Onion Routing and Tor: 
Fundamentals and anonymity 
Anurag Singh
Anonymity: Overview
What is Anonymity ? 
 Anonymity is the state of being 
unidentifiable within a set of subjects. 
◦ Hide your activities among others’ similar 
activities 
◦ You cannot be anonymous by yourself! 
 Unlinkability of action and identity 
 Unobservability (hard to achieve) 
 Observer cannot even tell whether a certain 
action took place or not
You Are Not Anonymous 
 Your IP address can be linked directly to 
you 
◦ ISPs store communications records 
◦ Usually for several years (Data Retention 
Laws) 
◦ Law enforcement can subpoena these 
records 
 Your browser is being tracked 
◦ Cookies, Flash cookies, E-Tags, HTML5 
Storage 
◦ Browser fingerprinting 
 Your activities can be used to identify
Who Uses Anonymity 
Systems ? 
 “If you’re not doing anything wrong, 
you shouldn’t have anything to hide.” 
• Implies that anonymous communication is 
for criminals 
 The truth: who uses Tor? 
• Journalists 
• Business executives 
• Law enforcement 
• Military/intelligence 
• Human rights activists 
personnel 
• Normal people 
• Abuse victims 
 Fact: Tor was/is developed by the Navy
Why Do We Need Anonymity 
? 
 To protect privacy 
◦ Avoid tracking by advertising companies 
◦ Viewing sensitive content 
 Information on medical conditions 
 Advice on bankruptcy 
 Protection from prosecution 
◦ Not every country guarantees free speech 
 To prevent chilling-effects 
◦ It’s easier to voice unpopular or 
controversial opinions if you are 
anonymous
Anonymity Layer 
 Function: 
◦ Hide the source, 
destination, and content of 
Internet flows from 
eavesdroppers 
 Key challenge: 
◦ Defining and quantifying 
anonymity 
◦ Building systems that are 
resilient to 
deanonymization 
◦ Maintaining performance 
Applicatio 
n 
Anonymity 
Presentatio 
Sesnsion 
Transport 
Network 
Data Link 
Physical
Related Work 
 Chaum’s Mix-Net design 
◦ Correspondence hiding between sender & 
receiver by wrapping messages in layers 
and relaying through “mix” routers. 
 Babel ‘s Mix master and Mixminion 
◦ Try to maximize anonymity at the cost of high 
latency. 
 Anonymizer 
◦ Single-hop proxy 
 PipeNet 
◦ Low-latency design giving user anonymity by 
shutting down the network by not sending.
Related Work 
 P2P Tarzan and MorphMix designs 
◦ Rely and generate traffic for other participating 
users and hide who originated or relayed a 
request. 
 Hordes/Crowds 
◦ Hides the initiator of traffic thorough multicast 
responses 
 Freedom 
◦ Supports session keys and address of the server 
in a circuit. 
 Rennhard’s Anonymity Network 
◦ Builds circuits in stages which helps to obtain 
perfect forward secrecy by extending them one 
hop at a time.
Threats to Anonymity 
 Traffic Analysis 
◦ Passive traffic analysis 
 Infer from network traffic who is talking to whom 
 To hide your traffic, must carry other people’s traffic! 
◦ Active traffic analysis 
 Inject packets or put a timing signature on packet flow. 
 Compromised network nodes (routers) 
◦ It is not obvious which nodes have been 
compromised 
 Attacker may be passively logging traffic 
◦ Better not to trust any individual node 
 Assume that some fraction of nodes is good, don’t know 
which
How Traffic Analysis Work ? 
 Internet data packets have two parts: 
◦ a data payload 
 Generally Encrypted 
 traffic analysis still reveals a great deal about what you're 
doing and, possibly, what you're saying. because 
◦ a header used for routing 
 it focuses on the header, which discloses source, 
destination, size, timing, and so on. 
 simple traffic analysis 
◦ sitting somewhere between sender and recipient on 
the network, looking at headers. 
 sophisticated traffic analysis 
 Encryption does not help against these attackers, 
since it only hides the content of Internet traffic, 
not the headers.
Onion Routing (Original) 
 A technique 
for anonymous communication 
over a computer network. 
 Messages are repeatedly encrypted and 
then sent through several network nodes 
called onion routers. 
 Like someone peeling an onion,each onion 
router removes a layer of encryption to 
uncover routing instructions, and sends the 
message to the next router where this is 
repeated. 
 This prevents these intermediary nodes 
