OB
Uploaded byOnkar Badiger
PPTX, PDF1,474 views

How TOR works?

The document provides an overview of how the Tor network functions, including its design and components like relays, encryption, and bridges. It discusses the importance of using Tor for maintaining anonymity online and the potential vulnerabilities to the network from compromised ISPs or relays. Additional resources and tools for using Tor and enhancing security are also mentioned.

Technology
Related topics:
Information Security

Embed presentation

Downloaded 119 times
The Onion Router How Works? BMS College of Engineering, Bangalore By :- ONKAR BADIGER
Overview How TOR works? • Why use TOR? • Places of attack • Anonymity network(TOR design) • Chain of relays • Encryption • Bridges • Extensions • https everywhere • Tor button • Noscript
Why use TOR? • Compromised ISP • Monitoring ISP • Monitored website • Monitored network • Filtered website(blocked)
ISP Destination (website) This is how we connect to internet
ISP Destination (website) Anonymity network Anonymity network must be between ISP and our destination
ISP Destination (website) Anonymity network Places of attack Compromised ISP(untrusted ISP) Monitored ISP
ISP Destination (website) Anonymity network Places of attack Control parts of anonymity network may attack
ISP Destination (website) Anonymity network Places of attack Website is monitoring to advertise, collect data etc.
Anonymity network Proxy? VPN? RELAY
Anonymity network Proxy? VPN? RELAY TRUST ? A T T A C K E R A T T A C K E R
RELAY 1 RELAY 2 RELAY 3 ISP TOR network
Can we trust relays?
RELAY 1 RELAY 2 RELAY 3 ISP TOR network What if entry/guard relay is corrupt?
RELAY 1 RELAY 2 RELAY 3 ISP TOR network What if exit relay is corrupt?
RELAY 1 RELAY 2 RELAY 3 ISP TOR network What if both entry & exit relay are corrupt?
Solution? RELAY 1 RELAY 5 RELAY 2 RELAY 4 RELAY 3 ISP TOR network RELAY 7 RELAY 6 RELAY 8
RELAY 1 RELAY 5 RELAY 2 RELAY 4 RELAY 3 ISP TOR network KEY KEY KEY Solution? ENCRYPTION
RELAY 1 RELAY 5 RELAY 2 RELAY 4 RELAY 3 ISP TOR network KEY KEY KEY unencrypted
https everywhere RELAY 1 RELAY 5 RELAY 2 RELAY 4 RELAY 3 IS P TOR networkKE Y KE Y KE Y unencrypte d
How TOR manages relaying?
Tor button
Tor button
New tor circuit
Tor button is not all about relaying!
Tor button Not just relaying! Security
Tor button Not just relaying! Security
Bridges ? • Entry relays • Not listed in main TOR directory
Why use Bridges ? • ISP blocks TOR • You don’t want ISP to know that you are using TOR
Types of Bridges ? Preconfigured bridge Custom bridge
Tor button Not just relaying! Network settings
Tor button Not just relaying! Network settings https://bridges.torproject.org/ bridges@torproject.org
No script Blocks JavaScript Blocks java Blacks flash Blocks other plugins Protects against clickjacking
How TOR works? • Why use TOR? • Places of attack • Anonymity network(TOR design) • Chain of relays • Encryption • Bridges • Extensions • https everywhere • Tor button • Noscript
Check these out… • How to setup tor relay? • How to setup non exit tor relay? • ORBOT (TOR for android) • TAILS (live OS routed through TOR) • Pluggable transports(fakes innocent traffic) • Unblock TOR in college!
The Onion Router Source : https://www.torproject.org/docs/documentation.html.en ONKAR BADIGER

