By Srianka 07951A0591 CSE 4B

It provides the technique for anonymous communication. Main Idea is to protect the details of sender and receiver of a message and also its content from attackers (Active and Passive attackers)

This technique was originally developed by U.S Navy to hide the true origin of packets on an IP network.

Prevents Eaves Dropping on a message content. Prevents traffic analysis.

Messages travel from source to destination via a sequence of proxies known as

ONION ROUTERS.

It is known Chaums Mix Cascades Principle

The message sent by the sender will be repeatedly encrypted and then sent through several network nodes (Onion Routers). Each Router moves a layer of encryption to uncover routing instructions and sends the message to the next router where this is repeated. This prevents these intermediary nodes from knowing the origin , destination and contents of the message.

Defining a route Constructing an anonymous connection Moving data through an anonymous connection Destroying the anonymous connection

Let onion routers 4, 3, and 5 be randomly selected by the onion proxy

Cont..

The proxy encrypts the data with 5s public key followed by 3 and then 4 Thus an onion is created which looks like

E4pu (3s IP address, E3pu ((5s IP address, (E5pu (recipients IP address, data)))))

From 3 to 4 Initially at router 3 (Packet from Proxy)

From 4 to 5

From 5 to the Destination

At the destination after removing all the layers

To avoid this onions are padded at each onion router to maintain the size of the onion (Onions can be padded to same or different sizes )

The size of the onion reduces as it nears the destination. Hence an attacker can infer details about the destination.

So even if an onion router has been compromised the attacker can only get the encrypted onion .He will not be able to decrypt the onion without the private keys and hence will not infer any valuable information from it

Every onion router has details of only its previous and next hop

Suppose an attacker records data going on between routers and is able to compromise a router at a later stage, to acquire private key and decrypt data.

This can be avoided by using a session key between communicating parties. The session key is used to encrypt data and is valid only for the duration of the communication.

Packet delivery is not ensured : If an onion router

fails on the way then the message will not reach the destination. It is susceptible to denial of service attacks: Done by sending many packets to the routers to perform more number of cryptographic operations and stops forwarding the packets (This can be avoided by using puzzles -those are to be answered by the sender but latency increases)

Wireless Anonymous Routing Protocol(WAR):It

is based on onion routing and traffic mixing. Here the keys are distributed using a RadioGram.

Secure Distributed Anonymous Routing Protocol (SDAR):This protocol is also based on

onion routing. It does not require the source node to know the entire network topology unlike the previous WAR protocol.

So by using the above technology one implementation came into existence known as TOR (The Onion Router)- a second generation onion router- it overcomes the problems of first generation onion routing, and also helps in preventing from many attacks.

QUERIES????????

THANK YOU