from knowing the origin, destination, and 
contents of the message.
Onion Router and Analogy
Tor 
(The Second Generation Onion 
Router) 
 a distributed, anonymous network 
 reduce the risks of both simple and 
sophisticated traffic analysis by 
distributing transactions over several 
places on the Internet. 
 data packets on the Tor network take 
a random pathway through several 
relays. 
 no observer at any single point can tell 
where the data came from or where 
it's going.
Tor 
(The Second Generation Onion 
Router) 
 Basic design: a mix network with 
improvements 
◦ Perfect forward secrecy 
◦ Introduces guards to improve source 
anonymity 
◦ Takes bandwidth into account when 
selecting relays 
 Mixes in Tor are called relays 
◦ Introduces hidden services 
 Servers that are only accessible via the Tor 
overlay
Deployment and Statistics 
 Largest, most well deployed anonymity 
preserving service on the Internet 
◦ Publicly available since 2002 
◦ Continues to be developed and improved 
 Currently, ~5000 Tor relays around the 
world 
◦ All relays are run by volunteers 
◦ It is suspected that some are controlled by 
intelligence agencies 
 500K – 900K daily users 
◦ Numbers are likely larger now, thanks to 
Snowden
How Tor Works ? 
Courtesy: 
https://www.torproject.org/about/overview.html.en
How Tor Works ?...Circuit 
Setup 
Courtesy: 
https://www.torproject.org/about/overview.html.en
How Tor Works ?....new 
connection 
Courtesy: 
https://www.torproject.org/about/overview.html.en
Tor Enhancements over 
Previous 
Onion Routing applications 
 Tor uses telescoping path-built design 
◦ Previous designs allowed hostiles to record traffic 
and compromise successive nodes. 
 Tor uses SOCKS proxy interface 
◦ Previous designs required a separate application 
proxy for each application protocol. 
 Tor is able to share one circuit for many 
TCP streams 
◦ Previous designs required a separate circuit for 
each application level request. Which is a threat to 
anonymity. 
 Leaky pipe circuit topology
Tor Enhancements over 
Previous 
Onion Routing applications  Directory servers 
◦ Previous designs resorted to flooding info on 
the network. 
 Variable exit policies 
 End-to-end integrity checks 
◦ Previous designs had no integrity checks. 
 Rendezvous points/hidden services 
◦ Previous designs included replay onions. 
 Congestion control: uses end-to-end 
acks 
◦ Previous designs didn’t address traffic 
bottlenecks.
Hidden Services 
 Tor is very good at hiding the source of traffic 
◦ But the destination is often an exposed website 
 What if we want to run an anonymous 
service? 
◦ i.e. a website, where nobody knows the IP 
address? 
 Tor supports Hidden Services 
◦ Allows you to run a server and have people 
connect 
◦ … without disclosing the IP or DNS name 
 Many hidden services 
◦ Tor Mail, Tor Char 
◦ DuckDuckGo 
◦ Wikileaks 
• The Pirate Bay 
• Silk Road (2.0)
Hidden Services Example: 
Creating a hidden Server 
Server creates circuits 
to “introduction points” 
Server gives intro points’ 
descriptors and addresses 
to service lookup directory 
Client obtains service 
descriptor and intro point 
address from directory
Using a Location Hidden 
Service 
Client sends address of the 
rendezvous point and any 
authorization, if needed, to 
server through intro point 
If server chooses to talk to client, 
connect to rendezvous point 
If server chooses to talk 
to client, 
connect to rendezvous 
point 
Client creates a circuit 
to a “rendezvous point”
Staying Anonymous 
 Tor can't solve all anonymity problems. 
 It focuses only on protecting the 
transport of data 
 to protect your anonymity, be smart. 
 Tor does not provide protection against 
end-to-end timing attacks: 
◦ If your attacker can watch the traffic coming 
out of your computer, and also the traffic 
arriving at your chosen destination, he can 
use statistical analysis to discover that they 
are part of the same circuit.
The Future of Tor 
 Providing a usable anonymizing 
network on the Internet today is an 
ongoing challenge. 
 Recent activities like NSA snooping. 
 More number of users attracted 
towards Tor. 
 Each new user and relay provides 
additional diversity, enhancing Tor's 
ability to put control over your security 
and privacy back into your hands.
THANKYOU

