Onion routing
This article's factual accuracy may be compromised due to out-of-date information. (March 2017) |
Onion routing is a technique for
History
Onion routing was developed in the mid-1990s at the
This method was publicly released by the same employees through publishing an article in the IEEE Journal on Selected Areas in Communications the same year. It depicted the use of the method to protect the user from the network and outside observers who eavesdrop and conduct traffic analysis attacks. The most important part of this research is the configurations and applications of onion routing on the existing e-services, such as
Based on the existing onion routing technology, computer scientists Roger Dingledine and Nick Mathewson joined Paul Syverson in 2002 to develop what has become the largest and best-known implementation of onion routing, then called The Onion Routing project (Tor project).
After the Naval Research Laboratory released the code for Tor under a
Data structure
Metaphorically, an onion is the data structure formed by "wrapping" a message with successive layers of encryption to be decrypted ("peeled" or "unwrapped") by as many intermediary computers as there are layers before arriving at its destination. The original message remains hidden as it is transferred from one node to the next, and no intermediary knows both the origin and final destination of the data, allowing the sender to remain anonymous.[13]
Onion creation and transmission
To create and transmit an onion, the originator selects a set of nodes from a list provided by a "directory node". The chosen nodes are arranged into a path, called a "chain" or "circuit", through which the message will be transmitted. To preserve the anonymity of the sender, no node in the circuit is able to tell whether the node before it is the originator or another intermediary like itself. Likewise, no node in the circuit is able to tell how many other nodes are in the circuit and only the final node, the "exit node", is able to determine its own location in the chain.[13]
Using
When the chain is complete, the originator can send data over the Internet anonymously. When the final recipient of the data sends data back, the intermediary nodes maintain the same link back to the originator, with data again layered, but in reverse such that the final node this time adds the first layer of encryption and the first node adds the last layer of encryption before sending the data, for example a web page, to the originator, who is able to decrypt all layers.[13]
Weaknesses
Timing analysis
One of the reasons why the typical Internet connections are not considered anonymous is the ability of Internet service providers to trace and log connections between computers. For example, when a person accesses a particular website, the data itself may be secured through a connection like HTTPS such that the user's password, emails, or other content is not visible to an outside party, but there is a record of the connection itself, what time it occurred, and the amount of data transferred. Onion routing creates and obscures a path between two computers such that there is no discernible connection directly from a person to a website, but there still exist records of connections between computers. Traffic analysis searches those records of connections made by a potential originator and tries to match the timing and data transfers to connections made to a potential recipient. If an attacker has compromised both ends of a route, a sender may be seen to have transferred an amount of data to an unknown computer a specified amount of seconds before a different unknown computer transferred data of the same exact size to a particular destination.[14][15] Factors that may facilitate traffic analysis include nodes failing or leaving the network[15] and a compromised node keeping track of a session as it occurs when chains are periodically rebuilt.[16]
Garlic routing is a variant of onion routing associated with the I2P network that encrypts multiple messages together, which both increases the speed of data transfer and makes it more difficult[17] for attackers to perform traffic analysis.[18]
Exit node vulnerability
Although the message being sent is transmitted inside several layers of encryption, the job of the exit node, as the final node in the chain, is to decrypt the final layer and deliver the message to the recipient. A compromised exit node is thus able to acquire the raw data being transmitted, potentially including passwords, private messages, bank account numbers, and other forms of personal information. Dan Egerstad, a Swedish researcher, used such an attack to collect the passwords of over 100 email accounts related to foreign embassies.[19]
Exit node vulnerabilities are similar to those on unsecured wireless networks, where the data being transmitted by a user on the network may be intercepted by another user or by the router operator. Both issues are solved by using a secure end-to-end connection like
See also
- Anonymous remailer
- Bitblinder
- Chaum mixes
- Cryptography
- Degree of anonymity
- Diffie–Hellman key exchange
- Java Anon Proxy
- Key-based routing
- Matryoshka doll
- Mix network
- Mixmaster anonymous remailer
- Public-key cryptography
- Proxy server
- Tox – implements onion routing
- Tribler – implements onion routing
References
- ^ Goldschlag D., Reed M., Syverson P. (1999.) Onion Routing for Anonymous and Private Internet Connections, Onion Router.
- S2CID 4943955.
- ^ Reed M. G., Syverson P. F., Goldschlag D. M. (1998) "Anonymous connections and onion routing", IEEE Journal on Selected Areas in Communications, 16(4):482–494.
- ^ a b US patent 6266704, Reed; Michael G. (Bethesda, MD), Syverson; Paul F. (Silver Spring, MD), Goldschlag; David M. (Silver Spring, MD), "Onion routing network for securely moving data through communication networks", assigned to The United States of America as represented by the Secretary of the Navy (Washington, DC)
- ^ a b Levine, Yasha (16 July 2014). "Almost everyone involved in developing Tor was (or is) funded by the US government". Pando Daily. Retrieved 30 August 2014.
- ISBN 9781477226476. Retrieved August 29, 2014.
- ISBN 978-1610390620. Retrieved August 29, 2014.
- ISSN 1558-0008.
- ^ Dingledine, Roger (20 September 2002). "pre-alpha: run an onion proxy now!". or-dev (Mailing list). Retrieved 17 July 2008.
- ^ "Tor FAQ: Why is it called Tor?". Tor Project. Retrieved 1 July 2011.
- ^ "Tor: Sponsors". Tor Project. Retrieved 11 December 2010.
- Washington Post. Retrieved 27 October 2007.
- ^ a b c d Roger Dingledine; Nick Mathewson; Paul Syverson. "Tor: The Second-Generation Onion Router" (PDF). Retrieved 26 February 2011.
- )
- ^ a b Dingledine, Roger; Mathewson, Nick; Syverson, Paul (August 2004). "Tor: The Second-Generation Onion Router". San Diego, CA: USENIX Association. Retrieved 24 October 2012.
- S2CID 7711031. Archived from the original(PDF) on 2016-03-04. Retrieved 2012-07-04.
- ^ "Common Darknet Weaknesses: An Overview of Attack Strategies". 27 January 2014.
- ^ Zantour, Bassam; Haraty, Ramzi A. (2011). "I2P Data Communication System". Proceedings of ICN 2011: The Tenth International Conference on Networks: 401–409.
- ^ Bangeman, Eric (2007-08-30). "Security researcher stumbles across embassy e-mail log-ins". Arstechnica.com. Retrieved 2010-03-17.
External links
- Onion-Router.net – site formerly hosted at the Center for High Assurance Computer Systems of the U.S. Naval Research Laboratory
- Syverson, P.F.; Goldschlag, D.M.; Reed, M.G. (1997). "Anonymous connections and onion routing" (PDF). Proceedings. 1997 IEEE Symposium on Security and Privacy. pp. 44–54. S2CID 1793921.