Onion Routing
Transcript of Onion Routing
-
8/2/2019 Onion Routing
1/19
BySrianka07951A0591CSE 4B
-
8/2/2019 Onion Routing
2/19
It provides the technique for anonymouscommunication.
Main Ideais to protect the details of senderand receiver of a message and also its
content from attackers (Active and Passiveattackers)
-
8/2/2019 Onion Routing
3/19
This technique was originally developed byU.S Navy to hide the true origin of packets onan IP network.
-
8/2/2019 Onion Routing
4/19
Prevents Eaves Dropping
on a message content. Prevents traffic analysis.
-
8/2/2019 Onion Routing
5/19
Messages travel from source to destination
via a sequence of proxies known asONION ROUTERS.
It is known Chaums Mix Cascades Principle
-
8/2/2019 Onion Routing
6/19
The message sent by the sender will berepeatedly encrypted and then sent throughseveral network nodes (Onion Routers).
Each Router moves a layer of encryption touncover routing instructions and sends themessage to the next router where this isrepeated.
This prevents these intermediary nodes fromknowing the origin , destination and contentsof the message.
-
8/2/2019 Onion Routing
7/19
-
8/2/2019 Onion Routing
8/19
Defining a route
Constructing an anonymous connection
Moving data through an anonymous connection Destroying the anonymous connection
-
8/2/2019 Onion Routing
9/19
Let onion routers 4, 3, and 5 be randomly selectedby the onion proxy
-
8/2/2019 Onion Routing
10/19
The proxy encrypts the data with 5s public key followedby 3 and then 4
Thus an onion is created which looks like
E4pu (3s IP address, E3pu ((5s IPaddress, (E5pu (recipients IP address,data)))))
Cont..
-
8/2/2019 Onion Routing
11/19
From 3 to 4
From 4 to 5
From 5 to theDestination
Initially at router 3
(Packet from Proxy)
At the destination after
removing all the layers
-
8/2/2019 Onion Routing
12/19
-
8/2/2019 Onion Routing
13/19
The size of the onion reduces as it nears thedestination. Hence an attacker can infer detailsabout the destination.
To avoid this onions are padded at each onionrouter to maintain the size of the onion (Onionscan be padded to same or different sizes )
Every onion router has details of only its previousand next hop
So even if an onion router has been compromisedthe attacker can only get the encrypted onion .Hewill not be able to decrypt the onion without theprivate keys and hence will not infer any valuableinformation from it
-
8/2/2019 Onion Routing
14/19
Suppose an attacker records data going onbetween routers and is able to compromise arouter at a later stage, to acquire private key anddecrypt data.
This can be avoided by using a session keybetween communicating parties.
The session key is used to encrypt data and is valid
only for the duration of the communication.
-
8/2/2019 Onion Routing
15/19
Packet delivery is not ensured : If an onion routerfails on the way then the message will not reachthe destination.
It is susceptible to denial of service attacks: Doneby sending many packets to the routers to performmore number of cryptographic operations andstops forwarding the packets (This can be avoidedby using puzzles -those are to be answered by the
sender
but latency increases)
-
8/2/2019 Onion Routing
16/19
Wireless Anonymous Routing Protocol(WAR):Itis based on onion routing and traffic mixing. Herethe keys are distributed using a RadioGram.
Secure Distributed Anonymous RoutingProtocol (SDAR):This protocol is also based ononion routing. It does not require the source nodeto know the entire network topology unlike theprevious WAR protocol.
-
8/2/2019 Onion Routing
17/19
So by using the above technology oneimplementation came into existence knownas TOR (The Onion Router)- a secondgeneration onion router- it overcomes the
problems of first generation onion routing,and also helps in preventing from manyattacks.
-
8/2/2019 Onion Routing
18/19
QUERIES????????
-
8/2/2019 Onion Routing
19/19
THANK YOU