More Related Content

PPTX
PPTX
TOR NETWORK
PDF
Introduction to Tor
PPTX
Tor network seminar by 13504
PPTX
Onion protocol
PPTX
The dark web
PPTX
Tor the onion router
PPTX
Tor: The Second Generation Onion Router
TOR NETWORK
Introduction to Tor
Tor network seminar by 13504
Onion protocol
The dark web
Tor the onion router
Tor: The Second Generation Onion Router

What's hot (20)

PPTX
How TOR works?
PPT
Tor Presentation
PPT
Virtual private network
PPTX
Journey To The Dark Web
PPTX
PPTX
Dark web
PPTX
Introduction to anonymity network tor
PPT
PPTX
IP Address - IPv4 & IPv6
PPTX
Tor browser
PPT
Darknets - Introduction & Deanonymization of Tor Users By Hitesh Bhatia
PPTX
PPTX
Tor the onion router
PPTX
OSINT: Open Source Intelligence gathering
PPTX
The Deep Web, TOR Network and Internet Anonymity
PPTX
The Dark Web
PPTX
Computer networks
PPTX
Man in The Middle Attack
PPTX
PPT
Ip Addressing
How TOR works?
Tor Presentation
Virtual private network
Journey To The Dark Web
Dark web
Introduction to anonymity network tor
IP Address - IPv4 & IPv6
Tor browser
Darknets - Introduction & Deanonymization of Tor Users By Hitesh Bhatia
Tor the onion router
OSINT: Open Source Intelligence gathering
The Deep Web, TOR Network and Internet Anonymity
The Dark Web
Computer networks
Man in The Middle Attack
Ip Addressing
Ad

Viewers also liked (19)

PPT
Anonymous Connections And Onion Routing
PPTX
2011-06-23 Privacy, Anonymity, and Intellectual Freedom in the Facebook Era
PPTX
The Onion Routing (TOR)
PDF
Anonymizing Networks
PDF
TOR - The Onion Router
PPTX
Threat modeling nihilists v. vegans
PDF
How to get back your privacy?
PPTX
Deep weeb juanita- monica
PPTX
ONION Routing - Jovial learning
PPTX
How To Dice And Saute An Onion
PDF
Pixel Bar Charts A New Technique for Visualizing Large Multi-Attribute Data S...
PPT
Mathematics Towards Elliptic Curve Cryptography-by Dr. R.Srinivasan
PPTX
AASR Authenticated Anonymous Secure Routing for MANETs in Adversarial Environ...
PDF
Onion network architecture
PPTX
The End of Anonymity on Anonymous Networks
PPTX
Anonymous Security Scanning and Browsing
PPTX
Touring the Dark Side of Internet: A Journey through IOT, TOR & Docker
PDF
Network Security‬ and Big ‪‎Data Analytics‬
Anonymous Connections And Onion Routing
2011-06-23 Privacy, Anonymity, and Intellectual Freedom in the Facebook Era
The Onion Routing (TOR)
Anonymizing Networks
TOR - The Onion Router
Threat modeling nihilists v. vegans
How to get back your privacy?
Deep weeb juanita- monica
ONION Routing - Jovial learning
How To Dice And Saute An Onion
Pixel Bar Charts A New Technique for Visualizing Large Multi-Attribute Data S...
Mathematics Towards Elliptic Curve Cryptography-by Dr. R.Srinivasan
AASR Authenticated Anonymous Secure Routing for MANETs in Adversarial Environ...
Onion network architecture
The End of Anonymity on Anonymous Networks
Anonymous Security Scanning and Browsing
Touring the Dark Side of Internet: A Journey through IOT, TOR & Docker
Network Security‬ and Big ‪‎Data Analytics‬
Ad

Similar to Onion routing and tor: Fundamentals and Anonymity (20)

