2. ONION ROUTING OVERVIEW
⢠Onion routing is a technique for anonymous communication over a computer network. Messages are
repeatedly encrypted and then sent through several network nodes called onion routers. Like someone
peeling an onion, each onion router removes a layer of encryption to uncover routing instructions, and
sends the message to the next router where this is repeated. This prevents these intermediary nodes
from knowing the origin, destination, and contents of the message.
⢠Onion routing was developed by Michael G. Reed (formerly of Extreme Networks), Paul F. Syverson, and
David M. Goldschlag, and patented by the United States Navy in US Patent No. 6266704 (1998). As of
2009, Tor is the predominant technology that employs onion routing.
3. CAPABILITIES OF ONION ROUTING
⢠The idea of onion routing (OR) is to protect the privacy of the sender and recipient of a message, while
also providing protection for message content as it traverses a network.
⢠Onion routing accomplishes this according to the principle of Chaum's mix cascades: messages travel
from source to destination via a sequence of proxies ("onion routers"), which re-route messages in an
unpredictable path. To prevent an adversary from eavesdropping on message content, messages are
encrypted between routers. The advantage of onion routing (and mix cascades in general) is that it is
not necessary to trust each cooperating router; if any router is compromised, anonymous
communication can still be achieved. This is because each router in an OR network accepts messages,
re-encrypts them, and transmits to another onion router. An attacker with the ability to monitor every
onion router in a network might be able to trace the path of a message through the network, but an
attacker with more limited capabilities will have difficulty even if he or she controls routers on the
message's path.
⢠Onion routing does not provide perfect sender or receiver anonymity against all
possible eavesdroppersâthat is, it is possible for a local eavesdropper to observe that an individual has
sent or received a message. It does provide for a strong degree of unlinkability, the notion that an
eavesdropper cannot easily determine both the sender and receiver of a given message. Even within
these confines, onion routing does not provide any guarantee of privacy; rather, it provides a continuum
in which the degree of privacy is generally a function of the number of participating routers versus the
number of compromised or malicious routers.
5. ROUTING ONIONS
⢠A routing onion (or just onion) is a data structure formed by 'wrapping' a plaintext message with
successive layers of encryption, such that each layer can be 'unwrapped' (decrypted) like the layer of an
onion by one intermediary in a succession of intermediaries, with the original plaintext message only
being viewable by at most:
⢠the sender
⢠the last intermediary (the exit node)
⢠the recipient
⢠If there is end-to-end encryption between the sender and the recipient, then not even the last
intermediary can view the original message; this is similar to a game of 'pass the parcel'. An
intermediary is traditionally called a node or router.
7. CIRCUIT ESTABLISHMENT
⢠The originator picks nodes from a list provided by a special node called the directory node (traffic between the
originator and the directory node may also be encrypted or otherwise anonymised or decentralised); the chosen
nodes are ordered to provide a path through which the message may be transmitted; this ordering of the nodes is
called a chain or a circuit. No node within the circuit, except for the exit node, can infer where in the chain it is
located, and no node can tell whether the node before it is the originator or how many nodes are in the circuit.
⢠Using asymmetric key cryptography, the originator uses the public key (obtained from the directory) of the first node
in the circuit, known as the entry node, to send it an encrypted message, called a create cell, containing:
⢠A circuit ID. The circuit ID is random and different for each connection in the chain.
⢠A request for the receiving node (i.e. the entry node in this case) to establish a circuit with the originator.
⢠The originator's half of a Diffie-Hellman handshake (to establish a shared secret).
⢠The entry node, which just received one half of the handshake, replies to the originator, in unencrypted plaintext:
⢠The entry node's half of the Diffie-Hellman handshake.
⢠A hash of the shared secret, so that the originator can verify that he/she and the entry node share the same
secret.
⢠Now the entry node and originator use their shared secret for encrypting all their correspondence in symmetric
encryption (this is significantly more efficient than using asymmetric encryption). The shared secret is referred to as
a session key.
