Onion routing is a technique for anonymous communication over a computer network. In an onion network, messages are encapsulated in layers of encryption, analogous to layers of an onion. The encrypted data is transmitted through a series of network nodes called onion routers, each of which "peels" away a single layer, uncovering the data's next destination. When the final layer is decrypted, the message arrives at its destination. The sender remains anonymous because each intermediary knows only the location of the immediately preceding and following nodes.
Onion routing was developed in the mid-1990s at the U.S. Naval Research to protect U.S. intelligence communications online. It was further developed by the Defence Advanced Research Projects Agency (DARPA) and patented by the Navy in 1998. Onion Routing is implemented The Onion Routing project or TOR project.
2. Table of Contents
Overview
Anonymity and its need
Need for anonymous routing
What is Onion Routing
Implementation as TOR
How TOR works?
TOR Browser
Conclusion
References
3. Overview
Onion protocol also known as Onion Routing is a technique for anonymous
communication over a computer network.
Onion routing was developed in the mid-1990s at the U.S. Naval Research to
protect U.S. intelligence communications online.
It was further developed by the defence Advanced Research Projects Agency
(DARPA) and patented by the Navy in 1998.
Currently it is best implemented as The Onion Routing project aka TOR
4. What is Anonymity?
Anonymity is the state of being unidentifiable within a set of subjects.
Hiding your activities among other’s activities is anonymous activity.
On the internet you are not anonymous. Your IP address can be linked directly to
you.
Your browsing is being tracked. Cookies, flash cookies, HTML5 storage, cache are
some of the techniques by which browser is being tracked known as browser
fingerprinting.
5. Need for anonymity
To protect privacy and avoid tracking by advertising companies.
Protection from prosecution. Not every country guarantees free speech.
To prevent chilling-effects. It’s easier to voice unpopular or controversial opinions if
you are anonymous.
ISP’s store communication records usually for several years. Law enforcement
agencies can subpoena these records even after years.
Your activities on the web can be used to identify you by the unique websites you
use and type of links you click.
6. Need for anonymous routing
Traditionally, the right to privacy of communications has been one of the natural
rights in most countries of the world.
Unfortunately, no such regulations exist for the Internet. Even more worryingly,
there is a global trend towards organised logging of information pertaining to
individuals' activities online.
Keeping a record of a person's activities online is a stone's throw away from
infringing on the natural right of that person to privacy.
Therefore good ways are needed to protect the privacy of communications against
observers. And there comes onion routing.
7. What is Onion Routing?
Onion routing is an anonymous communication technique over a computer
network.
Messages are constantly encrypted and then sent through several network nodes
called onion routers which creates a circuit of nodes.
Each onion router removes a layer of encryption with its symmetric key to reveal
routing instructions, and sends the message to the next router where this is
process is repeated.
Thus the analogy “onion router”. This prevents these intermediary nodes from
knowing the origin, destination, and contents of the message.
8. Onion Routing
The system consists of a number of machines, called onion routers . Routers
communicate with each other over TCP. Some routers can also serve as entry
funnels, they can accept connections from the clients of the network.
Some routers can server as exit funnels, they can create TCP connections leaving
the network to the actual Internet services that are being accessed through the
Onion Routing network. Such services can be world wide web, e-mail, peer-to-peer
applications, etc.
When a client application wishes to establish an anonymous connection to a server,
it first of all connects to an application proxy.
An application proxy accepts protocol-specific connections from applications, and
converts them into a generic protocol. The packets are then forwarded to an onion
proxy.
9.
10. Onion Routing continued…
The onion proxy creates a route over the onion network and then constructs a
special data structure, an onion.
An onion is a multiply encrypted layered structure, with information about the
route through the network being spread across the layers. The onion is then passed
on to an entry funnel.
When an entry funnel receives an onion, it decrypts it, which reveals a layer
containing information about the next hop in the route constructed by the onion
proxy. This layer is then stripped off and the onion is forwarded on to this next hop.
Eventually, the onion reaches an exit funnel. The decrypted packet is identical to
the packet that was produced by the application proxy at the beginning of the
connection. This packet will then be sent to the destination TCP host.
12. Tor, An Implementation of Onion Routing
Tor is currently the most advanced implementation of Onion Routing in
use today. Tor is currently deployed on the Internet.
13. What is TOR?
It was originally developed for primary purpose of protecting government
communications.
Today, it is an open source software project used everyday for wide variety of
purposes by normal people, the military, journalists, law enforcement agencies and
activists.
It is a distributed anonymous network. It reduce the risks of both simple and
sophisticated traffic analysis by distributing transactions over several places on the
Internet.
Data packets on the Tor network take a random pathway through several relays.
No observer at any single point can tell where the data came from or where it's
going.
14. TOR overview, deployment and statistics
It introduces Hidden services. Servers which can only be accessed via the TOR
overlay.
It is the largest, most well deployed anonymity preserving service on the internet. It
is publically available since 2002. It is continuous in development.
Currently, ~5000 Tor relays are present around the world. All relays are run by
volunteers. It is suspected that some are controlled by intelligence agencies.
TOR network can be accessed by using TOR browser.
15. How TOR works?
Tor provides anonymity by bouncing your Internet traffic around a distributed
network of encrypted relays run by volunteers around the world.
20. Onion Address
Onion addresses starts with .onion
It is only accessible via a TOR network.
onion is a pseudo-top-level domain host suffix designating an anonymous hidden
service reachable via the TOR network.
Example of onion url is
http://3g2upl4pq6kufc4m.onion/ – DuckDuckGo Search Engine
http://zqktlwi4fecvo6ri.onion/wiki/index.php/Main_Page – Uncensored Hidden Wiki
21. Conclusion
Onion Routing protects the anonymity of a user and hide the destinations of all
communications initiated by the user.
Any outside observers will not be able to tell whom the user is communicating with
and for how long.
Onion Routing uses Public Key Encryption to put multiple layers of encryption
around the original data packet, thus creating an object called an onion.
This onion will follow a specific route through the network, and at each route a
layer of encryption will be peeled off. Once the onion reaches its destination it will
have been reduced to the original data packet.
When a router decrypts the onion using its private key it will only get the address
of the next router along the path. So no router will ever know the full path that is
travelled by the onion.
Since no outside observer will be able to follow an onion while it is travelling
through the network, the communication is completely anonymous.