PDF
Anonymity in the Web based on Routing Protocols
PDF
Anonymity in the web based on routing protocols
PPTX
Anonymous traffic network
PPTX
PPT
Onion Routing.ppt
PPT
PPTX
Анонимность Tor: миф и реальность
PPTX
Anonymizers
PPTX
Tor Pivoting Networks Share
PPTX
Tor Project and The Darknet
PDF
2006: Hack.lu Luxembourg 2006: Anonymous Communication
PPTX
5 Anonymous Communication exercises fee d
PDF
TOR-section,tails-os-dark_web, cybersecurity-slides.pdf
PPTX
Acpe 2014 Internet Anonymity Using Tor
PPTX
Dark Side of the Net Lecture 4 TOR
PDF
Control the tradeoff between performance and anonymity through end to-end t (2)
PPTX
Information security using onion routing(tor)
PDF
PDF
A framework for practical vulnerabilities of the tor (the onion routing) anon...
PDF
A framework for practical vulnerabilities of the tor (the onion routing) anon...
Anonymity in the Web based on Routing Protocols
Anonymity in the web based on routing protocols
Anonymous traffic network
Onion Routing.ppt
Анонимность Tor: миф и реальность
Anonymizers
Tor Pivoting Networks Share
Tor Project and The Darknet
2006: Hack.lu Luxembourg 2006: Anonymous Communication
5 Anonymous Communication exercises fee d
TOR-section,tails-os-dark_web, cybersecurity-slides.pdf
Acpe 2014 Internet Anonymity Using Tor
Dark Side of the Net Lecture 4 TOR
Control the tradeoff between performance and anonymity through end to-end t (2)
Information security using onion routing(tor)
A framework for practical vulnerabilities of the tor (the onion routing) anon...
A framework for practical vulnerabilities of the tor (the onion routing) anon...

Recently uploaded (20)

PPTX
AI-Reporting for Emerging Technologies(BS Computer Engineering)
PPTX
Unit IImachinemachinetoolopeartions.pptx
PPTX
MAD Unit - 3 User Interface and Data Management (Diploma IT)
PDF
Micro 3 New.ppt.pdf tools the laboratory the method
PPTX
Design ,Art Across Digital Realities and eXtended Reality
PPTX
chapter 1.pptx dotnet technology introduction
PDF
AIGA 012_04 Cleaning of equipment for oxygen service_reformat Jan 12.pdf
PPTX
Wireless sensor networks (WSN) SRM unit 2
PPT
Programmable Logic Controller PLC and Industrial Automation
PDF
VTU IOT LAB MANUAL (BCS701) Computer science and Engineering
PDF
Micro 4 New.ppt.pdf a servay of cells and microorganism
PPTX
Principal presentation for NAAC (1).pptx
PDF
Principles of operation, construction, theory, advantages and disadvantages, ...
PPTX
Solar energy pdf of gitam songa hemant k
DOCX
ENVIRONMENTAL PROTECTION AND MANAGEMENT (18CVL756)
PDF
MACCAFERRY GUIA GAVIONES TERRAPLENES EN ESPAÑOL
PPTX
Software-Development-Life-Cycle-SDLC.pptx
PPTX
Environmental studies, Moudle 3-Environmental Pollution.pptx
PPTX
Module1.pptxrjkeieuekwkwoowkemehehehrjrjrj
PPTX
Agentic Artificial Intelligence (Agentic AI).pptx
AI-Reporting for Emerging Technologies(BS Computer Engineering)
Unit IImachinemachinetoolopeartions.pptx
MAD Unit - 3 User Interface and Data Management (Diploma IT)
Micro 3 New.ppt.pdf tools the laboratory the method
Design ,Art Across Digital Realities and eXtended Reality
chapter 1.pptx dotnet technology introduction
AIGA 012_04 Cleaning of equipment for oxygen service_reformat Jan 12.pdf
Wireless sensor networks (WSN) SRM unit 2
Programmable Logic Controller PLC and Industrial Automation
VTU IOT LAB MANUAL (BCS701) Computer science and Engineering
Micro 4 New.ppt.pdf a servay of cells and microorganism
Principal presentation for NAAC (1).pptx
Principles of operation, construction, theory, advantages and disadvantages, ...
Solar energy pdf of gitam songa hemant k
ENVIRONMENTAL PROTECTION AND MANAGEMENT (18CVL756)
MACCAFERRY GUIA GAVIONES TERRAPLENES EN ESPAÑOL
Software-Development-Life-Cycle-SDLC.pptx
Environmental studies, Moudle 3-Environmental Pollution.pptx
Module1.pptxrjkeieuekwkwoowkemehehehrjrjrj
Agentic Artificial Intelligence (Agentic AI).pptx

