16-06-2014, 01:02 PM
ONION ROUTING OVERVIEW
ONION ROUTING OVERVIEW.docx (Size: 395.23 KB / Downloads: 15)
INTRODUCTION
Onion Routing is an application independent infrastructure for private communication over a public network. It provides anonymous connections that are strongly resistant to both eavesdropping and traffic analysis. Onion routing's anonymous connections are bidirectional in real-time.
The primary goal of Onion Routing is to provide strongly private communications in real time over a public network at reasonable cost and efficiency. Communications are intended to be private in the sense that an eavesdropper on the public network cannot determine either the contents of messages flowing from Alice and Bob or even whether Alice and Bob are
communicating with each other. A secondary goal is to provide anonymity to the sender and receiver, so that Alice may receive messages but be unable to identify the sender, even though he may be able to reply to those messages.
An initial design has been implemented and fielded to demonstrate the feasibility of the approach. This prototype, which uses computers operating at the Naval Research Laboratory in Washington, D.C., to simulate a network of five Onion Routing nodes, attracted increasing use over the two years it was available. While in operation, users in more than sixty countries and all seven major US top level domains initiated up to 1.5 million connections per month through the prototype system. This demand demonstrated both an interest in the service and the feasibility of the approach
ONION ROUTING OVERVIEW
Onion Routing provides a way for two parties - a connection initiator and a connection responder – to communicate with each other anonymously. Onion Routing protects its communications against traffic analysis attacks. It makes it very hard for network observers (such as crackers, companies, and governments) to reliably learn who is talking to whom and for what purpose, by examining data packets flowing over the network. It concentrates on hiding the source and destination of a packet, rather than the content of the packet. The content of the packet could of course be encrypted using any form of crytpography prior to sending.
The system consists of a number of machines, called onion routers. Routers communicate with each other over TCP. Some routers also can serve as entry funnels; they can accept connections from the clients of the network. Some routers can server as exit funnels, they can create TCP connections leaving the network to the actual Internet services that are being accessed through the Onion Routing network. Such services can be World Wide Web, e-mail, peer-to-peer applications, etc.
FORMAL DESCRIPTION
When the first packet of a connection to be anonymised arrives at an onion proxy, the proxy constructs a random sequence of routers on the network it knows about, Zn*, e.g. <4, 3, 5>. Where the first router in the sequence is an entry funnel, and the last an exit funnel. Then, to send a packet of data to the exit funnel, it constructs an onion like so: E[4u](3's IP address, E[3u]( 5' s IP address, E[5u](data))). This onion is then given to the entry funnel (4). The entry funnel is able to decrypt the onion with its private key, revealing 3's IP address and a chunk of encrypted data. It forwards this chunk to 3, and the process repeats. So, to retrieve the next hop in the route, a router first has to decrypt the onion with its own private key. Because no-one else knows this private key it is impossible for someone who intercepts the onion to extract the IP address for the next hop.
Encrypting the entire onion for each hop is a big advantage, because now the onion looks completely different at each router and it is very hard to correlate it between nodes. To even further complicate traffic analysis, all onions are usually padded with random data before being sent, so that they are always of the same size. This way, it is very easy to create a virtual onion circuit, much like virtual circuits in ATM. Simply sending an onion to a node K along a chosen path creates a virtual circuit along the path. To support these virtual circuits, an additional bit of functionality on the routers is required. Each router has a number of TCP links to other routers. Several circuits can be multiplexed over one TCP link. So, for each incoming onion, the router should be able to figure out which circuit the onion belongs to and then find out what outgoing TCP link the onion should be forwarded to
SECURITY GOALS
Protection of communications against traffic analysis does not require support for anonymous communication. By encrypting data sent over a traffic-analysis-resistant connection, for example, endpoints may identify themselves to one another without revealing the existence of their communication to the rest of the network. However, traffic analysis is a potent tool for revealing parties in conversation, thereby compromising a communication that was intended to be anonymous. Thus, we consider goals for anonymous, as well as private, communication. In fact, the goals for these two cases differ very little; the distinction comes in the specification of the adversary.
