CECS7130 – Advanced Computer Networks
TOR Pivoting Network - The Onion Routing
By: Ricardo Robles Robles Masters of Eng. Software Engineering (Candidate)
April 10, 2023
Profesor: Othoniel Rodriguez Ph.D.
Reference• TorProject.org• https://en.wikipedia.org/wiki/Java_Anon_Proxy• http://www.onion-router.net/• https://en.wikipedia.org/wiki/Tor_%28anonymity_net
work%29
• http://www.technologyreview.com/video/413186/how-tor-works/
• Tor Packet Analysis – Brent Muir
April 10, 2023
• Onion Routing• Tor Network• Tor Browser Bundle• Anonymous Surfing • Pivoting Networks• Anonymity – it is not cryptography, crypto just
protects content, but not the privacy of what you are doing.
April 10, 2014
General Terms & Keywords
Introduction• Beginning - Tor was originally designed,
implemented, and deployed as a third-generation Onion Routing Project of the U.S. Naval Research Laboratory. It was originally developed with the U.S. Navy in mind, for the primary purpose of protecting government communications. Today, it is used every day for a wide variety of purposes by normal people, the military, journalists, law enforcement officers, activists, and many others.
April 10, 2023
April 10, 2023
• Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet.
• It also enables software developers to create new communication tools with built-in privacy features.
• Tor provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy.
Overview
April 10, 2023
Overview• Individuals use Tor to keep websites from
tracking them and their family members, or to connect to news sites, instant messaging services, or the like when these are blocked by their local Internet providers.
• Tor's hidden services let users publish web sites and other services without needing to reveal the location of the site. Individuals also use Tor for socially sensitive communication: chat rooms and web forums for rape and abuse survivors, or people with illnesses.
April 10, 2023
Overview• Journalists use Tor to communicate more safely
with whistleblowers and dissidents. Non-governmental organizations (NGOs) use Tor to allow their workers to connect to their home website while they're in a foreign country, without notifying everybody nearby that they're working with that organization.
April 10, 2023
Hidden Services 1
April 10, 2023
Hidden Services 2
April 10, 2023
Hidden Services 3
April 10, 2023
Hidden Services 4
April 10, 2023
Hidden Services 5
April 10, 2023
Hidden Services 6
April 10, 2023
Survey
April 10, 2023
Visual Video Representation
• http://www.technologyreview.com/video/413186/how-tor-works/
April 10, 2023
Tor Network Diagram
April 10, 2023
Why We Need Tor?• Using Tor protects you against a common form of Internet
surveillance known as "traffic analysis." Traffic analysis can be used to infer who is talking to whom over a public network. Knowing the source and destination of your Internet traffic allows others to track your behavior and interests.
• This can impact your checkbook if, for example, an e-commerce site uses price discrimination based on your country or institution of origin. It can even threaten your job and physical safety by revealing who and where you are.
April 10, 2023
Why we Need Tor?
• For example, if you're travelling abroad and you connect to your employer's computers to check or send mail, you can inadvertently reveal your national origin and professional affiliation to anyone observing the network, even if the connection is encrypted.
April 10, 2023
The Onion Routing Solution• If we protect a communications channel against
both eavesdropping and traffic analysis, and remove identifying information from the data stream, then we have anonymous and private communication.
• Onion Routing provides socket connections that are strongly resistant to both eavesdropping and traffic analysis. The privacy of these socket connections is moved beneath the application layer and made application independent.
April 10, 2023
The Onion Routing Solution• Unmodified Internet applications may use these
anonymous socket connections by means of proxies. If the proxies anonymize the data stream, anonymity may be layered on top of anonymous socket connections. Onion Routing was originally implemented on Sun Solaris 2.4 including proxies for HTTP (WWW), RLOGIN, e-mail (SMTP), and FTP. Generation 2 Onion Routing implementation, Tor, runs on most common operating systems.
April 10, 2023
How Onion Routing Works:• An application, instead of making a (socket)
connection directly to a destination machine, makes a socket connection to an Onion Routing Proxy. That Onion Routing Proxy builds an anonymous connection through several other Onion Routers to the destination. Each Onion Router can only identify adjacent Onion Routers along the route. Before sending data over an anonymous connection, the first Onion Router adds a layer of encryption for each Onion Router in the route.
April 10, 2023
How Onion Routing Works:• As data moves through the anonymous
connection, each Onion Router removes one layer of encryption, so it finally arrives as plaintext. This layering occurs in the reverse order for data moving back to the initiator. Data passed along the anonymous connection appears different at each Onion Router, so data cannot be tracked en route and compromised Onion Routers cannot cooperate. When the connection is broken, all information about the connection is cleared at each Onion Router.
April 10, 2023
How Onion Routing Works:• Onion Routing – A message is cascaded
through several routers:• Sender defines whole path, choosing the
routers• The message is encrypted in succession,
first with the symmetric key of the last router, the result of that operation with the penultimate router, and so on
• The encrypted message is sent through the predefined path and each router only knows the previous router and the next router
April 10, 2023
Tor Model:
April 10, 2023
Tor Relay Graph as of 4/29/2014
April 10, 2023
Tor Relay Platforms
April 10, 2023
Tor’s Code
• Tor's code released in 2002
• Tor's design paper published in 2004
• The clock starts ticking...
April 10, 2023
Basic Tor Design
April 10, 2023
Basic Tor Design
April 10, 2023
Basic Tor Design
April 10, 2023
Attackers Trying to Block Tor users from connecting• 1) By blocking the directory authorities
• 2) By blocking all the relay IP addresses in the directory, or the addresses of other Tor services
• 3) By filtering based on Tor's network fingerprint
• 4) By preventing users from finding the Tor software (usually by blocking website)
April 10, 2023
April 10, 2023
April 10, 2023
Blocked Sites in U.S.
April 10, 2023
Blocked Sites in the U.S.• 2012christians.com• 2012coolhats.com• 23isking.com• angelsjerseysstore.com• authenticbullsshop.com• authenticheatshop.com• authenticlakersshop.com• authenticmagicshop.com• authenticmavericksshop.com• authenticthundershop.com• autoforms.info
April 10, 2023
April 10, 2023
Tor vs non-Tor Nerworks
April 10, 2023
Connections of Tor Users
April 10, 2023
Tor use in Blocked Countries
April 10, 2023
Two Circumvention Systems• Circumvention – To go around or bypass• UltraTurf-freeware to bypass censorship and
firewall censorship using HTTP Proxy, and employs encryption.• Distinguishable Behavior, Lots of
unnecessary data in logs, Evidence of unproxied traffic
• Tor• Looks like SSL Traffic• No extra details in logs
April 10, 2023
Use of Tor network in Blocked Countries
April 10, 2023
Tor use in Various Countries
April 10, 2023
Alternate to Tor
• Java Anon Proxy, JAP or JonDonym• I2P• HotSpot Shield• Tunnelbear• Vidalia• Orbot• FreeVPN.me
April 10, 2023
Tor Example Sites
• http://xmh57jrzrnw6insl.onion/ - Torch• http://torlinkbgs6aabns.onion/index.php -
TorLinks• http://2ogmrlfzdthnwkez.onion/ -
RentAHacker• http://ybp4oezfhk24hxmb.onion/ - Hitman
Network (Contract Killers)• http://en35tuzqmn4lofbk.onion/ -
USFakeIDs
April 10, 2023
April 10, 2023
April 10, 2023
April 10, 2023
Questions/Comments
April 10, 2023