SlideShare uma empresa Scribd logo

Tor the onion router

Transferir como PPTX, PDF
Ashly Liza
Ashly Liza
Tecnologia
1 de 38
Tor – The Onion Router Presented By Ashly Liza Philip S5 MCA Roll No. 06 MACE
Privacy in public networks  Internet is designed as a public network.  Routing information is public.  Encryption does not hide identities.  Prone to „traffic analysis‟
Contd.. Internet data packet Header Data payload Source, Whatever being sent destination, time Encryption can‟t Hidden by hide encryption
What is Anonymity?  State of being not identifiable within a set of subjects.  Unlink-ability of action and identity  Unobserve-ability (hard to achieve)
Applications of Anonymity Privacy Untraceable electronic mail Law enforcement and intelligence Anonymous electronic voting Censorship-resistant publishing
Anonymous networks PipeNet Garlic Routing Onion Routing Anonymizer Crowds Java Anon Proxy
Onion Routing  By David Goldschlag, Michael Reed, Paul Syverson  ONION; special data structure.  Uses public key cryptography  Hides source and destination  Anonymize TCP-based applications  Protects anonymity of a user over network  Resistant to eavesdropping and traffic analysis
Working of Onion Routing  Uses an Onion Proxy  Routes data randomly  A router knows only its predecessor and successor  No correspondence between data layers  Different onion at each hop
R R4 R R R3 R1 R R Alice R2 R Bob  Sender chooses a random sequence of routers -Some routers are honest, some controlled by attacker -Sender controls the length of the path slide 9
Decrypting an Onion
Contd..
Tor – Implementation of Onion Routing  TOR stands for „The Onion Router.‟  Second generation onion router.  Low-latency anonymous network  By Paul Syverson, Nick Mathewson, Roger Dingledine in 2004  Maintained by Free Haven Project  Hundreds of nodes on all continents
Contd..  “Easy-to-use” client proxy  Freely available  Supports only TCP  Uses SOCKS interface  No observer can tell where data comes from/going
Advancements over Onion Routing Perfect forward secrecy Variable exit policies Directory servers Leaky-pipe circuit topology End-to-end integrity checking SOCKS interface
How Tor works?  Same as Onion Routing  Uses Diffie-Hellman key exchange  Distributes data over several places  Takes random pathway  Used with Privoxy
Tor Circuit  Each circuit shared by multiple TCP streams  Circuit created preemptively  Can recover from failure
Circuit setup Built from entry point one step at a time Circuit ID is chosen randomly Diffie-Hellman process initiated Negotiate a symmetric session key Circuit extension and Relay packet
Tor Circuit setup(1) Client proxy establish a symmetric session key and circuit with Onion Router #1
Tor Circuit setup(2) Circuit extension
Tor Circuit setup(3) Client proxy extends the circuit by establishing a symmetric session key with Onion Router #3
Using circuit
Cells in Tor Cell (512bytes) Header Payload CircID Data Command
Contd.. Based on commands in cells:- Control cells Relay cells Cells
Commands in cells Control cells Relay Cells • -padding • - relay data • -create/created • -relay begin • -destroy • -relay end • -relay connected • -relay teardown • -relay connected • -relay extend/extended • -relay truncate/truncated
E.g. Fetching a webpage
Congestion control OR keeps track of PACKAGE WINDOW & DELIVERY WINDOW • Window initialized to 1000cells • Decremented accordingly Circuit throttling • Forward nothing on reaching 0 • Window initialized to 500cells • Use relay sendme cells Stream throttling • Incremented on receiving relay sendme
Hidden services  Allow location hidden services  Both end-points remain anonymous  Both parties connect via a third party, the rendezvous point  Introduction points act as contact points  Server can be operated from inside a firewall
Creating and connecting to a Location hidden service
Attacks on Tor Passive attacks Active attacks Attacks against Rendezvous points Directory attacks
Users of Tor Law Militaries enforcement Bloggers officers Journalists High profile Activists and audience people NGO‟s
Weaknesses End-to-end Slow network Illegal use correlation
Real world deployment The Tor download page.
The Tor/Privoxy installer. Tor in the Windows system tray.
Setting up a proxy for Internet Explorer The Tor detector
Future enhancements  Usability and Integration  Scalability  Caching at exit nodes
Conclusion  Tor becomes most widely used anonymous network with its speed  Tor supports mutual anonymity with the help of Rendezvous Point  Tor resists local adversary effectively  Tor anonymizes TCP streams, providing a high- throughput and low-latency network compared to the onion routing
Tor the onion router
Tor the onion router

