Scribd
Upload
230 views19 pages

Onion Routing

Onion routing is a technique for anonymous communication over a computer network. In an onion network, messages are encapsulated in layers of encryption, analogous to layers of the vegetable onion.

Uploaded by

surya
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
230 views19 pages

Onion Routing

Onion routing is a technique for anonymous communication over a computer network. In an onion network, messages are encapsulated in layers of encryption, analogous to layers of the vegetable onion.

Uploaded by

surya
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 19

Onion Routing

Organization
▪ Introduction
▪ Traffic Analysis overview
▪ Onion routing
▪ Example
▪ Problem and solution
▪ conclusion
Introduction:
Types of Attackers on
the web:

▪ Active Attackers
▪ Passive attackers
Traffic Analysis:
▪ Traffic analysis focuses on the headers,
which contain meta data like source address,
destination address, timing information etc

▪ Hence even if the packet content is


encrypted, Traffic analysis can reveal useful
information
Importance of Traffic Analysis
▪ Although traffic analysis provides lower quality
information, it is preferred over cryptanalysis.

▪ It is also cheaper because traffic data can be


automatically collected and processed to provide a
high degree of intelligence.

▪ It is used for military purposes and by various


organizations to track unpleasant events over the
internet.
Onion Routing:
▪ Onion routing is the
mechanism in which the
sender (initiator) and the
receiver (responder) nodes
communicate with each other
anonymously by means of
some intermediate nodes
called as onion routers

▪ It relies on public key


cryptography
Structure of Onion Routing:
Infrastructure for Onion Routing :

▪ Network
Infrastructure

▪ Proxy Interfaces
Steps in Onion Routing
▪ Defining a route
▪ Constructing an anonymous connection
▪ Moving data through an anonymous
connection
Example:
▪ Let onion routers 4, 3, and 5 be randomly
selected by the onion proxy
▪ The proxy encrypts the
data with 5’s public key
followed by 3 and then 4

▪ Thus an onion is created


which looks like
E4pu (3’s IP address,
E3pu ((5’s IP address,
(E5pu (recipient’s IP
address, data)))))
▪ The proxy then sends the onion
to the first onion router i.e. 4

▪ Onion router 4 peels the outer


layer of the onion using its
private key

▪ It forwards the onion to 3 which


now looks like E3pu ((5’s IP
address, (E5pu (recipient’s IP
address, data))))
▪ Onion router 3 peels
the outer layer of the
onion using its private
key

▪ It forwards the onion


to 5 which now looks
like (E5pu (recipient’s
IP address, data))
▪ Onion router 5 now peels
the outer layer of the onion
using its private key

▪ It finds plain data and the


destination address and
forwards it to the
destination
Problems and solutions
▪ The size of the onion reduces as it nears the
destination

▪ Hence an attacker can infer details about the


destination

▪ To avoid this onions are padded at each


onion router to maintain the size of the onion
(Onions can be padded to same or different
sizes )
▪ Every onion router has details of only its
previous and next hop

▪ So even if an onion router has been


compromised the attacker can only get the
encrypted onion .He will not be able to decrypt
the onion without the private keys and hence
will not infer any valuable information from it
▪ Suppose an attacker records data going on
between routers and is able to compromise a
router at a later stage, to acquire private key and
decrypt data.

▪ This can be avoided by using a session key


between communicating parties.

▪ The session key is used to encrypt data and is


valid only for the duration of the communication.
CONCLUSION
▪ Onion routing can be used in anonymous
network and also in military applications
▪ Resistant to both eavesdropping and traffic
analysis.
THANK YOU

You might also like