SlideShare ist ein Scribd-Unternehmen logo

The Onion Routing (TOR)

•Als PPTX, PDF herunterladen•
•
A
Amrit Khandelwal

A simple explained slide on Onion Routing.

Internet
1 von 27
THE ONION ROUTING BY AMRIT KHANDELWAL REG NO.:1081120070
ONION ROUTING OVERVIEW • Onion routing is a technique for anonymous communication over a computer network. Messages are repeatedly encrypted and then sent through several network nodes called onion routers. Like someone peeling an onion, each onion router removes a layer of encryption to uncover routing instructions, and sends the message to the next router where this is repeated. This prevents these intermediary nodes from knowing the origin, destination, and contents of the message. • Onion routing was developed by Michael G. Reed (formerly of Extreme Networks), Paul F. Syverson, and David M. Goldschlag, and patented by the United States Navy in US Patent No. 6266704 (1998). As of 2009, Tor is the predominant technology that employs onion routing.
CAPABILITIES OF ONION ROUTING • The idea of onion routing (OR) is to protect the privacy of the sender and recipient of a message, while also providing protection for message content as it traverses a network. • Onion routing accomplishes this according to the principle of Chaum's mix cascades: messages travel from source to destination via a sequence of proxies ("onion routers"), which re-route messages in an unpredictable path. To prevent an adversary from eavesdropping on message content, messages are encrypted between routers. The advantage of onion routing (and mix cascades in general) is that it is not necessary to trust each cooperating router; if any router is compromised, anonymous communication can still be achieved. This is because each router in an OR network accepts messages, re-encrypts them, and transmits to another onion router. An attacker with the ability to monitor every onion router in a network might be able to trace the path of a message through the network, but an attacker with more limited capabilities will have difficulty even if he or she controls routers on the message's path. • Onion routing does not provide perfect sender or receiver anonymity against all possible eavesdroppers—that is, it is possible for a local eavesdropper to observe that an individual has sent or received a message. It does provide for a strong degree of unlinkability, the notion that an eavesdropper cannot easily determine both the sender and receiver of a given message. Even within these confines, onion routing does not provide any guarantee of privacy; rather, it provides a continuum in which the degree of privacy is generally a function of the number of participating routers versus the number of compromised or malicious routers.
RE-ROUTING ARCHITECTURE
ROUTING ONIONS • A routing onion (or just onion) is a data structure formed by 'wrapping' a plaintext message with successive layers of encryption, such that each layer can be 'unwrapped' (decrypted) like the layer of an onion by one intermediary in a succession of intermediaries, with the original plaintext message only being viewable by at most: • the sender • the last intermediary (the exit node) • the recipient • If there is end-to-end encryption between the sender and the recipient, then not even the last intermediary can view the original message; this is similar to a game of 'pass the parcel'. An intermediary is traditionally called a node or router.
‘WRAPPING’ METHOD DIAGRAM
CIRCUIT ESTABLISHMENT • The originator picks nodes from a list provided by a special node called the directory node (traffic between the originator and the directory node may also be encrypted or otherwise anonymised or decentralised); the chosen nodes are ordered to provide a path through which the message may be transmitted; this ordering of the nodes is called a chain or a circuit. No node within the circuit, except for the exit node, can infer where in the chain it is located, and no node can tell whether the node before it is the originator or how many nodes are in the circuit. • Using asymmetric key cryptography, the originator uses the public key (obtained from the directory) of the first node in the circuit, known as the entry node, to send it an encrypted message, called a create cell, containing: • A circuit ID. The circuit ID is random and different for each connection in the chain. • A request for the receiving node (i.e. the entry node in this case) to establish a circuit with the originator. • The originator's half of a Diffie-Hellman handshake (to establish a shared secret). • The entry node, which just received one half of the handshake, replies to the originator, in unencrypted plaintext: • The entry node's half of the Diffie-Hellman handshake. • A hash of the shared secret, so that the originator can verify that he/she and the entry node share the same secret. • Now the entry node and originator use their shared secret for encrypting all their correspondence in symmetric encryption (this is significantly more efficient than using asymmetric encryption). The shared secret is referred to as a session key.
• A relay cell, as opposed to a command cell like the create cell used in the first step, is not interpreted by the receiving node, but relayed to another node. Using the already established encrypted link, the originator sends the entry node a relay extend cell, which is like any relay cell, only that it contains a create cell intended for the next node (known as the relay node) in the chain, encrypted using the relay node's public key and relayed to it by the entry node, containing the following: • A circuit ID. Once again, it is arbitrary, and is not necessarily the same for this connection as it is for the previous. • A request from the entry node to the relay node to establish a circuit. • The originator's half of a Diffie-Hellman handshake. Once again, the new node cannot tell whether this handshake originated from the first node or the originator, it is irrelevant for operating the chain. • The relay node, similar to the first step, replies with its half of the handshake in plain text along with a hash of the shared secret. • As the entry node - relay node circuit has been established, the entry node replies to the originator with a relay extended cell, telling it that the chain has been extended, and containing the hash of the shared secret along with the relay node's half of the handshake. The originator and the relay node now share a secret key. • To extend the chain further, the originator sends the entry node a relay cell which contains a relay cell that only the relay node can decrypt, instructing the relay node to extend the chain further. The process can be repeated as above to as many nodes as possible. In Tor, for example, chains are limited to 3 nodes: the entry node, the relay node, and the exit node.