Recomendados

Introduction to anonymity network tor
Introduction to anonymity network torIntroduction to anonymity network tor
Introduction to anonymity network torKhaled Mosharraf
 
Introduction to Tor
Introduction to TorIntroduction to Tor
Introduction to TorJaskaran Narula
 
Tor: The Second Generation Onion Router
Tor: The Second Generation Onion RouterTor: The Second Generation Onion Router
Tor: The Second Generation Onion RouterMohammed Bharmal
 
Tor Network
Tor NetworkTor Network
Tor NetworkMuhammad Jabir A C K
 
The Deep Web, TOR Network and Internet Anonymity
The Deep Web, TOR Network and Internet AnonymityThe Deep Web, TOR Network and Internet Anonymity
The Deep Web, TOR Network and Internet AnonymityAbhimanyu Singh
 
Tor the onion router
Tor the onion routerTor the onion router
Tor the onion routern|u - The Open Security Community
 
TOR NETWORK
TOR NETWORKTOR NETWORK
TOR NETWORKRishikese MR
 
Tor Presentation
Tor PresentationTor Presentation
Tor PresentationHassan Faraz
 

Recomendados

Introduction to anonymity network tor
Introduction to anonymity network torIntroduction to anonymity network tor
Introduction to anonymity network torKhaled Mosharraf
 
Introduction to Tor
Introduction to TorIntroduction to Tor
Introduction to TorJaskaran Narula
 
Tor: The Second Generation Onion Router
Tor: The Second Generation Onion RouterTor: The Second Generation Onion Router
Tor: The Second Generation Onion RouterMohammed Bharmal
 
Tor Network
Tor NetworkTor Network
Tor NetworkMuhammad Jabir A C K
 
The Deep Web, TOR Network and Internet Anonymity
The Deep Web, TOR Network and Internet AnonymityThe Deep Web, TOR Network and Internet Anonymity
The Deep Web, TOR Network and Internet AnonymityAbhimanyu Singh
 
Tor the onion router
Tor the onion routerTor the onion router
Tor the onion routern|u - The Open Security Community
 
TOR NETWORK
TOR NETWORKTOR NETWORK
TOR NETWORKRishikese MR
 
Tor Presentation
Tor PresentationTor Presentation
Tor PresentationHassan Faraz
 
Onion protocol
Onion protocolOnion protocol
Onion protocolAnshu Raj
 
Darknets - Introduction & Deanonymization of Tor Users By Hitesh Bhatia
Darknets - Introduction & Deanonymization of Tor Users By Hitesh BhatiaDarknets - Introduction & Deanonymization of Tor Users By Hitesh Bhatia
Darknets - Introduction & Deanonymization of Tor Users By Hitesh BhatiaOWASP Delhi
 
The Onion Routing (TOR)
The Onion Routing (TOR)The Onion Routing (TOR)
The Onion Routing (TOR)Amrit Khandelwal
 
introduction to Botnet
introduction to Botnetintroduction to Botnet
introduction to Botnetyogendra singh chahar
 
Investigating Using the Dark Web
Investigating Using the Dark WebInvestigating Using the Dark Web
Investigating Using the Dark WebCase IQ
 
Deep Dark Web - How to get inside?
Deep Dark Web - How to get inside?Deep Dark Web - How to get inside?
Deep Dark Web - How to get inside?Anshu Prateek
 
The Dark side of the Web
The Dark side of the WebThe Dark side of the Web
The Dark side of the WebPaula Ripoll Cacho
 
Dark web presentation
Dark web presentationDark web presentation
Dark web presentationTo Mal
 
Packet sniffing
Packet sniffingPacket sniffing
Packet sniffingShyama Bhuvanendran
 
Wireshark Basic Presentation
Wireshark Basic PresentationWireshark Basic Presentation
Wireshark Basic PresentationMD. SHORIFUL ISLAM
 
The Dark Web
The Dark WebThe Dark Web
The Dark WebSuraj Jaundoo
 
Network traffic analysis with cyber security
Network traffic analysis with cyber securityNetwork traffic analysis with cyber security
Network traffic analysis with cyber securityKAMALI PRIYA P
 
