Professional Documents
Culture Documents
Onion Routing
Onion Routing
(TOR Project)
Anthony Prasetyo - 1701320781
Evan Korius - 170
Rahadian Adinugroho - 1701358641
Raymond Haryanto - 17013120674
Table of Contents
Chapter I: Project Description................................................................3
Project Brief..................................................................................3
Introduction................................................................................3
What is TOR?...............................................................................3
Background....................................................................................4
Why The Internet is not secure.........................................................4
Surface Web................................................................................5
Deep Web...................................................................................5
Dark Web....................................................................................6
Dark Web or Deep Web...................................................................7
Chapter II: Objective...........................................................................8
Chapter III: Research...........................................................................8
Why Dark Web Cannot be Accessed Directly?............................................8
How to access deep and dark web?.......................................................8
What is TOR Project?........................................................................9
Who Uses TOR?..............................................................................10
What are .onion sites?.....................................................................10
How do .onion sites work?..............................................................10
Chapter IV: Type of Transparency...........................................................11
Chapter V: System Architecture.............................................................11
Chapter VI: Process / Communication.....................................................12
Chapter VI: Fault Tolerance..................................................................14
Chapter VII: Security..........................................................................14
Security mechanisms.......................................................................15
Chapter VIII: Current Weaknesses..........................................................16
Exit node eavesdropping...................................................................16
Sniper attack................................................................................16
Bandwidth hogging.........................................................................16
Email.........................................................................................16
Chapter IX: Conclusion.......................................................................17
Introduction
What is Internet? A means of connecting a computer to any other
computer anywhere in the world via dedicated routers and servers. When
two computers are connected over the Internet, they can send
and receive all kinds of information such as text, graphics, voice, video,
and computer programs. However all the activities that we had done and
our identities would be recorded into logs and easily tracked by other
parties. Therefore, there is an organization that created another dimension
of internet to help us to maintain our privacy called The Dark Web.
The Dark Web is a term that refers specifically to a collection of
websites that are available to everyone, but protects the identity such as IP
addresses of the servers and the user. Thus these servers can be visited by
any web user, but it is very difficult to work out who is behind the sites. And
you cannot find these sites using search engines. Almost all sites on the socalled Dark Web hide their identity using the Tor encryption tool. You may
know Tor for its end-user-hiding properties. You can use Tor to hide your
identity, and spoof your location. When a website is run through Tor it has
much the same effect.
Indeed, it multiplies the effect. To visit a site on the Dark Web that is
using Tor encryption, the web user needs to be using Tor. Just as the end
user's IP is bounced through several layers of encryption to appear to be at
another IP address on the Tor network, so is that of the website. So there
are several layers of magnitude more secrecy than the already secret act of
using Tor to visit a website on the open internet - for both parties.
What is TOR?
Tor is software that allows users to browse the web anonymously.
Developed by the Tor Project, a nonprofit organization that advocates for
anonymity on the internet, Tor was originally called The Onion Router
because it uses a technique called onion routing to conceal information
about user activity. The TOR Browser is made on top of Firefox platform
which makes it very secure and stable browser. Mozilla Firefox & Tor
browser shares almost equal set of features. The Tor Browser Bundle (TBB)
uses Mozilla Firefox Extended Support Release (ESR). Since TBB has the goal
to be secure and stable, it uses the ESR version, not the latest and greatest
Firefox. The TBB is regularly updated with the latest version of Firefox ESR.
Background
Surface Web
This is the easy one. Its the common Internet everyone uses to read
news, visit Facebook, and shop. Just consider this the regular Internet.
Deep Web
The deep Web is the part of the Internet that is inaccessible to
conventional search engine s, and consequently, to most users. According to
researcher Marcus P. Zillman of DeepWebResearch.info, as of January 2006,
the deep Web contained somewhere in the vicinity of 900 billion pages of
information. In contrast, Google, the largest search engine, had indexed
just 25 billion pages.
Deep Web content might include information in private databases
that are accessible over the Internet but not intended to be crawled by
search engines. For example, some universities, government agencies and
other organizations maintain databases of information that were not
created for general public access. Other sites may restrict database access
to members or subscribers.
Deep web sites are not indexed because they use dynamic databases
that are devoid of hyperlinks and can only be found by performing an
internal search query.
Dark Web
The Dark Web (also called darknet) is a subset of the Deep Web that
is not only not indexed, but that also requires something special to be able
to access it, e.g., specific proxying software or authentication to gain
access. The Dark Web is often associated with criminal activity of various
degrees, including buying and selling drugs, pornography, gambling, etc.