More Related Content

PPTX
Tor browser
byAkshit Arora
 
PDF
Introduction to Tor
byJaskaran Narula
 
PPTX
Introduction to anonymity network tor
byKhaled Mosharraf
 
PPTX
The Deep Web, TOR Network and Internet Anonymity
byAbhimanyu Singh
 
PPTX
TOR NETWORK
byRishikese MR
 
PPTX
The Dark Web
bySuraj Jaundoo
 
PPTX
Tor the onion router
byn|u - The Open Security Community
 
PPTX
Dark web
bySafwan Hashmi
 
Tor browser
byAkshit Arora
 
Introduction to Tor
byJaskaran Narula
 
Introduction to anonymity network tor
byKhaled Mosharraf
 
The Deep Web, TOR Network and Internet Anonymity
byAbhimanyu Singh
 
TOR NETWORK
byRishikese MR
 
The Dark Web
bySuraj Jaundoo
 
Tor the onion router
byn|u - The Open Security Community
 
Dark web
bySafwan Hashmi
 

What's hot

PPTX
Tor Network
byMuhammad Jabir A C K
 
PPT
Tor Presentation
byHassan Faraz
 
PPTX
Deep web and Dark web
byParvez Hossain
 
PPTX
Dark web
byNikki Noveno
 
PPTX
Dark net
byMudasser Afzal
 
PPTX
The dark web
byhellboytonmoy
 
PPTX
Guide to dark web
byJspider - Noida
 
PPTX
Deception technology for advanced detection
byJisc
 
PPTX
Deep web
byANKIT OJHA
 
PPTX
DDoS 101: Attack Types and Mitigation
byCloudflare
 
PPTX
The Dark Web
byJan Siy
 
ODP
The Deep and Dark Web
bySwecha | స్వేచ్ఛ
 
PPTX
Dark wed
byAraVind Pillai
 
PPT
Ip4 vs ip6
byMani Singh
 
DOCX
Ports and protocols
byKailash Kumar
 
PPTX
Tor the onion router
byAshly Liza
 
PPT
Collision & broadcast domain
byNetProtocol Xpert
 
PPTX
Networking
byAkash Varaiya
 
PPTX
Deep web
byRawin Windygallery
 
PDF
From OSINT to Phishing presentation
byJesse Ratcliffe, OSCP
 
Tor Network
byMuhammad Jabir A C K
 
Tor Presentation
byHassan Faraz
 
Deep web and Dark web
byParvez Hossain
 
Dark web
byNikki Noveno
 
Dark net
byMudasser Afzal
 
The dark web
byhellboytonmoy
 
Guide to dark web
byJspider - Noida
 
Deception technology for advanced detection
byJisc
 
Deep web
byANKIT OJHA
 
DDoS 101: Attack Types and Mitigation
byCloudflare
 
The Dark Web
byJan Siy
 
The Deep and Dark Web
bySwecha | స్వేచ్ఛ
 
Dark wed
byAraVind Pillai
 
Ip4 vs ip6
byMani Singh
 
Ports and protocols
byKailash Kumar
 
Tor the onion router
byAshly Liza
 
Collision & broadcast domain
byNetProtocol Xpert
 
Networking
byAkash Varaiya
 
Deep web
byRawin Windygallery
 
From OSINT to Phishing presentation
byJesse Ratcliffe, OSCP
 

Viewers also liked

PPTX
Onion routing and tor: Fundamentals and Anonymity
byanurag singh
 
PPTX
Tor: The Second Generation Onion Router
byMohammed Bharmal
 
PDF
TOR... ALL THE THINGS
byCrowdStrike
 
PDF
Onion network architecture
bymahdi ataeyan
 
PPTX
Dependency Injection або Don’t call me, I’ll call you
byDmytro Mindra
 
PPTX
Tor
byantitree
 
PDF
Advanced penetration testing - Amarendra Godbole
byIndicThreads
 
PDF
Collaboration, Big Data and the search for the Higgs Boson
bySuma Pria Tunggal
 
PPT
Hacking Tor ( How does Tor work ?)
bySaprative Jana
 
PPTX
Tor Pivoting Networks Share
byRicardo Robles, M.Eng.
 
