PAR: PAYMENT FOR

ANONYMOUS ROUTING

PRESENTED BY:
MUHAMMAD HASAN
CONTENTS
What is Anonymous Routing?
Established By
When do we want Anonymity?
Who needs Anonymity?
Who is talking to whom?
Onion Routing Network Infrastructure
Applications
Onion Routing PROXY INTERFACE
CONTENTS:
Using Onion Routing
Reply Onions
System Consideration
System Requirement
Payment Analysis
Our Contribution
A Hybrid payment scheme
CONTENTS
Implementation
Performance
Capabilities
Weakness
Conclusion
 What is Anonymous
Routing?
 Anonymous routing protects user communication from identification by third-party observers.
 If we have a well defined set of elements, then anonymity is the property of an element of not being identifiable within this set.

• The degree of anonymity goes high when the number of people

is increasing .
What is anonymity in
communication?
Different types:
Sender anonymity
 An observer cannot tell who sent the message.
Recipient anonymity
 An observer cannot tell who is the intended receiver
of the message.
Unlinkability of Sender and Receiver
 An observer cannot tell who is in communication
with whom.
 Anonymity Network & TOR
 Tor (The Onion Router) is a free software implementation of
second-generation onion routing – a system enabling its users to
Communicate anonymously on the Internet
 Messages are repeatedly encrypted and then sent through
several network nodes called onion routers.

 Each onion router removes a layer of encryption to

uncover routing instructions, and sends the
message to the next router where this is repeated.
 This prevents these intermediary nodes from
knowing the origin, destination, and contents of the
message.
 TOR Established By:
 Onion routing is a technique for pseudonymous (or anonymous)
communication over a computer network,
 Developed by David Goldschlag, Michael Reed, and Paul Syverson

The Father of Anonymous

communication
David CHAUM
When do we want
Anonymity?
Privacy protection
Confession service
Elections & Voting
Treatment of medical data
Freedom of speech
Financial matters
Who needs Anonymity?
 Socially Sensitive Communicants:
 Diseases or crime victim chat rooms
 Law enforcement:
 Anonymous tips or crime reporting
 Surveillance and Honey pots (Sting Operation)
 Corporations
 Hiding Collaboration of sensitive business units or Partners
 Hide procurement suppliers and patterns
 Political Dissidents
 Censorship resistance publishers
 Whistleblowers
 You
 Who are sending email?
 What website you are browsing?
 Where do you work, where are you from?
 What do you buy? What kind of physician do you visit…?
Who is talking to whom?
In a Public Network:
 Packet headers identify recipients
 Packet routes can be tracked

Encryption does not hide routing information.

Onion Routing: Network
Infrastructure
Anonymous connections are
Routed through Chaum Mixes
Multiplexed between Mixes
Onion Routing: Proxy
Interface
Proxies interface between Applications
and the Network Infrastructure.

The Basic Configuration:

Sensitive sites control Onion Routing Proxies (which also function
as intermediate Onion Routers).
TOR Applications
Many applications can use Proxies:
 Web browsing
 Remote login
 e-mail
 File transfer
Using Onion Routing
Four Steps:

 Define the route

 Construct the anonymous connection
 Move data through the connection
 Destroy the anonymous connection
Defining the Route
The Initiators Proxy, W, makes an
Onion:
Constructing the
Anonymous Connection
The Onion moves between Onion Routers.
Moving Data Forward
 The Initiators Onion Routing Proxy repeatedly encrypts the data
 Each Onion Router removes one layer of cryption
 The Responders Onion Routing Proxy forwards the plaintext to
the Responder.
Moving Data Backward
 This is just the reverse of sending data forward.
 Each Onion Router adds one layer of cryption
 The Initiators Onion Routing Proxy removes the layers
of cryption and forwards the plaintext to the Initiator.
Destroying the Anonymous
Connection
Destroy Messages
• are forwarded along the connection
• cleaning up tables along the way
Reply Onions

An Initiators Onion Routing

Proxy can create a Reply
Onion that defines a route
back to him.
Simple block
diagram of
TOR
System Consideration:
We will examine current anonymizing networks and
payment schemes. The current payment schemes, when
applied to onion routing schemes, fail to Maintain
anonymizing network properties, while our hybrid scheme
succeeds.
Payment Analysis:
Identity-bound Payment Schemes

 Identity-bound payments constitute signed endorsements from the

payer to the payee. Accountability and robustness are the two main
features of this class. The micropayment scheme is an example of
an Identity-bound payment.