Darknet
DarknetDarknet
DarknetHiro Oshikawa
 
Onion routing and tor: Fundamentals and Anonymity
Onion routing and tor: Fundamentals and AnonymityOnion routing and tor: Fundamentals and Anonymity
Onion routing and tor: Fundamentals and Anonymityanurag singh
 
Wired and Wireless Network Forensics
Wired and Wireless Network ForensicsWired and Wireless Network Forensics
Wired and Wireless Network ForensicsSavvius, Inc
 
Dark web
Dark webDark web
Dark webaakshidhingra
 
Wireshark Traffic Analysis
Wireshark Traffic AnalysisWireshark Traffic Analysis
Wireshark Traffic AnalysisDavid Sweigert
 
Network forensic
Network forensicNetwork forensic
Network forensicManjushree Mashal
 
Deep web and Dark web
Deep web and Dark webDeep web and Dark web
Deep web and Dark webParvez Hossain
 
Network forensics1
Network forensics1Network forensics1
Network forensics1Santosh Khadsare
 
Igcse2010 -osmosis & diffusion
Igcse2010 -osmosis & diffusionIgcse2010 -osmosis & diffusion
Igcse2010 -osmosis & diffusionbiologia, geologia , poesía , vida,
 
Laporan Praktikum Difusi Osmosis dan Plasmolisis
Laporan Praktikum Difusi Osmosis dan PlasmolisisLaporan Praktikum Difusi Osmosis dan Plasmolisis
Laporan Praktikum Difusi Osmosis dan PlasmolisisNur Meili Zakiyah
 

Mais conteúdo relacionado

Mais procurados

Onion protocol
Onion protocolOnion protocol
Onion protocolAnshu Raj
 
Darknets - Introduction & Deanonymization of Tor Users By Hitesh Bhatia
Darknets - Introduction & Deanonymization of Tor Users By Hitesh BhatiaDarknets - Introduction & Deanonymization of Tor Users By Hitesh Bhatia
Darknets - Introduction & Deanonymization of Tor Users By Hitesh BhatiaOWASP Delhi
 
Investigating Using the Dark Web
Investigating Using the Dark WebInvestigating Using the Dark Web
Investigating Using the Dark WebCase IQ
 
Deep Dark Web - How to get inside?
Deep Dark Web - How to get inside?Deep Dark Web - How to get inside?
Deep Dark Web - How to get inside?Anshu Prateek
 
Dark web presentation
Dark web presentationDark web presentation
Dark web presentationTo Mal
 
Network traffic analysis with cyber security
Network traffic analysis with cyber securityNetwork traffic analysis with cyber security
Network traffic analysis with cyber securityKAMALI PRIYA P
 
Onion routing and tor: Fundamentals and Anonymity
Onion routing and tor: Fundamentals and AnonymityOnion routing and tor: Fundamentals and Anonymity
Onion routing and tor: Fundamentals and Anonymityanurag singh
 
Wired and Wireless Network Forensics
Wired and Wireless Network ForensicsWired and Wireless Network Forensics
Wired and Wireless Network ForensicsSavvius, Inc
 
Wireshark Traffic Analysis
Wireshark Traffic AnalysisWireshark Traffic Analysis
Wireshark Traffic AnalysisDavid Sweigert
 

Mais procurados (20)

Onion protocol
Onion protocolOnion protocol
Onion protocol
 
Darknets - Introduction & Deanonymization of Tor Users By Hitesh Bhatia
Darknets - Introduction & Deanonymization of Tor Users By Hitesh BhatiaDarknets - Introduction & Deanonymization of Tor Users By Hitesh Bhatia
Darknets - Introduction & Deanonymization of Tor Users By Hitesh Bhatia
 
The Onion Routing (TOR)
The Onion Routing (TOR)The Onion Routing (TOR)
The Onion Routing (TOR)
 
introduction to Botnet
introduction to Botnetintroduction to Botnet
introduction to Botnet
 
Investigating Using the Dark Web
Investigating Using the Dark WebInvestigating Using the Dark Web
Investigating Using the Dark Web
 
Deep Dark Web - How to get inside?
Deep Dark Web - How to get inside?Deep Dark Web - How to get inside?
Deep Dark Web - How to get inside?
 