DATA STRUCTURE : SENDING DATA •{RELAY C1: • [RELAY C2: • (Send HTTP request to IP-of-webpage)]} Where curly brackets indicate content encrypted with the entry node's shared key, square brackets content encrypted with the relay node's key, and regular brackets content encrypted with the exit node's key. Upon receiving the cell, the entry node only sees the following: • RELAY C1: • ENCRYPTED CONTENT The entry node knows that relay requests for circuit ID 1 (C1) should be relayed to circuit ID 2 (C2), since it received a request from the originator to extend the circuit earlier. For this reason, there is no need for the originator to know the circuit IDs, it is enough for it to tell the entry node which circuit it refers to. The entry node takes the payload and sends a relay cell to the relay node. Upon receiving the relayed cell from the entry node, the relay node sees the following: • RELAY C2: ENCRYPTED CONTENT The relay node follows the same protocol as the entry node and relays the payload to the exit node. The exit node sees this: •RELAY C3: Send HTTP request to IP-of-webpage The exit node proceeds to sending an HTTP request to the website.
TOR
TOR : INCEPTION • Tor was originally designed, implemented, and deployed as a third-generation onion routing project of the U.S. Naval Research Laboratory. It was originally developed with the U.S. Navy in mind, for the primary purpose of protecting government communications. Today, it is used every day for a wide variety of purposes by normal people, the military, journalists, law enforcement officers, activists, and many others.
TOR: OVERVIEW • Tor (originally short for The Onion Router) is free software for enabling online anonymity. Tor directs Internet traffic through a free, worldwide volunteer network consisting of more than three thousand relays to conceal a user's location or usage from anyone conducting network surveillance or traffic analysis. Using Tor makes it more difficult to trace Internet activity, including "visits to Web sites, online posts, instant messages and other communication forms", back to the user and is intended to protect users' personal privacy, freedom, and ability to conduct confidential business by keeping their internet activities from being monitored. • "Onion Routing" refers to the layers of the encryption used. The original data, including its destination, are encrypted and re-encrypted multiple times, and sent through a virtual circuit comprising successive, randomly selected Tor relays. Each relay decrypts a "layer" of encryption to reveal only the next relay in the circuit in order to pass the remaining encrypted data on to it. The final relay decrypts the last layer of encryption and sends the original data, without revealing or even knowing its sender, to the destination. This method reduces the chance of the original data being understood in transit and, more notably, conceals the routing of it. • As the 2013 anonymity-stripping attacks on Freedom Hosting users demonstrated, it is often possible to attack Tor users indirectly, e.g., via vulnerabilities in servers and web browsers.
TOPIC OF DISCUSSION •HIDDEN SERVICES •STAYING ANONYMUS •THE FUTURE OF TOR
HIDDEN SERVICES • Tor also makes it possible for users to hide their locations while offering various kinds of services, such as web publishing or an instant messaging server. Using Tor "rendezvous points," other Tor users can connect to these hidden services, each without knowing the other's network identity. This hidden service functionality could allow Tor users to set up a website where people publish material without worrying about censorship. Nobody would be able to determine who was offering the site, and nobody who offered the site would know who was posting to it. Learn more about configuring hidden services and how the hidden service protocol works.
STAYING ANONYMOUS • Tor can't solve all anonymity problems. It focuses only on protecting the transport of data. You need to use protocol-specific support software if you don't want the sites you visit to see your identifying information. For example, you can use Torbutton while browsing the web to withhold some information about your computer's configuration. • Also, to protect your anonymity, be smart. Don't provide your name or other revealing information in web forms. Be aware that, like all anonymizing networks that are fast enough for web browsing, Tor does not provide protection against end-to-end timing attacks: If your attacker can watch the traffic coming out of your computer, and also the traffic arriving at your chosen destination, he can use statistical analysis to discover that they are part of the same circuit.
THE FUTURE OF TOR • Providing a usable anonymizing network on the Internet today is an ongoing challenge. We want software that meets users' needs. We also want to keep the network up and running in a way that handles as many users as possible. Security and usability don't have to be at odds: As Tor's usability increases, it will attract more users, which will increase the possible sources and destinations of each communication, thus increasing security for everyone. We're making progress, but we need your help. Please consider running a relay or volunteering as a developer. • Ongoing trends in law, policy, and technology threaten anonymity as never before, undermining our ability to speak and read freely online. These trends also undermine national security and critical infrastructure by making communication among individuals, organizations, corporations, and governments more vulnerable to analysis. Each new user and relay provides additional diversity, enhancing Tor's ability to put control over your security and privacy back into your hands.
USERS OF TORS • NORMAL PEOPLE • MILITARY SERVICES • NGO’s AND WHISTLEBLOWERS • BLOGGERS • LAW ENFORCEMENT OFFICERS • JOURNALISTS AND THEIR AUDIENCE • IT PROFESSIONALS
PROJECTS BY TOR :
TOR BUTTON Torbutton is integrated into Tor Browser. Torbutton disables many types of active content and threats to your privacy when using a web browser.
TOR BROWSER BUNDLE The Tor Browser Bundle contains everything you need to safely browse the Internet. This package requires no installation. Just extract it and run.
VIDALIA Vidalia is a graphical Tor controller. It allows you to see where your connections are in the world and configure Tor without getting into configuration files and code.
ORBOT In collaboration with The Guardian Project, we're developing Tor on the Google Android mobile operating system. A related application is Orlib; a library for use by any Android application to route Internet traffic through Orbot/Tor.
TORCLOUD The Tor Cloud project gives you a user-friendly way of deploying bridges to help users access an uncensored Internet via the Amazon EC2 cloud. By setting up a bridge, you donate bandwidth to the Tor network and help improve the safety and speed at which users can access the Internet. Get started with Tor Cloud.
OBFSPROXY Obfsproxy is a pluggable transports proxy written in C. It shapes Tor traffic, making it harder for censors to detect and block the Tor protocol.
SHADOW Shadow is a discrete-event network simulator that runs the real Tor software as a plug-in. Shadow is open-source software that enables accurate, efficient, controlled, and repeatable Tor experimenentation.
TOR2WEB Tor2web allows Internet users to browse websites running in Tor hidden services. It trades user anonymity for usability by allowing anonymous content to be distributed to non-anonymous users.
THANK YOU.