8. ⢠A relay cell, as opposed to a command cell like the create cell used in the first step, is not interpreted by
the receiving node, but relayed to another node. Using the already established encrypted link, the
originator sends the entry node a relay extend cell, which is like any relay cell, only that it contains a
create cell intended for the next node (known as the relay node) in the chain, encrypted using the relay
node's public key and relayed to it by the entry node, containing the following:
⢠A circuit ID. Once again, it is arbitrary, and is not necessarily the same for this connection as it is for the
previous.
⢠A request from the entry node to the relay node to establish a circuit.
⢠The originator's half of a Diffie-Hellman handshake. Once again, the new node cannot tell whether this
handshake originated from the first node or the originator, it is irrelevant for operating the chain.
⢠The relay node, similar to the first step, replies with its half of the handshake in plain text along with a
hash of the shared secret.
⢠As the entry node - relay node circuit has been established, the entry node replies to the originator with
a relay extended cell, telling it that the chain has been extended, and containing the hash of the shared
secret along with the relay node's half of the handshake. The originator and the relay node now share a
secret key.
⢠To extend the chain further, the originator sends the entry node a relay cell which contains a relay cell
that only the relay node can decrypt, instructing the relay node to extend the chain further. The process
can be repeated as above to as many nodes as possible. In Tor, for example, chains are limited to 3
nodes: the entry node, the relay node, and the exit node.
9. DATA STRUCTURE : SENDING DATA
â˘{RELAY C1:
⢠[RELAY C2:
⢠(Send HTTP request to IP-of-webpage)]}
Where curly brackets indicate content encrypted with the entry node's shared key, square brackets content encrypted with the relay
node's key, and regular brackets content encrypted with the exit node's key.
Upon receiving the cell, the entry node only sees the following:
⢠RELAY C1:
⢠ENCRYPTED CONTENT
The entry node knows that relay requests for circuit ID 1 (C1) should be relayed to circuit ID 2 (C2), since it received a request from the
originator to extend the circuit earlier. For this reason, there is no need for the originator to know the circuit IDs, it is enough for it to tell the
entry node which circuit it refers to. The entry node takes the payload and sends a relay cell to the relay node.
Upon receiving the relayed cell from the entry node, the relay node sees the following:
⢠RELAY C2:
ENCRYPTED CONTENT
The relay node follows the same protocol as the entry node and relays the payload to the exit node. The exit node sees this:
â˘RELAY C3:
Send HTTP request to IP-of-webpage
The exit node proceeds to sending an HTTP request to the website.
11. TOR : INCEPTION
⢠Tor was originally designed, implemented, and deployed as a third-generation
onion routing project of the U.S. Naval Research
Laboratory. It was originally developed with the U.S. Navy in mind,
for the primary purpose of protecting government
communications. Today, it is used every day for a wide variety of
purposes by normal people, the military, journalists, law
enforcement officers, activists, and many others.
12. TOR: OVERVIEW
⢠Tor (originally short for The Onion Router) is free software for enabling online anonymity. Tor directs Internet
traffic through a free, worldwide volunteer network consisting of more than three thousand relays to conceal a
user's location or usage from anyone conducting network surveillance or traffic analysis. Using Tor makes it
more difficult to trace Internet activity, including "visits to Web sites, online posts, instant messages and other
communication forms", back to the user and is intended to protect users' personal privacy, freedom, and ability
to conduct confidential business by keeping their internet activities from being monitored.
⢠"Onion Routing" refers to the layers of the encryption used. The original data, including its destination, are
encrypted and re-encrypted multiple times, and sent through a virtual circuit comprising successive, randomly
selected Tor relays. Each relay decrypts a "layer" of encryption to reveal only the next relay in the circuit in order
to pass the remaining encrypted data on to it. The final relay decrypts the last layer of encryption and sends the
original data, without revealing or even knowing its sender, to the destination. This method reduces the chance
of the original data being understood in transit and, more notably, conceals the routing of it.
⢠As the 2013 anonymity-stripping attacks on Freedom Hosting users demonstrated, it is often possible to attack
Tor users indirectly, e.g., via vulnerabilities in servers and web browsers.