 This analysis indicates that having identity-bound coins reveals too

much information, enabling an adversary with access to payment
information to break the system’s anonymity using simple
inference techniques.
Payment Analysis.
Anonymous Payment Schemes
In this scheme, the payment does not carry
any identification information of its initial
owner. Chaum’s Digital cash and the later
versions of Tunstall et al. and Camenisch et
al. are perfect examples of such anonymous
payment schemes.
Our Contribution: Hybrid
Approach
Both of the two classes of payment schemes have advantages
and disadvantages. Our approach creates a hybrid payment
scheme by combining the two payments methods into a
single one.
 In particular, nodes outside the anonymizing network
withdraw an initial number of anonymous coins (A-mcoins)
from the Bank and use them to pay the first node in the Tor-
path (TL) they have chosen. TL then uses micropayments3
to pay TL−1, who also uses micropayments to pay its
neighbor. Each time, the
amount of money paid decreases according to each node’s
price.
A Hybrid Payment
Scheme
A Hybrid Payment
Scheme
 Sender-Receiver Unlinkability
 Usable Efficiency
 Accountability.
 Payment Coins
 S-coins(Signed microcoins): S-coins are generated
and used for payments between Tor participants.
 A-coins (Anonymous coins):A-coins use the idea of
e-cash ([6]). They are generated by the Bank upon
users’ requests. Users outside Tor buy a
predetermined number of A-coins from the Bank and
pay with them for using the anonymizing network.
Onion Routing: Capabilities
 The idea of onion routing (OR) is to protect the privacy of
the sender and recipient of a message, while also providing
protection for message content as it traverses a network.
Onion routing accomplishes this according to the principle of
Chaum's mix cascades

 The advantage of onion routing (and mix cascades in

general) is that it is not necessary to trust each cooperating
router; if one or more routers are compromised,
anonymous communication can still be achieved.
 Onion routing does not provide perfect sender or receiver
anonymity against all possible eavesdroppers—that is, it is
possible for a local eavesdropper to observe that an
individual has sent or received a message
Onion routing - Pros and
Cons
Advantages Disadvantages
-Simplicity -Does not defend
-Offers protection for against global
sender, receiver and observer
-message content -Vulnerable to timing
-Can offer low latency analysis
Implementation
Working Onion Routing prototype.

Proxies for:
 Web browsing (HTTP)
 Remote login (RLOGIN)
 e-mail (SMTP)
 File transfer (FTP)
and anonymizing Web and mail proxies.
Performance
5 Onion Routers running on a single
UltraSparc 2270.
Connection setup: 0.5 second
cryptographic overhead.
(This cost can be amortized by using
sockets for longer connections.)
Weaknesses
 1)it does not provide much to defend against timing analysis.
If an attacker observes a relatively under-loaded onion router,
he or she can link incoming/outgoing messages by observing
how close together in time they are received and re-sent
 2)Onion routing networks are also vulnerable to intersection
attacks and predecessor attacks.
 3) In a predecessor attack, an attacker who controls an onion
router keeps track of a session as it occurs over multiple path
reformations (paths are periodically torn down and rebuilt).
 4) Onion routing exit nodes give the operator complete access
to the content being transmitted (via sniffing) and therefore
the onion network should not be used to transmit sensitive
information. A Swedish researcher, Dan Egerstad, was able to
collect over one hundred foreign embassy email account
passwords using a sniffing attack.
Conclusion
• To be effective, Onion Routing must
be widely used.
• Onion Routing supports a wide variety of
unmodified services using proxies.
• Anonymity is placed at the application
layer.
THANK YOU!