Empfohlen

Onion routing and tor: Fundamentals and Anonymity
Onion routing and tor: Fundamentals and AnonymityOnion routing and tor: Fundamentals and Anonymity
Onion routing and tor: Fundamentals and Anonymityanurag singh
 
Onion protocol
Onion protocolOnion protocol
Onion protocolAnshu Raj
 
TCP and UDP
TCP and UDP TCP and UDP
TCP and UDP Ramesh Giri
 
Arp spoofing
Arp spoofingArp spoofing
Arp spoofingLuthfi Widyanto
 
Network time protocol
Network time protocolNetwork time protocol
Network time protocolMohd Amir
 
Tor Presentation
Tor PresentationTor Presentation
Tor PresentationHassan Faraz
 
Nmap
NmapNmap
NmapFat-Thing Gabriel-Culley
 
Intrusion prevention system(ips)
Intrusion prevention system(ips)Intrusion prevention system(ips)
Intrusion prevention system(ips)Papun Papun
 

Empfohlen

Onion routing and tor: Fundamentals and Anonymity
Onion routing and tor: Fundamentals and AnonymityOnion routing and tor: Fundamentals and Anonymity
Onion routing and tor: Fundamentals and Anonymityanurag singh
 
Onion protocol
Onion protocolOnion protocol
Onion protocolAnshu Raj
 
TCP and UDP
TCP and UDP TCP and UDP
TCP and UDP Ramesh Giri
 
Arp spoofing
Arp spoofingArp spoofing
Arp spoofingLuthfi Widyanto
 
Network time protocol
Network time protocolNetwork time protocol
Network time protocolMohd Amir
 
Tor Presentation
Tor PresentationTor Presentation
Tor PresentationHassan Faraz
 
Nmap
NmapNmap
NmapFat-Thing Gabriel-Culley
 
Intrusion prevention system(ips)
Intrusion prevention system(ips)Intrusion prevention system(ips)
Intrusion prevention system(ips)Papun Papun
 
Burp suite
Burp suiteBurp suite
Burp suiteSOURABH DESHMUKH
 
Recon with Nmap
Recon with Nmap Recon with Nmap
Recon with Nmap OWASP Delhi
 
Dhcp ppt
Dhcp pptDhcp ppt
Dhcp pptHema Dhariwal
 
Ethical Hacking - sniffing
Ethical Hacking - sniffingEthical Hacking - sniffing
Ethical Hacking - sniffingBhavya Chawla
 
Tor: The Second Generation Onion Router
Tor: The Second Generation Onion RouterTor: The Second Generation Onion Router
Tor: The Second Generation Onion RouterMohammed Bharmal
 
Secure shell ppt
Secure shell pptSecure shell ppt
Secure shell pptsravya raju
 
network monitoring system ppt
network monitoring system pptnetwork monitoring system ppt
network monitoring system pptashutosh rai
 
Port scanning
Port scanningPort scanning
Port scanningHemanth Pasumarthi
 
Tor the onion router
Tor the onion routerTor the onion router
Tor the onion routern|u - The Open Security Community
 
Network traffic analysis course
Network traffic analysis courseNetwork traffic analysis course
Network traffic analysis courseTECHNOLOGY CONTROL CO.
 
Transport layer
Transport layer Transport layer
Transport layer Mukesh Chinta
 
Network Address Translation (NAT)
Network Address Translation (NAT)Network Address Translation (NAT)
Network Address Translation (NAT)Joud Khattab
 
VPN
VPNVPN
VPNShiraz316
 
Internet control message protocol
Internet control message protocolInternet control message protocol
Internet control message protocolasimnawaz54
 
OWASP Top 10 2021 Presentation (Jul 2022)
OWASP Top 10 2021 Presentation (Jul 2022)OWASP Top 10 2021 Presentation (Jul 2022)
OWASP Top 10 2021 Presentation (Jul 2022)TzahiArabov
 
Automated API pentesting using fuzzapi
Automated API pentesting using fuzzapiAutomated API pentesting using fuzzapi
Automated API pentesting using fuzzapiAbhijeth D
 
GraphQL Security
GraphQL SecurityGraphQL Security
GraphQL SecurityShiu-Fun Poon
 
Wireshark
WiresharkWireshark
WiresharkSourav Roy
 
Thick Client Testing Advanced
Thick Client Testing AdvancedThick Client Testing Advanced
Thick Client Testing AdvancedNSConclave
 
Authentication service security
Authentication service securityAuthentication service security
Authentication service securityG Prachi
 
Consent Receipts: The Future of Personal Data - Michele Nati - Lead Technolog...
Consent Receipts: The Future of Personal Data - Michele Nati - Lead Technolog...Consent Receipts: The Future of Personal Data - Michele Nati - Lead Technolog...
Consent Receipts: The Future of Personal Data - Michele Nati - Lead Technolog...MicheleNati
 
Personal Data & Trust Network - 11/3/15
Personal Data & Trust Network - 11/3/15Personal Data & Trust Network - 11/3/15
Personal Data & Trust Network - 11/3/15Digital Catapult
 

Weitere ähnliche Inhalte

Was ist angesagt?

