World Library  
Flag as Inappropriate
Email this Article

Onion routing

Article Id: WHEBN0000424617
Reproduction Date:

Title: Onion routing  
Author: World Heritage Encyclopedia
Language: English
Subject: Tor (anonymity network), Degree of anonymity, Anonymous P2P, Proxy server, Garlic routing
Collection: 1998 Introductions, Anonymity Networks, Routing
Publisher: World Heritage Encyclopedia

Onion routing

Onion routing is a technique for anonymous communication over a computer network. In an onion network, messages are encapsulated in layers of encryption, analogous to layers of an onion. The encrypted data is transmitted through a series of network nodes called onion routers, each of which "peels" away a single layer, uncovering the data's next destination. When the final layer is decrypted, the message arrives at its destination. The sender remains anonymous because each intermediary knows only the location of the immediately preceding and following nodes.[1]


  • Development and implementation 1
  • Data structure 2
    • Onion creation and transmission 2.1
  • Weaknesses 3
    • Timing analysis 3.1
    • Exit node vulnerability 3.2
  • See also 4
  • References 5
  • External links 6

Development and implementation

Onion routing was developed in the mid-1990s at the U.S. Naval Research Laboratory by employees Paul Syverson, Michael Reed, and David Goldschlag[2][3] to protect U.S. intelligence communications online.[4] It was further developed by the Defense Advanced Research Projects Agency (DARPA) and patented by the Navy in 1998.[3][5][6]

Computer scientists

  • - site formerly hosted at the Center for High Assurance Computer Systems of the U.S. Naval Research Laboratory
  • Sylverson, P. F.; Goldschlag, D. M.; Reed, M. G. (1997). "Anonymous Connections and Onion Routing". IEEE Symposium on Security and Privacy. CiteSeerX: .4829.64.1.110 - The original paper from the Naval Research Laboratory

External links

  1. ^ Goldschlag D., Reed M., Syverson P. (1999.) Onion Routing for Anonymous and Private Internet Connections, Onion Router.
  2. ^ Reed M. G., Sylverson P. F., Goldschlag D. M. (1998) "Anonymous connections and onion routing", IEEE Journal on Selected Areas in Communications, 16(4):482-494.
  3. ^ a b US patent 6266704, Reed; Michael G. (Bethesda, MD), Syverson; Paul F. (Silver Spring, MD), Goldschlag; David M. (Silver Spring, MD), "Onion routing network for securely moving data through communication networks", assigned to The United States of America as represented by the Secretary of the Navy (Washington, DC) 
  4. ^ a b Levine, Yasha (16 July 2014). "Almost everyone involved in developing Tor was (or is) funded by the US government". Pando Daily. Retrieved 30 August 2014. 
  5. ^ Fagoyinbo, Joseph Babatunde (2013-05-24). The Armed Forces: Instrument of Peace, Strength, Development and Prosperity. AuthorHouse.  
  6. ^ Leigh, David; Harding, Luke (2011-02-08). WikiLeaks: Inside Julian Assange's War on Secrecy. PublicAffairs.  
  7. ^ Dingledine, Roger (20 September 2002). "pre-alpha: run an onion proxy now!". or-dev (Mailing list). Retrieved 17 July 2008. 
  8. ^ "Tor FAQ: Why is it called Tor?". Tor Project. Retrieved 1 July 2011. 
  9. ^ "Tor: Sponsors". Tor Project. Retrieved 11 December 2010. 
  10. ^ Krebs, Brian (8 August 2007). "Attacks Prompt Update for 'Tor' Anonymity Network".  
  11. ^ a b c d Roger Dingledine; Nick Mathewson; Paul Syverson. "Tor: The Second-Generation Onion Router" (PDF). Retrieved 26 February 2011. 
  12. ^ Shmatikov, Wang; Ming-Hsiu Vitaly (2006). "Timing analysis in low-latency mix networks: attacks and defenses". Proceedings of the 11th European conference on Research in Computer Security. ESORICS'06: 18–33.  
  13. ^ a b Dingledine, Roger. "Tor: The Second-Generation Onion Router". Tor Project. Retrieved 24 October 2012. 
  14. ^ Wright, Matthew. K.; Adler, Micah; Levine, Brian Neil; Shields, Clay (November 2004). "The Predecessor Attack: An Analysis of a Threat to Anonymous Communications Systems" (PDF). ACM Transactions on Information and System Security (TISSEC) 7 (4): 489–522.  
  15. ^ Zantour, Bassam; Haraty, Ramzi A. (2011). "I2P Data Communication System". Proceedings of ICN 2011: The Tenth International Conference on Networks (IARIA): 401–409. 
  16. ^ Bangeman, Eric (2007-08-30). "Security researcher stumbles across embassy e-mail log-ins". Retrieved 2010-03-17. 


See also

Exit node vulnerabilities are similar to those on unsecured wireless networks, where the data being transmitted by a user on the network may be intercepted by another user or by the router operator. Both issues are solved by using a secure end-to-end connection like SSL or secure HTTP (S-HTTP). If there is end-to-end encryption between the sender and the recipient, then not even the last intermediary can view the original message.