The Dark side of the Web
The Dark side of the WebThe Dark side of the Web
The Dark side of the Web
 
Dark web presentation
Dark web presentationDark web presentation
Dark web presentation
 
Packet sniffing
Packet sniffingPacket sniffing
Packet sniffing
 
Wireshark Basic Presentation
Wireshark Basic PresentationWireshark Basic Presentation
Wireshark Basic Presentation
 
The Dark Web
The Dark WebThe Dark Web
The Dark Web
 
Network traffic analysis with cyber security
Network traffic analysis with cyber securityNetwork traffic analysis with cyber security
Network traffic analysis with cyber security
 
Darknet
DarknetDarknet
Darknet
 
Onion routing and tor: Fundamentals and Anonymity
Onion routing and tor: Fundamentals and AnonymityOnion routing and tor: Fundamentals and Anonymity
Onion routing and tor: Fundamentals and Anonymity
 
Wired and Wireless Network Forensics
Wired and Wireless Network ForensicsWired and Wireless Network Forensics
Wired and Wireless Network Forensics
 
Dark web
Dark webDark web
Dark web
 
Wireshark Traffic Analysis
Wireshark Traffic AnalysisWireshark Traffic Analysis
Wireshark Traffic Analysis
 
Network forensic
Network forensicNetwork forensic
Network forensic
 
Deep web and Dark web
Deep web and Dark webDeep web and Dark web
Deep web and Dark web
 
Network forensics1
Network forensics1Network forensics1
Network forensics1
 

Destaque

Laporan Praktikum Difusi Osmosis dan Plasmolisis
Laporan Praktikum Difusi Osmosis dan PlasmolisisLaporan Praktikum Difusi Osmosis dan Plasmolisis
Laporan Praktikum Difusi Osmosis dan PlasmolisisNur Meili Zakiyah
 
Osmosis report powerpoint
Osmosis report powerpointOsmosis report powerpoint
Osmosis report powerpointclairebloom
 
Osmosis, diffusion, active transport
Osmosis, diffusion, active transportOsmosis, diffusion, active transport
Osmosis, diffusion, active transportMarthese Azzopardi
 
ReverseOsmosisLabReport
ReverseOsmosisLabReportReverseOsmosisLabReport
ReverseOsmosisLabReportJanet Mok
 
Aprevised osmosis lab
Aprevised osmosis labAprevised osmosis lab
Aprevised osmosis labsbarkanic
 
132441402 chapter-3-movement-of-substances-across-the-plasma-membrane
132441402 chapter-3-movement-of-substances-across-the-plasma-membrane132441402 chapter-3-movement-of-substances-across-the-plasma-membrane
132441402 chapter-3-movement-of-substances-across-the-plasma-membraneLim Yee Yern
 
Osmosis project of chemistry
Osmosis project of chemistryOsmosis project of chemistry
Osmosis project of chemistryAyushi Sharma
 
Bio22 Lab - Ex 4 (Cell Transport - Osmosis in Human RBC)
Bio22 Lab - Ex 4 (Cell Transport - Osmosis in Human RBC)Bio22 Lab - Ex 4 (Cell Transport - Osmosis in Human RBC)
Bio22 Lab - Ex 4 (Cell Transport - Osmosis in Human RBC)Josh Protacio
 
Biologi f4 sbp akhir tahun 2008
Biologi f4 sbp akhir tahun 2008Biologi f4 sbp akhir tahun 2008
Biologi f4 sbp akhir tahun 2008Stanley Lee
 
1 p9 onion cells 291110
1 p9 onion cells 2911101 p9 onion cells 291110
1 p9 onion cells 291110drgav2005
 
Experiment 2 transport of materials across cell membranes and plant cell wate...
Experiment 2 transport of materials across cell membranes and plant cell wate...Experiment 2 transport of materials across cell membranes and plant cell wate...
Experiment 2 transport of materials across cell membranes and plant cell wate...Nadine Uy
 
Onion and cheek cell lab
Onion and cheek cell labOnion and cheek cell lab
Onion and cheek cell labD Sanders
 
Ib biology lab_report_sample
Ib biology lab_report_sampleIb biology lab_report_sample
Ib biology lab_report_samplenpopova
 
Diffusion and osmosis student handout
Diffusion and osmosis student handout Diffusion and osmosis student handout
Diffusion and osmosis student handout ilanasaxe
 