Onion routing and tor: Fundamentals and Anonymity

  • 1. Onion Routing and Tor: Fundamentals and anonymity Anurag Singh
  • 3. What is Anonymity ?  Anonymity is the state of being unidentifiable within a set of subjects. ◦ Hide your activities among others’ similar activities ◦ You cannot be anonymous by yourself!  Unlinkability of action and identity  Unobservability (hard to achieve)  Observer cannot even tell whether a certain action took place or not
  • 4. You Are Not Anonymous  Your IP address can be linked directly to you ◦ ISPs store communications records ◦ Usually for several years (Data Retention Laws) ◦ Law enforcement can subpoena these records  Your browser is being tracked ◦ Cookies, Flash cookies, E-Tags, HTML5 Storage ◦ Browser fingerprinting  Your activities can be used to identify
  • 5. Who Uses Anonymity Systems ?  “If you’re not doing anything wrong, you shouldn’t have anything to hide.” • Implies that anonymous communication is for criminals  The truth: who uses Tor? • Journalists • Business executives • Law enforcement • Military/intelligence • Human rights activists personnel • Normal people • Abuse victims  Fact: Tor was/is developed by the Navy
  • 6. Why Do We Need Anonymity ?  To protect privacy ◦ Avoid tracking by advertising companies ◦ Viewing sensitive content  Information on medical conditions  Advice on bankruptcy  Protection from prosecution ◦ Not every country guarantees free speech  To prevent chilling-effects ◦ It’s easier to voice unpopular or controversial opinions if you are anonymous
  • 7. Anonymity Layer  Function: ◦ Hide the source, destination, and content of Internet flows from eavesdroppers  Key challenge: ◦ Defining and quantifying anonymity ◦ Building systems that are resilient to deanonymization ◦ Maintaining performance Applicatio n Anonymity Presentatio Sesnsion Transport Network Data Link Physical
  • 8. Related Work  Chaum’s Mix-Net design ◦ Correspondence hiding between sender & receiver by wrapping messages in layers and relaying through “mix” routers.  Babel ‘s Mix master and Mixminion ◦ Try to maximize anonymity at the cost of high latency.  Anonymizer ◦ Single-hop proxy  PipeNet ◦ Low-latency design giving user anonymity by shutting down the network by not sending.
  • 9. Related Work  P2P Tarzan and MorphMix designs ◦ Rely and generate traffic for other participating users and hide who originated or relayed a request.  Hordes/Crowds ◦ Hides the initiator of traffic thorough multicast responses  Freedom ◦ Supports session keys and address of the server in a circuit.  Rennhard’s Anonymity Network ◦ Builds circuits in stages which helps to obtain perfect forward secrecy by extending them one hop at a time.
  • 10. Threats to Anonymity  Traffic Analysis ◦ Passive traffic analysis  Infer from network traffic who is talking to whom  To hide your traffic, must carry other people’s traffic! ◦ Active traffic analysis  Inject packets or put a timing signature on packet flow.  Compromised network nodes (routers) ◦ It is not obvious which nodes have been compromised  Attacker may be passively logging traffic ◦ Better not to trust any individual node  Assume that some fraction of nodes is good, don’t know which
  • 11. How Traffic Analysis Work ?  Internet data packets have two parts: ◦ a data payload  Generally Encrypted  traffic analysis still reveals a great deal about what you're doing and, possibly, what you're saying. because ◦ a header used for routing  it focuses on the header, which discloses source, destination, size, timing, and so on.  simple traffic analysis ◦ sitting somewhere between sender and recipient on the network, looking at headers.  sophisticated traffic analysis  Encryption does not help against these attackers, since it only hides the content of Internet traffic, not the headers.
  • 12. Onion Routing (Original)  A technique for anonymous communication over a computer network.  Messages are repeatedly encrypted and then sent through several network nodes called onion routers.  Like someone peeling an onion,each onion router removes a layer of encryption to uncover routing instructions, and sends the message to the next router where this is repeated.  This prevents these intermediary nodes from knowing the origin, destination, and contents of the message.