PPTX
Easiest way to start with Shell scripting
byAkshay Siwal
 
PPTX
Anti tree firesheep
byantitree
 
PPTX
Onion architecture
byVidyasagar Machupalli
 
PPT
Anonymous Connections And Onion Routing
byAli Habeeb
 
PPTX
Tor network seminar by 13504
byPrashant Rana
 
PDF
Vodafone beta factory - GEC 2015
byMarcello Viti
 
PPTX
I2P (Invisible Internet Project)
byShail Shah
 
PPTX
Onion Architecture with S#arp
byGary Pedretti
 
PDF
TDC 2016 - Desvendando o Onion Architecture
byWildtech
 
PPTX
Secure Shell - a Presentation on Ethical Hacking
byNitish Kasar
 
Onion routing and tor: Fundamentals and Anonymity
byanurag singh
 
Tor: The Second Generation Onion Router
byMohammed Bharmal
 
TOR... ALL THE THINGS
byCrowdStrike
 
Onion network architecture
bymahdi ataeyan
 
Dependency Injection або Don’t call me, I’ll call you
byDmytro Mindra
 
Tor
byantitree
 
Advanced penetration testing - Amarendra Godbole
byIndicThreads
 
Collaboration, Big Data and the search for the Higgs Boson
bySuma Pria Tunggal
 
Hacking Tor ( How does Tor work ?)
bySaprative Jana
 
Tor Pivoting Networks Share
byRicardo Robles, M.Eng.
 
Easiest way to start with Shell scripting
byAkshay Siwal
 
Anti tree firesheep
byantitree
 
Onion architecture
byVidyasagar Machupalli
 
Anonymous Connections And Onion Routing
byAli Habeeb
 
Tor network seminar by 13504
byPrashant Rana
 
Vodafone beta factory - GEC 2015
byMarcello Viti
 
I2P (Invisible Internet Project)
byShail Shah
 
Onion Architecture with S#arp
byGary Pedretti
 
TDC 2016 - Desvendando o Onion Architecture
byWildtech
 
Secure Shell - a Presentation on Ethical Hacking
byNitish Kasar
 

Similar to How TOR works?

PPTX
Information security using onion routing(tor)
byKaustubh Joshi
 
PDF
Tor project
byAayush Varshney
 
PPTX
Tor
byGeorgino Abboud
 
PPTX
tor
bySunil Agarwal
 
PPTX
Tor
byanjalika sinha
 
PPTX
Tor the onion router
byJapneet Singh
 
PDF
Anonymity in the web based on routing protocols
byBiagio Botticelli
 
PPTX
Anonymity Systems: Tor
byantitree
 
PPT
Tor
byBharat Sabne
 
PPTX
All about The Onion Router Protocol Hope by Hope.pptx
byBhaumikPatel650970
 
PDF
Secrets of the Dark Web and How to Access it Safely.pdf
byAdityaChawan4
 
PDF
Anonymity in the Web based on Routing Protocols
byBiagio Botticelli
 
PPTX
Onion protocol
byAnshu Raj
 
PPT
Tor
bySTIinnsbruck
 
PDF
iThome_CYBERSEC2024_Drive_Into_the_DarkWeb
byJie Liau
 
PPTX
Tor network
byJyaasa Technologies
 
PPTX
Acpe 2014 Internet Anonymity Using Tor
byJack Maynard
 
PDF
Tor - Using alternative networks to protect your online privacy, by Tobias Cl...
byThoughtworks
 
PPT
Onion Routing.ppt
byssuserb1ba95
 
PDF
A framework for practical vulnerabilities of the tor (the onion routing) anon...
byIAEME Publication
 
Information security using onion routing(tor)
byKaustubh Joshi
 
Tor project
byAayush Varshney
 
Tor
byGeorgino Abboud
 
tor
bySunil Agarwal
 
Tor
byanjalika sinha
 
Tor the onion router
byJapneet Singh
 
Anonymity in the web based on routing protocols
byBiagio Botticelli
 
Anonymity Systems: Tor
byantitree
 
Tor
byBharat Sabne
 
All about The Onion Router Protocol Hope by Hope.pptx
byBhaumikPatel650970
 
Secrets of the Dark Web and How to Access it Safely.pdf
byAdityaChawan4
 
Anonymity in the Web based on Routing Protocols
byBiagio Botticelli
 
Onion protocol
byAnshu Raj
 
Tor
bySTIinnsbruck
 
iThome_CYBERSEC2024_Drive_Into_the_DarkWeb
byJie Liau
 
Tor network
byJyaasa Technologies
 
Acpe 2014 Internet Anonymity Using Tor
byJack Maynard
 
Tor - Using alternative networks to protect your online privacy, by Tobias Cl...
byThoughtworks
 
