Successfully reported this slideshow.

Tor the onion router

5,860 views

Published on

Published in: Technology
  • Be the first to comment

Tor the onion router

  1. 1. Tor – The Onion Router Presented By Ashly Liza Philip S5 MCA Roll No. 06 MACE
  2. 2. Privacy in public networks  Internet is designed as a public network.  Routing information is public.  Encryption does not hide identities.  Prone to „traffic analysis‟
  3. 3. Contd.. Internet data packet Header Data payload Source, Whatever being sent destination, time Encryption can‟t Hidden by hide encryption
  4. 4. What is Anonymity?  State of being not identifiable within a set of subjects.  Unlink-ability of action and identity  Unobserve-ability (hard to achieve)
  5. 5. Applications of Anonymity Privacy Untraceable electronic mail Law enforcement and intelligence Anonymous electronic voting Censorship-resistant publishing
  6. 6. Anonymous networks PipeNet Garlic Routing Onion Routing Anonymizer Crowds Java Anon Proxy
  7. 7. Onion Routing  By David Goldschlag, Michael Reed, Paul Syverson  ONION; special data structure.  Uses public key cryptography  Hides source and destination  Anonymize TCP-based applications  Protects anonymity of a user over network  Resistant to eavesdropping and traffic analysis
  8. 8. Working of Onion Routing Uses an Onion Proxy Routes data randomly A router knows only its predecessor and successor No correspondence between data layers Different onion at each hop
  9. 9. R R4 R R R3 R1 R R Alice R2 R Bob Sender chooses a random sequence of routers -Some routers are honest, some controlled by attacker -Sender controls the length of the path slide 9
  10. 10. Decrypting an Onion
  11. 11. Contd..
  12. 12. Tor – Implementation of Onion Routing  TOR stands for „The Onion Router.‟  Second generation onion router.  Low-latency anonymous network  By Paul Syverson, Nick Mathewson, Roger Dingledine in 2004  Maintained by Free Haven Project  Hundreds of nodes on all continents
  13. 13. Contd..  “Easy-to-use” client proxy  Freely available  Supports only TCP  Uses SOCKS interface  No observer can tell where data comes from/going
  14. 14. Advancements over Onion Routing Perfect forward secrecy Variable exit policies Directory servers Leaky-pipe circuit topology End-to-end integrity checking SOCKS interface
  15. 15. How Tor works? Same as Onion Routing Uses Diffie-Hellman key exchange Distributes data over several places Takes random pathway Used with Privoxy
  16. 16. Tor Circuit Each circuit shared by multiple TCP streams Circuit created preemptively Can recover from failure
  17. 17. Circuit setup Built from entry point one step at a time Circuit ID is chosen randomly Diffie-Hellman process initiated Negotiate a symmetric session key Circuit extension and Relay packet
  18. 18. Tor Circuit setup(1) Client proxy establish a symmetric session key and circuit with Onion Router #1
  19. 19. Tor Circuit setup(2) Circuit extension
  20. 20. Tor Circuit setup(3) Client proxy extends the circuit by establishing a symmetric session key with Onion Router #3
  21. 21. Using circuit
  22. 22. Cells in Tor Cell (512bytes) Header Payload CircID Data Command
  23. 23. Contd.. Based on commands in cells:- Control cells Relay cells Cells
  24. 24. Commands in cells Control cells Relay Cells • -padding • - relay data • -create/created • -relay begin • -destroy • -relay end • -relay connected • -relay teardown • -relay connected • -relay extend/extended • -relay truncate/truncated
  25. 25. E.g. Fetching a webpage
  26. 26. Congestion controlOR keeps track of PACKAGE WINDOW &DELIVERY WINDOW • Window initialized to 1000cells • Decremented accordingly Circuit throttling • Forward nothing on reaching 0 • Window initialized to 500cells • Use relay sendme cells Stream throttling • Incremented on receiving relay sendme
  27. 27. Hidden services Allow location hidden services Both end-points remain anonymous Both parties connect via a third party, the rendezvous point Introduction points act as contact points Server can be operated from inside a firewall
  28. 28. Creating and connecting to aLocation hidden service
  29. 29. Attacks on Tor Passive attacks Active attacks Attacks against Rendezvous points Directory attacks
  30. 30. Users of Tor Law Militaries enforcement Bloggers officers Journalists High profile Activists and audience people NGO‟s
  31. 31. Weaknesses End-to-end Slow network Illegal use correlation
  32. 32. Real world deployment The Tor download page.
  33. 33. The Tor/Privoxy installer.Tor in the Windows system tray.
  34. 34. Setting up a proxy for Internet ExplorerThe Tor detector
  35. 35. Future enhancements Usability and Integration Scalability Caching at exit nodes
  36. 36. Conclusion Tor becomes most widely used anonymous network with its speed Tor supports mutual anonymity with the help of Rendezvous Point Tor resists local adversary effectively Tor anonymizes TCP streams, providing a high- throughput and low-latency network compared to the onion routing

×