Although the message being sent is transmitted inside several layers of encryption, the job of the exit node, as the final node in the chain, is to decrypt the final layer and deliver the message to the recipient. A compromised exit node is thus able to acquire the raw data being transmitted, potentially including passwords, private messages, bank account numbers, and other forms of personal information. Dan Egerstad, a Swedish researcher, used such an attack to collect the passwords of over 100 email accounts related to foreign embassies.[16]

Exit node vulnerability

Garlic routing is a variant of onion routing associated with the I2P network that encrypts multiple messages together to make it more difficult for attackers to perform traffic analysis.[15]

One of the reasons typical Internet connections are not considered anonymous is the ability of Internet service providers to trace and log connections between computers. For example, when a person accesses a particular website, the data itself may be secured through a connection like HTTPS such that your password, emails, or other content is not visible to an outside party, but there is a record of the connection itself, what time it occurred, and the amount of data transferred. Onion routing creates and obscures a path between two computers such that there's no discernible connection directly from a person to a website, but there still exist records of connections between computers. Traffic analysis searches those records of connections made by a potential originator and tries to match timing and data transfers to connections made to a potential recipient. For example, a person may be seen to have transferred exactly 51 kilobytes of data to an unknown computer just three seconds before a different unknown computer transferred exactly 51 kilobytes of data to a particular website.[12][13] Factors that may facilitate traffic analysis include nodes failing or leaving the network[13] and a compromised node keeping track of a session as it occurs when chains are periodically rebuilt.[14]

Timing analysis


When the chain is complete, the originator can send data over the Internet anonymously. When the final recipient of the data sends data back, the intermediary nodes maintain the same link back to the originator, with data again layered, but in reverse such that the final node this time removes the first layer of encryption and the first node removes the last layer of encryption before sending the data, for example a web page, to the originator.[11]

Using asymmetric key cryptography, the originator obtains a public key from the directory node to send an encrypted message to the first ("entry") node, establishing a connection and a shared secret ("session key"). Using the established encrypted link to the entry node, the originator can then relay a message through the first node to a second node in the chain using encryption that only the second node, and not the first, can decrypt. When the second node receives the message, it establishes a connection with the first node. While this extends the encrypted link from the originator, the second node cannot determine whether the first node is the originator or just another node in the circuit. The originator can then send a message through the first and second nodes to a third node, encrypted such that only the third node is able to decrypt it. The third, as with the second, becomes linked to the originator but connects only with the second. This process can be repeated to build larger and larger chains, but is typically limited to preserve performance.[11]

To create and transmit an onion, the originator selects a set of nodes from a list provided by a "directory node". The chosen nodes are arranged into a path, called a "chain" or "circuit", through which the message will be transmitted. To preserve the anonymity of the sender, no node in the circuit is able to tell whether the node before it is the originator or another intermediary like itself. Likewise, no node in the circuit is able to tell how many other nodes are in the circuit and only the final node, the "exit node", is able to determine its own location in the chain.[11]

Onion creation and transmission

An onion is the data structure formed by "wrapping" a message with successive layers of encryption to be decrypted ("peeled" or "unwrapped") by as many intermediary computers as there are layers before arriving at its destination. The original message remains hidden as it is transferred from one node to the next, and no intermediary knows both the origin and final destination of the data, allowing the sender to remain anonymous.[11]

In this example onion, the source of the data sends the onion to Router A, which removes a layer of encryption to learn only where to send it next and where it came from (though it does not know if the sender is the origin or just another node). Router A sends it to Router B, which decrypts another layer to learn its next destination. Router B sends it to Router C, which removes the final layer of encryption and transmits the original message to its destination.

Data structure


This article was sourced from Creative Commons Attribution-ShareAlike License; additional terms may apply. World Heritage Encyclopedia content is assembled from numerous content providers, Open Access Publishing, and in compliance with The Fair Access to Science and Technology Research Act (FASTR), Wikimedia Foundation, Inc., Public Library of Science, The Encyclopedia of Life, Open Book Publishers (OBP), PubMed, U.S. National Library of Medicine, National Center for Biotechnology Information, U.S. National Library of Medicine, National Institutes of Health (NIH), U.S. Department of Health & Human Services, and, which sources content from all federal, state, local, tribal, and territorial government publication portals (.gov, .mil, .edu). Funding for and content contributors is made possible from the U.S. Congress, E-Government Act of 2002.
Crowd sourced content that is contributed to World Heritage Encyclopedia is peer reviewed and edited by our editorial staff to ensure quality scholarly research articles.
By using this site, you agree to the Terms of Use and Privacy Policy. World Heritage Encyclopedia™ is a registered trademark of the World Public Library Association, a non-profit organization.

Copyright © World Library Foundation. All rights reserved. eBooks from Project Gutenberg are sponsored by the World Library Foundation,
a 501c(4) Member's Support Non-Profit Organization, and is NOT affiliated with any governmental agency or department.