Onion Routing.ppt
byssuserb1ba95
 
A framework for practical vulnerabilities of the tor (the onion routing) anon...
byIAEME Publication
 

Recently uploaded

PDF
Oracle Cloud Infrastructure 2025 Architect Professional (1Z0-1127-25) Master ...
byExamCert App
 
PDF
Logical Optimal Actions – Towards Knowledge-based Reinforcement Learning with...
byMichiaki Tatsubori
 
PPTX
Critique Prompting: The Secret to High-Quality AI Outputs
bySemantic SEO BD
 
PDF
Effortless Distributed Systems with Aspire.pdf
byParticular Software
 
PPTX
CTO Strategy OS 2026: The Tech, AI & Cloud Playbook Boards Want
byridwansassman
 
PDF
final~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~.pdf
byomarbishtawi04
 
PDF
UiPath Modern Automation Playbook -Session 2
bysuhanisingh58689
 
PDF
UiPath Automation Developer Associate Training Series 2026 - Session 3
byDianaGray10
 
PDF
Chapter 5 Security Mechanisms iin computer security.pdf
byGetnet Tigabie Askale -(GM)
 
PDF
Automated Governance for FME Flow: Smarter Admin at Scale
bySafe Software
 
PDF
AI TOOLS FOR PRODUCTIVITY IN MODERN TIMES.pdf
bySantunu
 
PPTX
apidays Paris 2025 | Building Agentic Workflows
byapidays
 
PDF
GenerationAI_Paris_2025_Architecting_Intelligence.pdf
byapidays
 
PDF
Transcript: Escape from the Forbidden Zone: Smuggling green and inclusive tec...
byBookNet Canada
 
PDF
HOW TO OVERCOME THE THREATS OF ARTIFICIAL INTELLIGENCE AGAINST HUMANITY.pdf
byFaga1939
 
PDF
shayk.online - Anonymous chat with Sinatra and WebSockets
byEleanor McHugh
 
PDF
Spec-Driven Development with Kiro: Elevating Software Quality, Traceability, ...
byHaim Michael
 
PPTX
Introducing VisualSim 2610 The Next Leap in System Level Modeling
byDeepak Shankar
 
PDF
apidays New York 2025 | AI in Application Security
byapidays
 
PPTX
Do You Control the AI, or Does the AI Control You?
bymedhateltoukhy
 
Oracle Cloud Infrastructure 2025 Architect Professional (1Z0-1127-25) Master ...
byExamCert App
 
Logical Optimal Actions – Towards Knowledge-based Reinforcement Learning with...
byMichiaki Tatsubori
 
Critique Prompting: The Secret to High-Quality AI Outputs
bySemantic SEO BD
 
Effortless Distributed Systems with Aspire.pdf
byParticular Software
 
CTO Strategy OS 2026: The Tech, AI & Cloud Playbook Boards Want
byridwansassman
 
final~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~.pdf
byomarbishtawi04
 
UiPath Modern Automation Playbook -Session 2
bysuhanisingh58689
 
UiPath Automation Developer Associate Training Series 2026 - Session 3
byDianaGray10
 
Chapter 5 Security Mechanisms iin computer security.pdf
byGetnet Tigabie Askale -(GM)
 
Automated Governance for FME Flow: Smarter Admin at Scale
bySafe Software
 
AI TOOLS FOR PRODUCTIVITY IN MODERN TIMES.pdf
bySantunu
 
apidays Paris 2025 | Building Agentic Workflows
byapidays
 
GenerationAI_Paris_2025_Architecting_Intelligence.pdf
byapidays
 
Transcript: Escape from the Forbidden Zone: Smuggling green and inclusive tec...
byBookNet Canada
 
HOW TO OVERCOME THE THREATS OF ARTIFICIAL INTELLIGENCE AGAINST HUMANITY.pdf
byFaga1939
 
shayk.online - Anonymous chat with Sinatra and WebSockets
byEleanor McHugh
 
Spec-Driven Development with Kiro: Elevating Software Quality, Traceability, ...
byHaim Michael
 
Introducing VisualSim 2610 The Next Leap in System Level Modeling
byDeepak Shankar
 
apidays New York 2025 | AI in Application Security
byapidays
 
Do You Control the AI, or Does the AI Control You?
bymedhateltoukhy
 

How TOR works?