Recon with Nmap
Recon with Nmap Recon with Nmap
Recon with Nmap OWASP Delhi
 
Ethical Hacking - sniffing
Ethical Hacking - sniffingEthical Hacking - sniffing
Ethical Hacking - sniffingBhavya Chawla
 
Tor: The Second Generation Onion Router
Tor: The Second Generation Onion RouterTor: The Second Generation Onion Router
Tor: The Second Generation Onion RouterMohammed Bharmal
 
Secure shell ppt
Secure shell pptSecure shell ppt
Secure shell pptsravya raju
 
network monitoring system ppt
network monitoring system pptnetwork monitoring system ppt
network monitoring system pptashutosh rai
 
Transport layer
Transport layer Transport layer
Transport layer Mukesh Chinta
 
Network Address Translation (NAT)
Network Address Translation (NAT)Network Address Translation (NAT)
Network Address Translation (NAT)Joud Khattab
 
Internet control message protocol
Internet control message protocolInternet control message protocol
Internet control message protocolasimnawaz54
 
OWASP Top 10 2021 Presentation (Jul 2022)
OWASP Top 10 2021 Presentation (Jul 2022)OWASP Top 10 2021 Presentation (Jul 2022)
OWASP Top 10 2021 Presentation (Jul 2022)TzahiArabov
 
Automated API pentesting using fuzzapi
Automated API pentesting using fuzzapiAutomated API pentesting using fuzzapi
Automated API pentesting using fuzzapiAbhijeth D
 
GraphQL Security
GraphQL SecurityGraphQL Security
GraphQL SecurityShiu-Fun Poon
 
Wireshark
WiresharkWireshark
WiresharkSourav Roy
 
Thick Client Testing Advanced
Thick Client Testing AdvancedThick Client Testing Advanced
Thick Client Testing AdvancedNSConclave
 
Authentication service security
Authentication service securityAuthentication service security
Authentication service securityG Prachi
 

Was ist angesagt? (20)

Burp suite
Burp suiteBurp suite
Burp suite
 
Recon with Nmap
Recon with Nmap Recon with Nmap
Recon with Nmap
 
Dhcp ppt
Dhcp pptDhcp ppt
Dhcp ppt
 
Ethical Hacking - sniffing
Ethical Hacking - sniffingEthical Hacking - sniffing
Ethical Hacking - sniffing
 
Tor: The Second Generation Onion Router
Tor: The Second Generation Onion RouterTor: The Second Generation Onion Router
Tor: The Second Generation Onion Router
 
Secure shell ppt
Secure shell pptSecure shell ppt
Secure shell ppt
 
network monitoring system ppt
network monitoring system pptnetwork monitoring system ppt
network monitoring system ppt
 
Port scanning
Port scanningPort scanning
Port scanning
 
Tor the onion router
Tor the onion routerTor the onion router
Tor the onion router
 
Network traffic analysis course
Network traffic analysis courseNetwork traffic analysis course
Network traffic analysis course
 
Transport layer
Transport layer Transport layer
Transport layer
 
Network Address Translation (NAT)
Network Address Translation (NAT)Network Address Translation (NAT)
Network Address Translation (NAT)
 
VPN
VPNVPN
VPN
 
Internet control message protocol
Internet control message protocolInternet control message protocol
Internet control message protocol
 
OWASP Top 10 2021 Presentation (Jul 2022)
OWASP Top 10 2021 Presentation (Jul 2022)OWASP Top 10 2021 Presentation (Jul 2022)
OWASP Top 10 2021 Presentation (Jul 2022)
 
Automated API pentesting using fuzzapi
Automated API pentesting using fuzzapiAutomated API pentesting using fuzzapi
Automated API pentesting using fuzzapi
 
GraphQL Security
GraphQL SecurityGraphQL Security
GraphQL Security
 
Wireshark
WiresharkWireshark
Wireshark
 
Thick Client Testing Advanced
Thick Client Testing AdvancedThick Client Testing Advanced
Thick Client Testing Advanced
 
Authentication service security
Authentication service securityAuthentication service security
Authentication service security
 

Andere mochten auch

Consent Receipts: The Future of Personal Data - Michele Nati - Lead Technolog...
Consent Receipts: The Future of Personal Data - Michele Nati - Lead Technolog...Consent Receipts: The Future of Personal Data - Michele Nati - Lead Technolog...
Consent Receipts: The Future of Personal Data - Michele Nati - Lead Technolog...MicheleNati
 
Personal Data & Trust Network - 11/3/15
Personal Data & Trust Network - 11/3/15Personal Data & Trust Network - 11/3/15
Personal Data & Trust Network - 11/3/15Digital Catapult
 