Diffusion lab
Diffusion labDiffusion lab
Diffusion lab14771
 

Destaque (20)

Igcse2010 -osmosis & diffusion
Igcse2010 -osmosis & diffusionIgcse2010 -osmosis & diffusion
Igcse2010 -osmosis & diffusion
 
Laporan Praktikum Difusi Osmosis dan Plasmolisis
Laporan Praktikum Difusi Osmosis dan PlasmolisisLaporan Praktikum Difusi Osmosis dan Plasmolisis
Laporan Praktikum Difusi Osmosis dan Plasmolisis
 
Osmosis report powerpoint
Osmosis report powerpointOsmosis report powerpoint
Osmosis report powerpoint
 
Osmosis, diffusion, active transport
Osmosis, diffusion, active transportOsmosis, diffusion, active transport
Osmosis, diffusion, active transport
 
ReverseOsmosisLabReport
ReverseOsmosisLabReportReverseOsmosisLabReport
ReverseOsmosisLabReport
 
Aprevised osmosis lab
Aprevised osmosis labAprevised osmosis lab
Aprevised osmosis lab
 
Plasmolysis
PlasmolysisPlasmolysis
Plasmolysis
 
132441402 chapter-3-movement-of-substances-across-the-plasma-membrane
132441402 chapter-3-movement-of-substances-across-the-plasma-membrane132441402 chapter-3-movement-of-substances-across-the-plasma-membrane
132441402 chapter-3-movement-of-substances-across-the-plasma-membrane
 
Igcse2010 fernando enzymes
Igcse2010 fernando enzymesIgcse2010 fernando enzymes
Igcse2010 fernando enzymes
 
Osmosis project of chemistry
Osmosis project of chemistryOsmosis project of chemistry
Osmosis project of chemistry
 
Cells Osmosis
Cells OsmosisCells Osmosis
Cells Osmosis
 
Bio22 Lab - Ex 4 (Cell Transport - Osmosis in Human RBC)
Bio22 Lab - Ex 4 (Cell Transport - Osmosis in Human RBC)Bio22 Lab - Ex 4 (Cell Transport - Osmosis in Human RBC)
Bio22 Lab - Ex 4 (Cell Transport - Osmosis in Human RBC)
 
Biologi f4 sbp akhir tahun 2008
Biologi f4 sbp akhir tahun 2008Biologi f4 sbp akhir tahun 2008
Biologi f4 sbp akhir tahun 2008
 
1 p9 onion cells 291110
1 p9 onion cells 2911101 p9 onion cells 291110
1 p9 onion cells 291110
 
Experiment 2 transport of materials across cell membranes and plant cell wate...
Experiment 2 transport of materials across cell membranes and plant cell wate...Experiment 2 transport of materials across cell membranes and plant cell wate...
Experiment 2 transport of materials across cell membranes and plant cell wate...
 
Onion and cheek cell lab
Onion and cheek cell labOnion and cheek cell lab
Onion and cheek cell lab
 
Ib biology lab_report_sample
Ib biology lab_report_sampleIb biology lab_report_sample
Ib biology lab_report_sample
 
Classificazione software
Classificazione softwareClassificazione software
Classificazione software
 
Diffusion and osmosis student handout
Diffusion and osmosis student handout Diffusion and osmosis student handout
Diffusion and osmosis student handout
 
Diffusion lab
Diffusion labDiffusion lab
Diffusion lab
 

Semelhante a Tor the onion router

Anonymity in the web based on routing protocols
Anonymity in the web based on routing protocolsAnonymity in the web based on routing protocols
Anonymity in the web based on routing protocolsBiagio Botticelli
 
Anonymous Network
Anonymous NetworkAnonymous Network
Anonymous Networkpauldeng
 
Information security using onion routing(tor)
Information security using onion routing(tor)Information security using onion routing(tor)
Information security using onion routing(tor)Kaustubh Joshi
 
Anonymous Security Scanning and Browsing
Anonymous Security Scanning and BrowsingAnonymous Security Scanning and Browsing
Anonymous Security Scanning and BrowsingAbhilash Venkata
 
OnionBots: Subverting Privacy Infrastructure for Cyber Attacks
OnionBots: Subverting Privacy Infrastructure for Cyber AttacksOnionBots: Subverting Privacy Infrastructure for Cyber Attacks
OnionBots: Subverting Privacy Infrastructure for Cyber AttacksAmirali Sanatinia
 
