Professional Documents
Culture Documents
By Srianka 07951A0591 Cse 4B
By Srianka 07951A0591 Cse 4B
By Srianka 07951A0591 Cse 4B
It provides the technique for anonymous communication. Main Idea is to protect the details of sender and receiver of a message and also its content from attackers (Active and Passive attackers)
This technique was originally developed by U.S Navy to hide the true origin of packets on an IP network.
ONION ROUTERS.
The message sent by the sender will be repeatedly encrypted and then sent through several network nodes (Onion Routers). Each Router moves a layer of encryption to uncover routing instructions and sends the message to the next router where this is repeated. This prevents these intermediary nodes from knowing the origin , destination and contents of the message.
Defining a route Constructing an anonymous connection Moving data through an anonymous connection Destroying the anonymous connection
Cont..
The proxy encrypts the data with 5s public key followed by 3 and then 4 Thus an onion is created which looks like
E4pu (3s IP address, E3pu ((5s IP address, (E5pu (recipients IP address, data)))))
From 4 to 5
To avoid this onions are padded at each onion router to maintain the size of the onion (Onions can be padded to same or different sizes )
The size of the onion reduces as it nears the destination. Hence an attacker can infer details about the destination.
So even if an onion router has been compromised the attacker can only get the encrypted onion .He will not be able to decrypt the onion without the private keys and hence will not infer any valuable information from it
Every onion router has details of only its previous and next hop
Suppose an attacker records data going on between routers and is able to compromise a router at a later stage, to acquire private key and decrypt data.
This can be avoided by using a session key between communicating parties. The session key is used to encrypt data and is valid only for the duration of the communication.
fails on the way then the message will not reach the destination. It is susceptible to denial of service attacks: Done by sending many packets to the routers to perform more number of cryptographic operations and stops forwarding the packets (This can be avoided by using puzzles -those are to be answered by the sender but latency increases)
onion routing. It does not require the source node to know the entire network topology unlike the previous WAR protocol.
So by using the above technology one implementation came into existence known as TOR (The Onion Router)- a second generation onion router- it overcomes the problems of first generation onion routing, and also helps in preventing from many attacks.
QUERIES????????
THANK YOU