Personal data and blockchain: Opportunities and Challenges - Michele Nati - L...
Personal data and blockchain: Opportunities and Challenges - Michele Nati - L...Personal data and blockchain: Opportunities and Challenges - Michele Nati - L...
Personal data and blockchain: Opportunities and Challenges - Michele Nati - L...MicheleNati
 
Tor the onion router
Tor the onion routerTor the onion router
Tor the onion routerAshly Liza
 
How To Dice And Saute An Onion
How To Dice And Saute An OnionHow To Dice And Saute An Onion
How To Dice And Saute An Onions3232334
 
Anonymizing Networks
Anonymizing NetworksAnonymizing Networks
Anonymizing Networkspauldeng
 
Onion network architecture
Onion network architectureOnion network architecture
Onion network architecturemahdi ataeyan
 
Anonymous Connections And Onion Routing
Anonymous Connections And Onion RoutingAnonymous Connections And Onion Routing
Anonymous Connections And Onion RoutingAli Habeeb
 
Onion
OnionOnion
Oniondheva B
 
Ppt of routing protocols
Ppt of routing protocolsPpt of routing protocols
Ppt of routing protocolsBhagyashri Dhoke
 
Bitcoin and Blockchain Technology Explained: Not just Cryptocurrencies, Econo...
Bitcoin and Blockchain Technology Explained: Not just Cryptocurrencies, Econo...Bitcoin and Blockchain Technology Explained: Not just Cryptocurrencies, Econo...
Bitcoin and Blockchain Technology Explained: Not just Cryptocurrencies, Econo...Melanie Swan
 

Andere mochten auch (13)

Consent Receipts: The Future of Personal Data - Michele Nati - Lead Technolog...
Consent Receipts: The Future of Personal Data - Michele Nati - Lead Technolog...Consent Receipts: The Future of Personal Data - Michele Nati - Lead Technolog...
Consent Receipts: The Future of Personal Data - Michele Nati - Lead Technolog...
 
Personal Data & Trust Network - 11/3/15
Personal Data & Trust Network - 11/3/15Personal Data & Trust Network - 11/3/15
Personal Data & Trust Network - 11/3/15
 
Personal data and blockchain: Opportunities and Challenges - Michele Nati - L...
Personal data and blockchain: Opportunities and Challenges - Michele Nati - L...Personal data and blockchain: Opportunities and Challenges - Michele Nati - L...
Personal data and blockchain: Opportunities and Challenges - Michele Nati - L...
 
Tor the onion router
Tor the onion routerTor the onion router
Tor the onion router
 
ONION Routing - Jovial learning
ONION Routing - Jovial learningONION Routing - Jovial learning
ONION Routing - Jovial learning
 
How To Dice And Saute An Onion
How To Dice And Saute An OnionHow To Dice And Saute An Onion
How To Dice And Saute An Onion
 
Anonymizing Networks
Anonymizing NetworksAnonymizing Networks
Anonymizing Networks
 
Onion network architecture
Onion network architectureOnion network architecture
Onion network architecture
 
Anonymous Connections And Onion Routing
Anonymous Connections And Onion RoutingAnonymous Connections And Onion Routing
Anonymous Connections And Onion Routing
 
Tor
TorTor
Tor
 
Onion
OnionOnion
Onion
 
Ppt of routing protocols
Ppt of routing protocolsPpt of routing protocols
Ppt of routing protocols
 
Bitcoin and Blockchain Technology Explained: Not just Cryptocurrencies, Econo...
Bitcoin and Blockchain Technology Explained: Not just Cryptocurrencies, Econo...Bitcoin and Blockchain Technology Explained: Not just Cryptocurrencies, Econo...
Bitcoin and Blockchain Technology Explained: Not just Cryptocurrencies, Econo...
 

Ähnlich wie The Onion Routing (TOR)

Anonymous traffic network
Anonymous traffic networkAnonymous traffic network
Anonymous traffic networkApurv Singh Gautam
 
Anonymity in the web based on routing protocols
Anonymity in the web based on routing protocolsAnonymity in the web based on routing protocols
Anonymity in the web based on routing protocolsBiagio Botticelli
 
Onion Routing.ppt
Onion Routing.pptOnion Routing.ppt
Onion Routing.pptssuserb1ba95
 
Information security using onion routing(tor)
Information security using onion routing(tor)Information security using onion routing(tor)
Information security using onion routing(tor)Kaustubh Joshi
 
Introduction to Tor
Introduction to TorIntroduction to Tor
Introduction to TorJaskaran Narula
 
Introduction to anonymity network tor
Introduction to anonymity network torIntroduction to anonymity network tor
Introduction to anonymity network torKhaled Mosharraf
 
SECURE LOCATION BASED ROUTING FOR MANETS
SECURE LOCATION BASED ROUTING FOR MANETSSECURE LOCATION BASED ROUTING FOR MANETS
SECURE LOCATION BASED ROUTING FOR MANETSAnkur Singhal
 
Firewall and Types of firewall
Firewall and Types of firewallFirewall and Types of firewall
Firewall and Types of firewallCoder Tech
 
Black hole attack
Black hole attackBlack hole attack
Black hole attackRicha Kumari
 
Internet an how it works
Internet an how it worksInternet an how it works
Internet an how it worksshahnaz10
 
