delivery of data. Among other things, it accomplishes this by retrasmitting lost packets.
When using Tor, Alice has a TCP stream between her exit and her destination. If her destination (from the point of view of the exit) is an OpenVPN server using TCP, then there is a TCP stream within a TCP stream. If what Alice is ultimately doing uses TCP (like browsing the web, for example), then the Tor TCP stream contains an OpenVPN TCP stream that contains Alice's actual TCP stream. If any of these streams detect packet loss, all of them will notice, back off on their trasmission rates, and retransmit the packets they think got lost. This is absolutely terrible for performance.
So if Alice decides she doesn't care about the huge performance hit, what does she get? She certainly gets the non-Tor IP address she wanted. Does she gain anything that I discussed in the previous section about connecting to Tor through a VPN?
Alice's ISP will see her talking to a Tor guard. She could use a bridge (or even a bridge with a pluggable transport) to prevent this. Again see this section for information on bridges.
Will she hide her true IP address from a global passive adversary? I already explained why thinking an adversary can't get information out of a VPN provider but can perform traffic analysis attacks on Tor users is silly. So no, if she's trying to protect herself from a GPA, she shouldn't consider using Tor to connect to a VPN any safer than just using Tor in my opinion.
Finally, there's the matter of trust to consider again. Alice must be sure her VPN provider is worthy of the trust she will be placing in it. She must have paid her VPN provider in a way that can't be traced back to her. She must be sure that the VPN provider doesn't keep traffic or connection logs. She has to trust herself to never mess up and connect to her VPN without Tor. And for this VPN to be of any benefit at all, she must convince herself that her adversary can't somehow work with the VPN provider, compromise the VPN provider, or work with/compromise ISPs and ASes near the VPN provider.
I'm usually one of the first to remind people that everyone's security needs are different. I generally hate it when people immediately jump to assuming that the user asking for advice needs protection from a super powerful adversary. Not everything I've said may apply to you, the reader. And maybe in my limited experience I've missed something that you have a question about. I've seen many discussions about using a VPN with Tor though, and I hope very long-winded post will help you made an informed decision.
sources: number of Tor exits and guards