SDN and Named Data Networking Security
SDN and Named Data Networking SecuritySDN and Named Data Networking Security
SDN and Named Data Networking Securitywolverinetyagi
 
Internet architecture
Internet architectureInternet architecture
Internet architectureNaman Rastogi
 
AASR Authenticated Anonymous Secure Routing for MANETs in Adversarial Environ...
AASR Authenticated Anonymous Secure Routing for MANETs in Adversarial Environ...AASR Authenticated Anonymous Secure Routing for MANETs in Adversarial Environ...
AASR Authenticated Anonymous Secure Routing for MANETs in Adversarial Environ...AAKASH S
 
Anonymity in the Web based on Routing Protocols
Anonymity in the Web based on Routing ProtocolsAnonymity in the Web based on Routing Protocols
Anonymity in the Web based on Routing ProtocolsBiagio Botticelli
 

Semelhante a Tor the onion router (20)

Anonymity in the web based on routing protocols
Anonymity in the web based on routing protocolsAnonymity in the web based on routing protocols
Anonymity in the web based on routing protocols
 
Onion Routing.ppt
Onion Routing.pptOnion Routing.ppt
Onion Routing.ppt
 
tor
tortor
tor
 
Anonymity Network TOR
Anonymity Network TOR Anonymity Network TOR
Anonymity Network TOR
 
Anonymous Network
Anonymous NetworkAnonymous Network
Anonymous Network
 
Overlay networks
Overlay networksOverlay networks
Overlay networks
 
Anonymous traffic network
Anonymous traffic networkAnonymous traffic network
Anonymous traffic network
 
Information security using onion routing(tor)
Information security using onion routing(tor)Information security using onion routing(tor)
Information security using onion routing(tor)
 
Anonymous Security Scanning and Browsing
Anonymous Security Scanning and BrowsingAnonymous Security Scanning and Browsing
Anonymous Security Scanning and Browsing
 
OnionBots: Subverting Privacy Infrastructure for Cyber Attacks
OnionBots: Subverting Privacy Infrastructure for Cyber AttacksOnionBots: Subverting Privacy Infrastructure for Cyber Attacks
OnionBots: Subverting Privacy Infrastructure for Cyber Attacks
 
Rumor riding
Rumor ridingRumor riding
Rumor riding
 
SDN and Named Data Networking Security
SDN and Named Data Networking SecuritySDN and Named Data Networking Security
SDN and Named Data Networking Security
 
Internet architecture
Internet architectureInternet architecture
Internet architecture
 
Tor
TorTor
Tor
 
AASR Authenticated Anonymous Secure Routing for MANETs in Adversarial Environ...
AASR Authenticated Anonymous Secure Routing for MANETs in Adversarial Environ...AASR Authenticated Anonymous Secure Routing for MANETs in Adversarial Environ...
AASR Authenticated Anonymous Secure Routing for MANETs in Adversarial Environ...
 
Network Concepts
Network ConceptsNetwork Concepts
Network Concepts
 
Tor
TorTor
Tor
 
Anonymity in the Web based on Routing Protocols
Anonymity in the Web based on Routing ProtocolsAnonymity in the Web based on Routing Protocols
Anonymity in the Web based on Routing Protocols
 
File000140
File000140File000140
File000140
 
Security attacks
Security attacksSecurity attacks
Security attacks
 

Último

How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterMydbops
 
Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024TopCSSGallery
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationKnoldus Inc.
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
QCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesQCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesBernd Ruecker
 
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesMuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesManik S Magar
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesKari Kakkonen
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...Wes McKinney
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Nikki Chapple
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observabilityitnewsafrica
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesThousandEyes
 

Último (20)

How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL Router
 
Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog Presentation
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
QCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesQCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architectures
 
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesMuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examples
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
 