Transport Layer In Computer Network
Transport Layer In Computer NetworkTransport Layer In Computer Network
Transport Layer In Computer NetworkDestro Destro
 
Anon p2p slides
Anon p2p slidesAnon p2p slides
Anon p2p slideschintaan
 

Ähnlich wie The Onion Routing (TOR) (20)

TOR NETWORK
TOR NETWORKTOR NETWORK
TOR NETWORK
 
Anonymous traffic network
Anonymous traffic networkAnonymous traffic network
Anonymous traffic network
 
Anonymity in the web based on routing protocols
Anonymity in the web based on routing protocolsAnonymity in the web based on routing protocols
Anonymity in the web based on routing protocols
 
Tor
TorTor
Tor
 
tor
tortor
tor
 
Onion Routing.ppt
Onion Routing.pptOnion Routing.ppt
Onion Routing.ppt
 
Overlay networks
Overlay networksOverlay networks
Overlay networks
 
Information security using onion routing(tor)
Information security using onion routing(tor)Information security using onion routing(tor)
Information security using onion routing(tor)
 
Introduction to Tor
Introduction to TorIntroduction to Tor
Introduction to Tor
 
Introduction to anonymity network tor
Introduction to anonymity network torIntroduction to anonymity network tor
Introduction to anonymity network tor
 
Anonymity Network TOR
Anonymity Network TOR Anonymity Network TOR
Anonymity Network TOR
 
Tor
TorTor
Tor
 
Tor Network
Tor NetworkTor Network
Tor Network
 
SECURE LOCATION BASED ROUTING FOR MANETS
SECURE LOCATION BASED ROUTING FOR MANETSSECURE LOCATION BASED ROUTING FOR MANETS
SECURE LOCATION BASED ROUTING FOR MANETS
 
Firewall and Types of firewall
Firewall and Types of firewallFirewall and Types of firewall
Firewall and Types of firewall
 
Black hole attack
Black hole attackBlack hole attack
Black hole attack
 
Internet an how it works
Internet an how it worksInternet an how it works
Internet an how it works
 
Transport Layer In Computer Network
Transport Layer In Computer NetworkTransport Layer In Computer Network
Transport Layer In Computer Network
 
Anon p2p slides
Anon p2p slidesAnon p2p slides
Anon p2p slides
 
Tor
TorTor
Tor
 

KĂźrzlich hochgeladen

Challengers I Told Ya ShirtChallengers I Told Ya Shirt
Challengers I Told Ya ShirtChallengers I Told Ya ShirtChallengers I Told Ya ShirtChallengers I Told Ya Shirt
Challengers I Told Ya ShirtChallengers I Told Ya Shirtrahman018755
 
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls KolkataVIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkataanamikaraghav4
 
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
VIP Kolkata Call Girls Salt Lake 8250192130 Available With RoomVIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Roomgirls4nights
 
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...SofiyaSharma5
 
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607dollysharma2066
 
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts serviceChennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts servicesonalikaur4
 
AlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with FlowsAlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with FlowsThierry TROUIN ☁
 
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024APNIC
 
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine ServiceHot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Servicesexy call girls service in goa
 
Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort ServiceEnjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort ServiceDelhi Call girls
 
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip CallDelhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Callshivangimorya083
 
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...Diya Sharma
 
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.soniya singh
 
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call GirlVIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girladitipandeya
 
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...Sheetaleventcompany
 

KĂźrzlich hochgeladen (20)

Rohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No AdvanceRohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
 
Challengers I Told Ya ShirtChallengers I Told Ya Shirt
Challengers I Told Ya ShirtChallengers I Told Ya ShirtChallengers I Told Ya ShirtChallengers I Told Ya Shirt
Challengers I Told Ya ShirtChallengers I Told Ya Shirt
 
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls KolkataVIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
 
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
VIP Kolkata Call Girls Salt Lake 8250192130 Available With RoomVIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
 
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
 
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
 
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts serviceChennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts service
 
AlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with FlowsAlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with Flows
 
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
 
Call Girls In South Ex 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICE
Call Girls In South Ex 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICECall Girls In South Ex 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICE
Call Girls In South Ex 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICE
 
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine ServiceHot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
 
Rohini Sector 22 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 22 Call Girls Delhi 9999965857 @Sabina Saikh No AdvanceRohini Sector 22 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 22 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
 
Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝
 
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
 
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort ServiceEnjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
 
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip CallDelhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
 
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
 
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
 
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call GirlVIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
 
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
 

The Onion Routing (TOR)

