The document summarizes Tor (The Onion Routing), an anonymizing network that allows users to improve their privacy and security on the Internet. Tor works by routing traffic through several volunteer servers run by others around the world, hiding a user's location and usage from anyone conducting network surveillance or traffic analysis. It enables a wide range of uses including circumventing censorship, protecting government communications, and allowing dissidents and journalists to communicate more safely.
3. • Onion Routing
• Tor Network
• Tor Browser Bundle
• Anonymous Surfing
• Pivoting Networks
• Anonymity – it is not cryptography, crypto just
protects content, but not the privacy of what you
are doing.
April 10, 2014
General Terms & Keywords
4. Introduction
• Beginning - Tor was originally designed,
implemented, and deployed as a third-
generation Onion Routing Project of the U.S.
Naval Research Laboratory. It was originally
developed with the U.S. Navy in mind, for the
primary purpose of protecting government
communications. Today, it is used every day for
a wide variety of purposes by normal people, the
military, journalists, law enforcement officers,
activists, and many others.
July 26, 2014
5. • Tor is a network of virtual tunnels that allows
people and groups to improve their privacy and
security on the Internet.
• It also enables software developers to create
new communication tools with built-in privacy
features.
• Tor provides the foundation for a range of
applications that allow organizations and
individuals to share information over public
networks without compromising their privacy.
July 26, 2014
Overview
6. Overview
• Individuals use Tor to keep websites from
tracking them and their family members, or to
connect to news sites, instant messaging
services, or the like when these are blocked by
their local Internet providers.
• Tor's hidden services let users publish web sites
and other services without needing to reveal the
location of the site. Individuals also use Tor for
socially sensitive communication: chat rooms
and web forums for rape and abuse survivors, or
people with illnesses.
July 26, 2014
7. Overview
• Journalists use Tor to communicate more safely
with whistleblowers and dissidents. Non-
governmental organizations (NGOs) use Tor to
allow their workers to connect to their home
website while they're in a foreign country,
without notifying everybody nearby that they're
working with that organization.
July 26, 2014
17. Why We Need Tor?
July 26, 2014
• Using Tor protects you against a common form of Internet
surveillance known as "traffic analysis." Traffic analysis
can be used to infer who is talking to whom over a public
network. Knowing the source and destination of your
Internet traffic allows others to track your behavior and
interests.
• This can impact your checkbook if, for example, an e-
commerce site uses price discrimination based on your
country or institution of origin. It can even threaten your
job and physical safety by revealing who and where you
are.
18. Why we Need Tor?
• For example, if you're travelling abroad
and you connect to your employer's
computers to check or send mail, you can
inadvertently reveal your national origin
and professional affiliation to anyone
observing the network, even if the
connection is encrypted.
July 26, 2014
19. The Onion Routing Solution
July 26, 2014
• If we protect a communications channel against
both eavesdropping and traffic analysis, and
remove identifying information from the data
stream, then we have anonymous and private
communication.
• Onion Routing provides socket connections that
are strongly resistant to both eavesdropping and
traffic analysis. The privacy of these socket
connections is moved beneath the application
layer and made application independent.
20. The Onion Routing Solution
• Unmodified Internet applications may use these
anonymous socket connections by means of
proxies. If the proxies anonymize the data
stream, anonymity may be layered on top of
anonymous socket connections. Onion Routing
was originally implemented on Sun Solaris 2.4
including proxies for HTTP (WWW), RLOGIN, e-
mail (SMTP), and FTP. Generation 2 Onion
Routing implementation, Tor, runs on most
common operating systems.
July 26, 2014
21. How Onion Routing Works:
• An application, instead of making a (socket)
connection directly to a destination machine,
makes a socket connection to an Onion Routing
Proxy. That Onion Routing Proxy builds an
anonymous connection through several other
Onion Routers to the destination. Each Onion
Router can only identify adjacent Onion Routers
along the route. Before sending data over an
anonymous connection, the first Onion Router
adds a layer of encryption for each Onion Router
in the route.
July 26, 2014
22. How Onion Routing Works:
• As data moves through the anonymous
connection, each Onion Router removes one
layer of encryption, so it finally arrives as
plaintext. This layering occurs in the reverse
order for data moving back to the initiator. Data
passed along the anonymous connection
appears different at each Onion Router, so data
cannot be tracked en route and compromised
Onion Routers cannot cooperate. When the
connection is broken, all information about the
connection is cleared at each Onion Router.
July 26, 2014
23. How Onion Routing Works:
• Onion Routing – A message is cascaded
through several routers:
• Sender defines whole path, choosing the
routers
• The message is encrypted in succession,
first with the symmetric key of the last
router, the result of that operation with the
penultimate router, and so on
• The encrypted message is sent through the
predefined path and each router only knows
the previous router and the next router
July 26, 2014
31. Attackers Trying to Block Tor
users from connecting
• 1) By blocking the directory authorities
• 2) By blocking all the relay IP addresses in the
directory, or the addresses of other Tor services
• 3) By filtering based on Tor's network fingerprint
• 4) By preventing users from finding the Tor
software (usually by blocking website)
July 26, 2014
40. Two Circumvention Systems
• Circumvention – To go around or bypass
• UltraTurf-freeware to bypass censorship and
firewall censorship using HTTP Proxy, and
employs encryption.
• Distinguishable Behavior, Lots of
unnecessary data in logs, Evidence of
unproxied traffic
• Tor
• Looks like SSL Traffic
• No extra details in logs
July 26, 2014
41. Use of Tor network in Blocked
Countries
July 26, 2014