There are various basic properties relating initiators, responders, and connections that we wish to protect. We can describe sender and receiver anonymity as respectively hiding the identity of the sender or receiver of a particular message from an attacker, and unlinkability as a somewhat weaker property, preventing an attacker from link
ADVERSARY MODEL
One of the main challenges in designing anonymous communications protocols is defining the capabilities of the adversary. Given the tools at our disposal today, the adversary model essentially determines which salient characteristics the system should deploy in order to defeat her.
5.1 The basic adversaries
• Observer: can observe a connection (e.g., a sniffer on an Internet router), but cannot initiate connections.
• Disrupter: can delay (indefinitely) or corrupt traffic on a link.
• Hostile user: can initiate (destroy) connections with specific routes as well as varying the traffic on the connections it creates.
• Compromised COR: can arbitrarily manipulate the connections under its control, as well as creating new connections (that pass through itself).
All feasible adversaries can be composed out of these basic adversaries.
This includes combinations such as one or more compromised CORs cooperating with disrupters of links on which those CORs are not adjacent, or such as combinations of hostile outsiders and observers. However, we are able to restrict our analysis of adversaries to just one class, the compromised COR.
. WEAKNESS
• Timing analysis: Incoming and outgoing messages passing through a relatively under-loaded node can be linked by observing how close together in time they are received and re-sent. However, this weakness can be overcome by buffering several messages and then transmitting them using a pseudorandom timing algorithm.
• Intersection attacks: Nodes periodically fail or leave the network; any chain that remains functioning cannot have been routed through either the nodes that left or the nodes that recently joined the network, increasing the chances of a successful traffic analysis.
• Predecessor attacks: A compromised node can keep track of a session as it occurs over multiple chain reformations. If the same session is observed over the course of enough reformations, the compromised node tends to connect with the particular sender more frequently than any [other] node, increasing the chances of a successful traffic analysis.
• Exit node sniffing: An exit node (the last node in a chain) has complete access to the content being transmitted from the sender to the recipient; Dan Egerstad, a Swedish researcher, used such an attack to collect the passwords of over 100 email accounts related to foreign embassies. However, this weakness can be overcome by employing end-to-end encryption (that is, encryption between the sender and the recipient), such as SSL
COMPARISON WITH OTHER ANONYMITY WORKS
Basic comparisons of Onion Routing are broadly related to anonymity mechanisms, such as remailers and Mixes and connection-based mechanisms as the Anonymizer can be done. These are very effective at anonymizing the data stream in different ways, but they pass all traffic directly from the initiator via a single filtering point to the responder. There is thus minimal protection for the anonymity of the connection itself, which is our primary focus. We therefore restrict our comments to related work that is directed to wide-spread Internet communication either below the application layer or specifically for some form of connection based traffic.
A layered object that routes data through intermediate nodes, called Mixes. These intermediate nodes may reorder, delay, and pad traffic to complicate traffic analysis. In mixes, the assumption is that a single perfect mix adequately complicates traffic analysis, but a sequence of multiple mixes is typically used because real mixes are not ideal. Because of this, mix applications can use mixes in mixed order, and often do. Onion routers differ from mixes in at least two ways: onion routers are more limited in the extent to which they delay traffic at each node because of the real-time expectations that the applications demand of socket connections. Also, in a typical onion routing configuration, onion routers are also entry points to the onion routing network, and traffic entering or exiting at those nodes may not be visible. This makes it hard to track packets, because they may drop out of the network at any node, and new packets may be introduced at each node. While onion routing cannot delay traffic to the extent that mixes can, traffic between onion routers is multiplexed over a single channel and is link encrypted with a stream cipher. This makes it hard to parse the stream.
. CONCLUSION
Here we presented a protocol called Onion Routing. The purpose of Onion Routing is to protect the anonymity of a user who wants to communicate over a network. In particular, it will hide the destinations of all communications initiated by the user. Any outside observers will not be able to tell whom the user is communicating with and for how long. To achieve this goal, Onion Routing uses Public Key Encryption to put multiple layers of encryption around the original data packet, thus creating an object called an onion. This onion will
follow a specific route through the network; and at each route a layer of encryption will be peeled off. Once the onion reaches its destination it will have been reduced to the original data packet. When a router decrypts the onion using its private key it will only get the
address of the next router along the path. So no router will ever know the full path that is travelled by the onion. Since no outside observer will be able to follow an onion while it is travelling through the network, the communication is completely anonymous.