Tor the onion router

  • 1. Tor – The Onion Router Presented By Ashly Liza Philip S5 MCA Roll No. 06 MACE
  • 2. Privacy in public networks  Internet is designed as a public network.  Routing information is public.  Encryption does not hide identities.  Prone to „traffic analysis‟
  • 3. Contd.. Internet data packet Header Data payload Source, Whatever being sent destination, time Encryption can‟t Hidden by hide encryption
  • 4. What is Anonymity?  State of being not identifiable within a set of subjects.  Unlink-ability of action and identity  Unobserve-ability (hard to achieve)
  • 5. Applications of Anonymity Privacy Untraceable electronic mail Law enforcement and intelligence Anonymous electronic voting Censorship-resistant publishing
  • 6. Anonymous networks PipeNet Garlic Routing Onion Routing Anonymizer Crowds Java Anon Proxy
  • 7. Onion Routing  By David Goldschlag, Michael Reed, Paul Syverson  ONION; special data structure.  Uses public key cryptography  Hides source and destination  Anonymize TCP-based applications  Protects anonymity of a user over network  Resistant to eavesdropping and traffic analysis
  • 8. Working of Onion Routing  Uses an Onion Proxy  Routes data randomly  A router knows only its predecessor and successor  No correspondence between data layers  Different onion at each hop
  • 9. R R4 R R R3 R1 R R Alice R2 R Bob  Sender chooses a random sequence of routers -Some routers are honest, some controlled by attacker -Sender controls the length of the path slide 9
  • 12. Tor – Implementation of Onion Routing  TOR stands for „The Onion Router.‟  Second generation onion router.  Low-latency anonymous network  By Paul Syverson, Nick Mathewson, Roger Dingledine in 2004  Maintained by Free Haven Project  Hundreds of nodes on all continents
  • 13. Contd..  “Easy-to-use” client proxy  Freely available  Supports only TCP  Uses SOCKS interface  No observer can tell where data comes from/going
  • 14. Advancements over Onion Routing Perfect forward secrecy Variable exit policies Directory servers Leaky-pipe circuit topology End-to-end integrity checking SOCKS interface
  • 15. How Tor works?  Same as Onion Routing  Uses Diffie-Hellman key exchange  Distributes data over several places  Takes random pathway  Used with Privoxy
  • 16. Tor Circuit  Each circuit shared by multiple TCP streams  Circuit created preemptively  Can recover from failure
  • 17. Circuit setup Built from entry point one step at a time Circuit ID is chosen randomly Diffie-Hellman process initiated Negotiate a symmetric session key Circuit extension and Relay packet
  • 18. Tor Circuit setup(1) Client proxy establish a symmetric session key and circuit with Onion Router #1
  • 19. Tor Circuit setup(2) Circuit extension
  • 20. Tor Circuit setup(3) Client proxy extends the circuit by establishing a symmetric session key with Onion Router #3
  • 22. Cells in Tor Cell (512bytes) Header Payload CircID Data Command
  • 23. Contd.. Based on commands in cells:- Control cells Relay cells Cells
  • 24. Commands in cells Control cells Relay Cells • -padding • - relay data • -create/created • -relay begin • -destroy • -relay end • -relay connected • -relay teardown • -relay connected • -relay extend/extended • -relay truncate/truncated
  • 25. E.g. Fetching a webpage
  • 26. Congestion control OR keeps track of PACKAGE WINDOW & DELIVERY WINDOW • Window initialized to 1000cells • Decremented accordingly Circuit throttling • Forward nothing on reaching 0 • Window initialized to 500cells • Use relay sendme cells Stream throttling • Incremented on receiving relay sendme
  • 27. Hidden services  Allow location hidden services  Both end-points remain anonymous  Both parties connect via a third party, the rendezvous point  Introduction points act as contact points  Server can be operated from inside a firewall
  • 28. Creating and connecting to a Location hidden service
  • 29. Attacks on Tor Passive attacks Active attacks Attacks against Rendezvous points Directory attacks
  • 30. Users of Tor Law Militaries enforcement Bloggers officers Journalists High profile Activists and audience people NGO‟s
  • 31. Weaknesses End-to-end Slow network Illegal use correlation
  • 32. Real world deployment The Tor download page.
  • 33. The Tor/Privoxy installer. Tor in the Windows system tray.
  • 34. Setting up a proxy for Internet Explorer The Tor detector
  • 35. Future enhancements  Usability and Integration  Scalability  Caching at exit nodes
  • 36. Conclusion  Tor becomes most widely used anonymous network with its speed  Tor supports mutual anonymity with the help of Rendezvous Point  Tor resists local adversary effectively  Tor anonymizes TCP streams, providing a high- throughput and low-latency network compared to the onion routing