Download - Onion Routing Ppt
Onion Routing
Organization
▪ Introduction▪ Traffic Analysis overview▪ Onion routing▪ Example▪ Problem and solution▪ conclusion
Introduction:
Types of Attackers on the web:
▪ Active Attackers▪ Passive attackers
Traffic Analysis:
▪ Traffic analysis focuses on the headers, which contain meta data like source address, destination address, timing information etc
▪ Hence even if the packet content is encrypted, Traffic analysis can reveal useful information
Importance of Traffic Analysis
▪ Although traffic analysis provides lower quality information, it is preferred over cryptanalysis.
▪ It is also cheaper because traffic data can be automatically collected and processed to provide a high degree of intelligence.
▪ It is used for military purposes and by various organizations to track unpleasant events over the internet.
Onion Routing:▪ Onion routing is the
mechanism in which the sender (initiator) and the receiver (responder) nodes communicate with each other anonymously by means of some intermediate nodes called as onion routers
▪ It relies on public key cryptography
Structure of Onion Routing:
Infrastructure for Onion Routing :
▪ Network Infrastructure
▪ Proxy Interfaces
Steps in Onion Routing▪ Defining a route▪ Constructing an anonymous connection▪ Moving data through an anonymous
connection
Example:▪ Let onion routers 4, 3, and 5 be randomly
selected by the onion proxy
▪ The proxy encrypts the data with 5’s public key followed by 3 and then 4
▪ Thus an onion is created which looks like
E4pu (3’s IP address, E3pu ((5’s IP address, (E5pu (recipient’s IP address, data)))))
▪ The proxy then sends the onion to the first onion router i.e. 4
▪ Onion router 4 peels the outer layer of the onion using its private key
▪ It forwards the onion to 3 which now looks like E3pu ((5’s IP address, (E5pu (recipient’s IP address, data))))
▪ Onion router 3 peels the outer layer of the onion using its private key
▪ It forwards the onion to 5 which now looks like (E5pu (recipient’s IP address, data))
▪ Onion router 5 now peels the outer layer of the onion using its private key
▪ It finds plain data and the destination address and forwards it to the destination
Problems and solutions
▪ The size of the onion reduces as it nears the destination
▪ Hence an attacker can infer details about the destination
▪ To avoid this onions are padded at each onion router to maintain the size of the onion (Onions can be padded to same or different sizes )
▪ Every onion router has details of only its previous and next hop
▪ So even if an onion router has been compromised the attacker can only get the encrypted onion .He will not be able to decrypt the onion without the private keys and hence will not infer any valuable information from it
▪ Suppose an attacker records data going on between routers and is able to compromise a router at a later stage, to acquire private key and decrypt data.
▪ This can be avoided by using a session key between communicating parties.
▪ The session key is used to encrypt data and is valid only for the duration of the communication.
CONCLUSION▪ Onion routing can be used in anonymous
network and also in military applications▪ Resistant to both eavesdropping and traffic
analysis.
THANK YOU