Editor's Notes

  • #2 Tor is an anonymity tool used by those who want to stay private and uncensored when browsing the Internet. Based on Firefox
  • #3 In this presentation we will learn why there is need to use TOR(to be anonymous , but what really being anonymous means?) To know how TOR works we should know how it was designed based on the places where an attacker can attack Designing tor includes relay chain, encryption, bridges and use of extensions to carry out these operations Lastly we will into .onion websites(accessing deep websites)
  • #4 1 ISP may steal your traffic and sell to others 2 Govt. may have asked ISP to monitor your network 3 Website you visit analysis data(your choices) to advertise 4 Your whole network may be monitored by some agency 5 Website you want to visit maybe blocked by national firewall
  • #11 Server logs everything Even if data is encrypted they can determine which pc is connecting to which website by data time analysis Data flows through single sever
  • #12 Server logs everything Even if data is encrypted they can determine which pc is connecting to which website by data time analysis Data flows through single sever
  • #13 Relay knows my pc is connecting to website Even if any other data analyzer watches data coming in and going out he can determine that which data is coming from which pc and going to which website
  • #14 Tor uses three relays R1 guard relay – are stable , have high bandwidth R2 middle relay –middle nodes used to transport traffic from the guard relay to the exit relay. This prevents the guard and exit relay from knowing each other. R3 exit relay-send traffic to the final destination intended by the client.
  • #16 Corrupt R1 can see data is coming from my pc but cant tell where it is going(it knows data is going to R2 but R2 is not destination of my pc)
  • #17 Corrupt R3 can see data is going to a website but cant tell where it is coming from
  • #18 If R1 and R3 collaborate then we are screwed R1 knows that my pc is connected to it R3 knows that it is connecting to website Both know they are connected to R2
  • #19 One possible solution is that there must be large number of relays so that the possibility of two corrupt relays to be through same network is very low And TOR has it!
  • #21 Tor browser on my pc encrypts data thrice which have three keys to decrypt R1 gets session key 1 decrypts it and sends to R2 Similarly this happens for R2 and R3 Since the data entering and leaving a relay is different , full circuit analysis is not possible
  • #22 Now we know that tor button does the relaying part. But what about the data leaving from exit relay? Its unencrypted Exit relay can determine the content of data
  • #23 To make the data leaving from exit relay to be secured tor uses https everywhere extension https everywhere automatically uses https security on many sites
  • #25 Tor button configures how tor connects to web Relay connections Security Allows to configure connection settings
  • #26 Tor button forms a tor circuit , connects you to random relays present in its directory 1)New tor circuit for this site provides a new set of relays but with the same guard/entry relay 2)New identity restarts tor browser and gives a new set of all three relays
  • #27 Its found that you are connected to the same guard/entry relay on a web browsing session Tor will reuse the same circuit for new TCP streams for 10 minutes, as long as the circuit is working fine. (If the circuit fails, Tor will switch to a new circuit immediately.)
  • #29 Security Allows to configure connection settings
  • #30 Security Allows to configure connection settings
  • #31 Bridges are entry relays that are not listed in the main TOR directory
  • #32 Bridges are entry relays that are not listed in the main TOR directory 1)Useful if ISP is filtering TOR relays 2)By comparing the IP address you are connecting to(entry relay) in the relay list they can determine that you are using TOR Since bridges are not listed in relay list they cant tell that you are using TOR
  • #33 Bridges which are preconfigured and provided with Tor Browser Custom bridges
  • #34 ISP may have blocked your access to tor by adding all the available relay list to their block list Option 1)Use bridges-provided bridges or custom bridges Option 2)If ISP got list of all publically available bridges then use proxy before TOR network
  • #36 The NoScript Firefox extension provides extra protection for Mozilla-based browsers: this free, open source add-on allows JavaScript, java, flash and other plugins to be executed only by trusted web sites of your choice (e.g. your online bank).
  • #37 What we learnt
  • #39 Thankyou