  • 1. THE ONION ROUTING BY AMRIT KHANDELWAL REG NO.:1081120070
  • 2. ONION ROUTING OVERVIEW • Onion routing is a technique for anonymous communication over a computer network. Messages are repeatedly encrypted and then sent through several network nodes called onion routers. Like someone peeling an onion, each onion router removes a layer of encryption to uncover routing instructions, and sends the message to the next router where this is repeated. This prevents these intermediary nodes from knowing the origin, destination, and contents of the message. • Onion routing was developed by Michael G. Reed (formerly of Extreme Networks), Paul F. Syverson, and David M. Goldschlag, and patented by the United States Navy in US Patent No. 6266704 (1998). As of 2009, Tor is the predominant technology that employs onion routing.
  • 3. CAPABILITIES OF ONION ROUTING • The idea of onion routing (OR) is to protect the privacy of the sender and recipient of a message, while also providing protection for message content as it traverses a network. • Onion routing accomplishes this according to the principle of Chaum's mix cascades: messages travel from source to destination via a sequence of proxies ("onion routers"), which re-route messages in an unpredictable path. To prevent an adversary from eavesdropping on message content, messages are encrypted between routers. The advantage of onion routing (and mix cascades in general) is that it is not necessary to trust each cooperating router; if any router is compromised, anonymous communication can still be achieved. This is because each router in an OR network accepts messages, re-encrypts them, and transmits to another onion router. An attacker with the ability to monitor every onion router in a network might be able to trace the path of a message through the network, but an attacker with more limited capabilities will have difficulty even if he or she controls routers on the message's path. • Onion routing does not provide perfect sender or receiver anonymity against all possible eavesdroppers—that is, it is possible for a local eavesdropper to observe that an individual has sent or received a message. It does provide for a strong degree of unlinkability, the notion that an eavesdropper cannot easily determine both the sender and receiver of a given message. Even within these confines, onion routing does not provide any guarantee of privacy; rather, it provides a continuum in which the degree of privacy is generally a function of the number of participating routers versus the number of compromised or malicious routers.
  • 5. ROUTING ONIONS • A routing onion (or just onion) is a data structure formed by 'wrapping' a plaintext message with successive layers of encryption, such that each layer can be 'unwrapped' (decrypted) like the layer of an onion by one intermediary in a succession of intermediaries, with the original plaintext message only being viewable by at most: • the sender • the last intermediary (the exit node) • the recipient • If there is end-to-end encryption between the sender and the recipient, then not even the last intermediary can view the original message; this is similar to a game of 'pass the parcel'. An intermediary is traditionally called a node or router.
  • 7. CIRCUIT ESTABLISHMENT • The originator picks nodes from a list provided by a special node called the directory node (traffic between the originator and the directory node may also be encrypted or otherwise anonymised or decentralised); the chosen nodes are ordered to provide a path through which the message may be transmitted; this ordering of the nodes is called a chain or a circuit. No node within the circuit, except for the exit node, can infer where in the chain it is located, and no node can tell whether the node before it is the originator or how many nodes are in the circuit. • Using asymmetric key cryptography, the originator uses the public key (obtained from the directory) of the first node in the circuit, known as the entry node, to send it an encrypted message, called a create cell, containing: • A circuit ID. The circuit ID is random and different for each connection in the chain. • A request for the receiving node (i.e. the entry node in this case) to establish a circuit with the originator. • The originator's half of a Diffie-Hellman handshake (to establish a shared secret). • The entry node, which just received one half of the handshake, replies to the originator, in unencrypted plaintext: • The entry node's half of the Diffie-Hellman handshake. • A hash of the shared secret, so that the originator can verify that he/she and the entry node share the same secret. • Now the entry node and originator use their shared secret for encrypting all their correspondence in symmetric encryption (this is significantly more efficient than using asymmetric encryption). The shared secret is referred to as a session key.
  • 8. • A relay cell, as opposed to a command cell like the create cell used in the first step, is not interpreted by the receiving node, but relayed to another node. Using the already established encrypted link, the originator sends the entry node a relay extend cell, which is like any relay cell, only that it contains a create cell intended for the next node (known as the relay node) in the chain, encrypted using the relay node's public key and relayed to it by the entry node, containing the following: • A circuit ID. Once again, it is arbitrary, and is not necessarily the same for this connection as it is for the previous. • A request from the entry node to the relay node to establish a circuit. • The originator's half of a Diffie-Hellman handshake. Once again, the new node cannot tell whether this handshake originated from the first node or the originator, it is irrelevant for operating the chain. • The relay node, similar to the first step, replies with its half of the handshake in plain text along with a hash of the shared secret. • As the entry node - relay node circuit has been established, the entry node replies to the originator with a relay extended cell, telling it that the chain has been extended, and containing the hash of the shared secret along with the relay node's half of the handshake. The originator and the relay node now share a secret key. • To extend the chain further, the originator sends the entry node a relay cell which contains a relay cell that only the relay node can decrypt, instructing the relay node to extend the chain further. The process can be repeated as above to as many nodes as possible. In Tor, for example, chains are limited to 3 nodes: the entry node, the relay node, and the exit node.