While the Dark Web is definitely used for those things more than the
standard Internet or the Deep Web, there are many legitimate uses for the
Dark Web as well.
Basically, all kinds of website (Internet, Deep Web, Dark Web) rides on the
same infrastructure, but due to encryption method on data transfer and domain
naming, dark webs doesnt appear in most search engines and cannot be opened
on conventional web application. TOR browser will be needed in order to access
the dark web since TOR browser can decrypt the data from TOR network.
In Short, you need to set your connection protocol using TOR network
because the dark web (.onion) only be accessed through a hidden network called
TOR.
How to access dark web?
We cant just access the dark web from a normal web browser like
Firefox for example since you can only access the dark web through a dark
web browser. The most famous of these dark web browsers is called Tor and
this is the one we recommend you get if youre looking to get onto the dark
web. Downloads of Tor soared in August by almost 100% as the general
population became more and more concerned about their privacy amid
revelations about US and UK intelligence agencies monitoring web traffic. In
short, more and more people are turning to the dark web to get their
internet fix and protect their information.
links are circuits rather than direct connections. By using a full Tor circuit,
it's hard for anyone to associate an introduction point with the hidden
server's IP address. While the introduction points and others are told the
hidden service's identity (public key), we don't want them to learn about the
hidden server's location (IP address).
They are sites that do not have a real domain name or IP address that
exists on the "regular" internet. The TOR network arranges anonymity for
the server and its visitors. The things you can find on .onion sites include
image and file hosting, whistleblower websites (Wikileaks), forums offering
complete freedom of speech, search engines, hacking, programming, and so
on. Some of these websites (such as search engines) are completely legal,
some would be considered illegal in some countries (hacking tutorials),
others are completely illegal (drugs, weapons, child pornography, credit
card fraud and other scams).
System Architecture that is used in the TOR system is hybrid, since there are
a lot of clients to use services from servers. However there is a little bit
difference where in TOR network, there are upper layer of architecture
which is between relays and both client and web server, both client and web
server needs to connect to the relay in order to communicate securely. The
way the relay connect to each other is random and all relays are in the same
level
Client in this network means the one that using internet to browse either
surface or deep or even dark web
Relays are provided by voluntary who supports this network around the
world. Currently, there are 7000 routers that supports TOR Project.
Below, we provide the basic process of how TOR connect us to the destination
First, the clients Tor-enabled software determines the list of available Tor
nodes that are present in the network. By doing so, it ensures a random node
selection each time so that no pattern can be observed by anyone spying, ensuring
that you remain private throughout your activities. Random path selection also
leaves no footprints, as no Tor node is aware of the origin or destination other than
the terminal ones receiving from the clients. And since, from the millions of Tor
nodes available, anyone can act as the first receiving node, therefore it is virtually
impossible to trace the origin.
Now, the client generates an encrypted message which is relayed to the first
Tor node. The Onion router on this node would peel off one layer of encryption and
read the information identifying the second node. The second node would repeat
the same process and pass on to third. This would go on until the final node
receives the location of the actual recipient, where it transmits an unencrypted
message to ensure complete anonymity.
Finally, when the client computer wants to establish another path, supposed
to visit another website, or even the same one, the Tor network will select an
entirely different, random path this time.
Integrity The exit funnels could see your packet metadata, however it
does not have any privilege to change or alter it.
Confidentiality The packet header is encrypted lots of time (or at least 3
times)
Security mechnisms
Encryption The Encryption is done by onion routing using their own
algorithm called Onion routing. Why it is called onion routing? Because
the encrypted data is transmitted through a series of network nodes
called onion routers, each of which "peels" away a single layer,
uncovering the data's next destination. When the final layer is
decrypted, the message arrives at its destination. The sender remains
anonymous because each intermediary knows only the location of the
immediately preceding and following nodes.
node until the node runs out of memory, and hence can serve no other
(genuine) clients. By attacking a significant proportion of the exit nodes this
way, an attacker can degrade the network and increase the chance of
targets using nodes controlled by the attacker.
Bandwidth Hogging
It is considered impolite to transfer massive amounts of data
across the TOR network, the onion routers are run by volunteers
using their own bandwidth at their own cost.
Email
Anonymous usage of SMTP (i.e., email) can result in spam.
Consequently the default exit policy of TOR nodes rejects outgoing
connections to port 25, the port used for SMTP.
the full path that is travelled by the onion. Since no outside observer will be able
to follow an onion while it is travelling through the network, the communication is
completely anonymous.