13. TOPIC OF DISCUSSION
â˘HIDDEN SERVICES
â˘STAYING ANONYMUS
â˘THE FUTURE OF TOR
14. HIDDEN SERVICES
⢠Tor also makes it possible for users to hide their locations while
offering various kinds of services, such as web publishing or an
instant messaging server. Using Tor "rendezvous points," other Tor
users can connect to these hidden services, each without knowing
the other's network identity. This hidden service functionality
could allow Tor users to set up a website where people publish
material without worrying about censorship. Nobody would be
able to determine who was offering the site, and nobody who
offered the site would know who was posting to it. Learn more
about configuring hidden services and how the hidden service
protocol works.
15. STAYING ANONYMOUS
⢠Tor can't solve all anonymity problems. It focuses only on protecting the
transport of data. You need to use protocol-specific support software if you
don't want the sites you visit to see your identifying information. For example,
you can use Torbutton while browsing the web to withhold some information
about your computer's configuration.
⢠Also, to protect your anonymity, be smart. Don't provide your name or other
revealing information in web forms. Be aware that, like all anonymizing
networks that are fast enough for web browsing, Tor does not provide
protection against end-to-end timing attacks: If your attacker can watch the
traffic coming out of your computer, and also the traffic arriving at your
chosen destination, he can use statistical analysis to discover that they are
part of the same circuit.
16. THE FUTURE OF TOR
⢠Providing a usable anonymizing network on the Internet today is an ongoing
challenge. We want software that meets users' needs. We also want to keep the
network up and running in a way that handles as many users as possible. Security
and usability don't have to be at odds: As Tor's usability increases, it will attract
more users, which will increase the possible sources and destinations of each
communication, thus increasing security for everyone. We're making progress,
but we need your help. Please consider running a relay or volunteering as
a developer.
⢠Ongoing trends in law, policy, and technology threaten anonymity as never
before, undermining our ability to speak and read freely online. These trends also
undermine national security and critical infrastructure by making communication
among individuals, organizations, corporations, and governments more
vulnerable to analysis. Each new user and relay provides additional diversity,
enhancing Tor's ability to put control over your security and privacy back into
your hands.
17. USERS OF TORS
⢠NORMAL PEOPLE
⢠MILITARY SERVICES
⢠NGOâs AND WHISTLEBLOWERS
⢠BLOGGERS
⢠LAW ENFORCEMENT OFFICERS
⢠JOURNALISTS AND THEIR AUDIENCE
⢠IT PROFESSIONALS
19. TOR BUTTON
Torbutton is integrated into Tor
Browser. Torbutton disables many
types of active content and threats
to your privacy when using a web
browser.
20. TOR BROWSER
BUNDLE
The Tor Browser Bundle
contains everything you
need to safely browse
the Internet. This
package requires no
installation. Just extract
it and run.
21. VIDALIA
Vidalia is a graphical Tor
controller. It allows you
to see where your
connections are in the
world and configure Tor
without getting into
configuration files and
code.
22. ORBOT
In collaboration with The
Guardian Project, we're
developing Tor on the Google
Android mobile operating system.
A related application is Orlib; a
library for use by any Android
application to route Internet
traffic through Orbot/Tor.
23. TORCLOUD
The Tor Cloud project gives you a
user-friendly way of deploying
bridges to help users access an
uncensored Internet via the
Amazon EC2 cloud. By setting up
a bridge, you donate bandwidth
to the Tor network and help
improve the safety and speed at
which users can access the
Internet. Get started with Tor
Cloud.
24. OBFSPROXY
Obfsproxy is a pluggable
transports proxy
written in C. It shapes
Tor traffic, making it
harder for censors to
detect and block the Tor
protocol.
25. SHADOW
Shadow is a discrete-event
network simulator that runs
the real Tor software as a
plug-in. Shadow is open-source
software that
enables accurate, efficient,
controlled, and repeatable
Tor experimenentation.
26. TOR2WEB
Tor2web allows Internet
users to browse websites
running in Tor hidden
services. It trades user
anonymity for usability by
allowing anonymous
content to be distributed to
non-anonymous users.