Why is the data from a Tor exit node not encrypted?

The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP





.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty margin-bottom:0;







up vote
2
down vote

favorite












Tor works in such a way that the data is encrypted by the three nodes. I.e., the entry node, relay and the exit node. But why is it not encrypted from the exit node to the destination server? Is this for speed? Or is it because it's not necessary as tracing back is already impossible?










share|improve this question



















  • 1




    How would it negotiate the encryption with the server? Unless you are talking about TLS which is effectively at a different layer.
    – multithr3at3d
    Aug 11 at 2:01










  • The client can use the destination server's public key to encrypt right?
    – PSN
    Aug 11 at 2:04






  • 2




    Which public key? What protocol are you talking about?
    – multithr3at3d
    Aug 11 at 2:04










  • I didn't get it.
    – PSN
    Aug 11 at 2:12










  • Even when the user requests http://example.com/ and some proxy determines that https://example.com/ also exists, there is no guarantee that it's the same site with the same content served securely.
    – curiousguy
    Aug 11 at 6:20
















up vote
2
down vote

favorite












Tor works in such a way that the data is encrypted by the three nodes. I.e., the entry node, relay and the exit node. But why is it not encrypted from the exit node to the destination server? Is this for speed? Or is it because it's not necessary as tracing back is already impossible?










share|improve this question



















  • 1




    How would it negotiate the encryption with the server? Unless you are talking about TLS which is effectively at a different layer.
    – multithr3at3d
    Aug 11 at 2:01










  • The client can use the destination server's public key to encrypt right?
    – PSN
    Aug 11 at 2:04






  • 2




    Which public key? What protocol are you talking about?
    – multithr3at3d
    Aug 11 at 2:04










  • I didn't get it.
    – PSN
    Aug 11 at 2:12










  • Even when the user requests http://example.com/ and some proxy determines that https://example.com/ also exists, there is no guarantee that it's the same site with the same content served securely.
    – curiousguy
    Aug 11 at 6:20












up vote
2
down vote

favorite









up vote
2
down vote

favorite











Tor works in such a way that the data is encrypted by the three nodes. I.e., the entry node, relay and the exit node. But why is it not encrypted from the exit node to the destination server? Is this for speed? Or is it because it's not necessary as tracing back is already impossible?










share|improve this question















Tor works in such a way that the data is encrypted by the three nodes. I.e., the entry node, relay and the exit node. But why is it not encrypted from the exit node to the destination server? Is this for speed? Or is it because it's not necessary as tracing back is already impossible?







encryption tor darknet






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Aug 11 at 14:36









Boann

1775




1775










asked Aug 11 at 1:46









PSN

1186




1186







  • 1




    How would it negotiate the encryption with the server? Unless you are talking about TLS which is effectively at a different layer.
    – multithr3at3d
    Aug 11 at 2:01










  • The client can use the destination server's public key to encrypt right?
    – PSN
    Aug 11 at 2:04






  • 2




    Which public key? What protocol are you talking about?
    – multithr3at3d
    Aug 11 at 2:04










  • I didn't get it.
    – PSN
    Aug 11 at 2:12










  • Even when the user requests http://example.com/ and some proxy determines that https://example.com/ also exists, there is no guarantee that it's the same site with the same content served securely.
    – curiousguy
    Aug 11 at 6:20












  • 1




    How would it negotiate the encryption with the server? Unless you are talking about TLS which is effectively at a different layer.
    – multithr3at3d
    Aug 11 at 2:01










  • The client can use the destination server's public key to encrypt right?
    – PSN
    Aug 11 at 2:04






  • 2




    Which public key? What protocol are you talking about?
    – multithr3at3d
    Aug 11 at 2:04










  • I didn't get it.
    – PSN
    Aug 11 at 2:12










  • Even when the user requests http://example.com/ and some proxy determines that https://example.com/ also exists, there is no guarantee that it's the same site with the same content served securely.
    – curiousguy
    Aug 11 at 6:20







1




1




How would it negotiate the encryption with the server? Unless you are talking about TLS which is effectively at a different layer.
– multithr3at3d
Aug 11 at 2:01