  • 9. DATA STRUCTURE : SENDING DATA •{RELAY C1: • [RELAY C2: • (Send HTTP request to IP-of-webpage)]} Where curly brackets indicate content encrypted with the entry node's shared key, square brackets content encrypted with the relay node's key, and regular brackets content encrypted with the exit node's key. Upon receiving the cell, the entry node only sees the following: • RELAY C1: • ENCRYPTED CONTENT The entry node knows that relay requests for circuit ID 1 (C1) should be relayed to circuit ID 2 (C2), since it received a request from the originator to extend the circuit earlier. For this reason, there is no need for the originator to know the circuit IDs, it is enough for it to tell the entry node which circuit it refers to. The entry node takes the payload and sends a relay cell to the relay node. Upon receiving the relayed cell from the entry node, the relay node sees the following: • RELAY C2: ENCRYPTED CONTENT The relay node follows the same protocol as the entry node and relays the payload to the exit node. The exit node sees this: •RELAY C3: Send HTTP request to IP-of-webpage The exit node proceeds to sending an HTTP request to the website.
  • 10. TOR
  • 11. TOR : INCEPTION • Tor was originally designed, implemented, and deployed as a third-generation onion routing project of the U.S. Naval Research Laboratory. It was originally developed with the U.S. Navy in mind, for the primary purpose of protecting government communications. Today, it is used every day for a wide variety of purposes by normal people, the military, journalists, law enforcement officers, activists, and many others.
  • 12. TOR: OVERVIEW • Tor (originally short for The Onion Router) is free software for enabling online anonymity. Tor directs Internet traffic through a free, worldwide volunteer network consisting of more than three thousand relays to conceal a user's location or usage from anyone conducting network surveillance or traffic analysis. Using Tor makes it more difficult to trace Internet activity, including "visits to Web sites, online posts, instant messages and other communication forms", back to the user and is intended to protect users' personal privacy, freedom, and ability to conduct confidential business by keeping their internet activities from being monitored. • "Onion Routing" refers to the layers of the encryption used. The original data, including its destination, are encrypted and re-encrypted multiple times, and sent through a virtual circuit comprising successive, randomly selected Tor relays. Each relay decrypts a "layer" of encryption to reveal only the next relay in the circuit in order to pass the remaining encrypted data on to it. The final relay decrypts the last layer of encryption and sends the original data, without revealing or even knowing its sender, to the destination. This method reduces the chance of the original data being understood in transit and, more notably, conceals the routing of it. • As the 2013 anonymity-stripping attacks on Freedom Hosting users demonstrated, it is often possible to attack Tor users indirectly, e.g., via vulnerabilities in servers and web browsers.
  • 13. TOPIC OF DISCUSSION •HIDDEN SERVICES •STAYING ANONYMUS •THE FUTURE OF TOR
  • 14. HIDDEN SERVICES • Tor also makes it possible for users to hide their locations while offering various kinds of services, such as web publishing or an instant messaging server. Using Tor "rendezvous points," other Tor users can connect to these hidden services, each without knowing the other's network identity. This hidden service functionality could allow Tor users to set up a website where people publish material without worrying about censorship. Nobody would be able to determine who was offering the site, and nobody who offered the site would know who was posting to it. Learn more about configuring hidden services and how the hidden service protocol works.
  • 15. STAYING ANONYMOUS • Tor can't solve all anonymity problems. It focuses only on protecting the transport of data. You need to use protocol-specific support software if you don't want the sites you visit to see your identifying information. For example, you can use Torbutton while browsing the web to withhold some information about your computer's configuration. • Also, to protect your anonymity, be smart. Don't provide your name or other revealing information in web forms. Be aware that, like all anonymizing networks that are fast enough for web browsing, Tor does not provide protection against end-to-end timing attacks: If your attacker can watch the traffic coming out of your computer, and also the traffic arriving at your chosen destination, he can use statistical analysis to discover that they are part of the same circuit.
  • 16. THE FUTURE OF TOR • Providing a usable anonymizing network on the Internet today is an ongoing challenge. We want software that meets users' needs. We also want to keep the network up and running in a way that handles as many users as possible. Security and usability don't have to be at odds: As Tor's usability increases, it will attract more users, which will increase the possible sources and destinations of each communication, thus increasing security for everyone. We're making progress, but we need your help. Please consider running a relay or volunteering as a developer. • Ongoing trends in law, policy, and technology threaten anonymity as never before, undermining our ability to speak and read freely online. These trends also undermine national security and critical infrastructure by making communication among individuals, organizations, corporations, and governments more vulnerable to analysis. Each new user and relay provides additional diversity, enhancing Tor's ability to put control over your security and privacy back into your hands.
  • 17. USERS OF TORS • NORMAL PEOPLE • MILITARY SERVICES • NGO’s AND WHISTLEBLOWERS • BLOGGERS • LAW ENFORCEMENT OFFICERS • JOURNALISTS AND THEIR AUDIENCE • IT PROFESSIONALS
  • 19. TOR BUTTON Torbutton is integrated into Tor Browser. Torbutton disables many types of active content and threats to your privacy when using a web browser.
  • 20. TOR BROWSER BUNDLE The Tor Browser Bundle contains everything you need to safely browse the Internet. This package requires no installation. Just extract it and run.
  • 21. VIDALIA Vidalia is a graphical Tor controller. It allows you to see where your connections are in the world and configure Tor without getting into configuration files and code.
  • 22. ORBOT In collaboration with The Guardian Project, we're developing Tor on the Google Android mobile operating system. A related application is Orlib; a library for use by any Android application to route Internet traffic through Orbot/Tor.
  • 23. TORCLOUD The Tor Cloud project gives you a user-friendly way of deploying bridges to help users access an uncensored Internet via the Amazon EC2 cloud. By setting up a bridge, you donate bandwidth to the Tor network and help improve the safety and speed at which users can access the Internet. Get started with Tor Cloud.
  • 24. OBFSPROXY Obfsproxy is a pluggable transports proxy written in C. It shapes Tor traffic, making it harder for censors to detect and block the Tor protocol.
  • 25. SHADOW Shadow is a discrete-event network simulator that runs the real Tor software as a plug-in. Shadow is open-source software that enables accurate, efficient, controlled, and repeatable Tor experimenentation.
  • 26. TOR2WEB Tor2web allows Internet users to browse websites running in Tor hidden services. It trades user anonymity for usability by allowing anonymous content to be distributed to non-anonymous users.