  • 13. Onion Router and Analogy
  • 14. Tor (The Second Generation Onion Router)  a distributed, anonymous network  reduce the risks of both simple and sophisticated traffic analysis by distributing transactions over several places on the Internet.  data packets on the Tor network take a random pathway through several relays.  no observer at any single point can tell where the data came from or where it's going.
  • 15. Tor (The Second Generation Onion Router)  Basic design: a mix network with improvements ◦ Perfect forward secrecy ◦ Introduces guards to improve source anonymity ◦ Takes bandwidth into account when selecting relays  Mixes in Tor are called relays ◦ Introduces hidden services  Servers that are only accessible via the Tor overlay
  • 16. Deployment and Statistics  Largest, most well deployed anonymity preserving service on the Internet ◦ Publicly available since 2002 ◦ Continues to be developed and improved  Currently, ~5000 Tor relays around the world ◦ All relays are run by volunteers ◦ It is suspected that some are controlled by intelligence agencies  500K – 900K daily users ◦ Numbers are likely larger now, thanks to Snowden
  • 17. How Tor Works ? Courtesy: https://www.torproject.org/about/overview.html.en
  • 18. How Tor Works ?...Circuit Setup Courtesy: https://www.torproject.org/about/overview.html.en
  • 19. How Tor Works ?....new connection Courtesy: https://www.torproject.org/about/overview.html.en
  • 20. Tor Enhancements over Previous Onion Routing applications  Tor uses telescoping path-built design ◦ Previous designs allowed hostiles to record traffic and compromise successive nodes.  Tor uses SOCKS proxy interface ◦ Previous designs required a separate application proxy for each application protocol.  Tor is able to share one circuit for many TCP streams ◦ Previous designs required a separate circuit for each application level request. Which is a threat to anonymity.  Leaky pipe circuit topology
  • 21. Tor Enhancements over Previous Onion Routing applications  Directory servers ◦ Previous designs resorted to flooding info on the network.  Variable exit policies  End-to-end integrity checks ◦ Previous designs had no integrity checks.  Rendezvous points/hidden services ◦ Previous designs included replay onions.  Congestion control: uses end-to-end acks ◦ Previous designs didn’t address traffic bottlenecks.
  • 22. Hidden Services  Tor is very good at hiding the source of traffic ◦ But the destination is often an exposed website  What if we want to run an anonymous service? ◦ i.e. a website, where nobody knows the IP address?  Tor supports Hidden Services ◦ Allows you to run a server and have people connect ◦ … without disclosing the IP or DNS name  Many hidden services ◦ Tor Mail, Tor Char ◦ DuckDuckGo ◦ Wikileaks • The Pirate Bay • Silk Road (2.0)
  • 23. Hidden Services Example: Creating a hidden Server Server creates circuits to “introduction points” Server gives intro points’ descriptors and addresses to service lookup directory Client obtains service descriptor and intro point address from directory
  • 24. Using a Location Hidden Service Client sends address of the rendezvous point and any authorization, if needed, to server through intro point If server chooses to talk to client, connect to rendezvous point If server chooses to talk to client, connect to rendezvous point Client creates a circuit to a “rendezvous point”
  • 25. Staying Anonymous  Tor can't solve all anonymity problems.  It focuses only on protecting the transport of data  to protect your anonymity, be smart.  Tor does not provide protection against end-to-end timing attacks: ◦ If your attacker can watch the traffic coming out of your computer, and also the traffic arriving at your chosen destination, he can use statistical analysis to discover that they are part of the same circuit.
  • 26. The Future of Tor  Providing a usable anonymizing network on the Internet today is an ongoing challenge.  Recent activities like NSA snooping.  More number of users attracted towards Tor.  Each new user and relay provides additional diversity, enhancing Tor's ability to put control over your security and privacy back into your hands.