How would it negotiate the encryption with the server? Unless you are talking about TLS which is effectively at a different layer.
– multithr3at3d
Aug 11 at 2:01












The client can use the destination server's public key to encrypt right?
– PSN
Aug 11 at 2:04




The client can use the destination server's public key to encrypt right?
– PSN
Aug 11 at 2:04




2




2




Which public key? What protocol are you talking about?
– multithr3at3d
Aug 11 at 2:04




Which public key? What protocol are you talking about?
– multithr3at3d
Aug 11 at 2:04












I didn't get it.
– PSN
Aug 11 at 2:12




I didn't get it.
– PSN
Aug 11 at 2:12












Even when the user requests http://example.com/ and some proxy determines that https://example.com/ also exists, there is no guarantee that it's the same site with the same content served securely.
– curiousguy
Aug 11 at 6:20




Even when the user requests http://example.com/ and some proxy determines that https://example.com/ also exists, there is no guarantee that it's the same site with the same content served securely.
– curiousguy
Aug 11 at 6:20










1 Answer
1






active

oldest

votes

















up vote
14
down vote



accepted










Encryption of traffic exiting Tor and going to the destination server is based on whether the destination server supports encryption, and whether the destination server was addressed on an encrypted port - just as it would be had the traffic not gone through Tor.



Tor cannot magically do something the destination server doesn't support, or that the client did not request to do.






share|improve this answer




















    Your Answer







    StackExchange.ready(function()
    var channelOptions =
    tags: "".split(" "),
    id: "162"
    ;
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function()
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled)
    StackExchange.using("snippets", function()
    createEditor();
    );

    else
    createEditor();

    );

    function createEditor()
    StackExchange.prepareEditor(
    heartbeatType: 'answer',
    convertImagesToLinks: false,
    noModals: false,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: null,
    bindNavPrevention: true,
    postfix: "",
    noCode: true, onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    );



    );













     

    draft saved


    draft discarded


















    StackExchange.ready(
    function ()
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsecurity.stackexchange.com%2fquestions%2f191369%2fwhy-is-the-data-from-a-tor-exit-node-not-encrypted%23new-answer', 'question_page');

    );

    Post as a guest






























    1 Answer
    1






    active

    oldest

    votes








    1 Answer
    1






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes








    up vote
    14
    down vote



    accepted










    Encryption of traffic exiting Tor and going to the destination server is based on whether the destination server supports encryption, and whether the destination server was addressed on an encrypted port - just as it would be had the traffic not gone through Tor.



    Tor cannot magically do something the destination server doesn't support, or that the client did not request to do.






    share|improve this answer
























      up vote
      14
      down vote



      accepted










      Encryption of traffic exiting Tor and going to the destination server is based on whether the destination server supports encryption, and whether the destination server was addressed on an encrypted port - just as it would be had the traffic not gone through Tor.



      Tor cannot magically do something the destination server doesn't support, or that the client did not request to do.






      share|improve this answer






















        up vote
        14
        down vote



        accepted







        up vote
        14
        down vote



        accepted






        Encryption of traffic exiting Tor and going to the destination server is based on whether the destination server supports encryption, and whether the destination server was addressed on an encrypted port - just as it would be had the traffic not gone through Tor.



        Tor cannot magically do something the destination server doesn't support, or that the client did not request to do.






        share|improve this answer












        Encryption of traffic exiting Tor and going to the destination server is based on whether the destination server supports encryption, and whether the destination server was addressed on an encrypted port - just as it would be had the traffic not gone through Tor.



        Tor cannot magically do something the destination server doesn't support, or that the client did not request to do.







        share|improve this answer












        share|improve this answer



        share|improve this answer










        answered Aug 11 at 2:23









        gowenfawr

        50.1k10107152




        50.1k10107152



























             

            draft saved


            draft discarded















































             


            draft saved


            draft discarded














            StackExchange.ready(
            function ()
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsecurity.stackexchange.com%2fquestions%2f191369%2fwhy-is-the-data-from-a-tor-exit-node-not-encrypted%23new-answer', 'question_page');

            );

            Post as a guest













































































            Popular posts from this blog

            How to check contact read email or not when send email to Individual?

            Displaying single band from multi-band raster using QGIS

            How many registers does an x86_64 CPU actually have?