Professional Documents
Culture Documents
ANONYMOUS ROUTING
PRESENTED BY:
MUHAMMAD HASAN
CONTENTS
What is Anonymous Routing?
Established By
When do we want Anonymity?
Who needs Anonymity?
Who is talking to whom?
Onion Routing Network Infrastructure
Applications
Onion Routing PROXY INTERFACE
CONTENTS:
Using Onion Routing
Reply Onions
System Consideration
System Requirement
Payment Analysis
Our Contribution
A Hybrid payment scheme
CONTENTS
Implementation
Performance
Capabilities
Weakness
Conclusion
What is Anonymous
Routing?
Anonymous routing protects user communication from identification by third-party observers.
If we have a well defined set of elements, then anonymity is the property of an element of not being identifiable within this set.
Proxies for:
Web browsing (HTTP)
Remote login (RLOGIN)
e-mail (SMTP)
File transfer (FTP)
and anonymizing Web and mail proxies.
Performance
5 Onion Routers running on a single
UltraSparc 2270.
Connection setup: 0.5 second
cryptographic overhead.
(This cost can be amortized by using
sockets for longer connections.)
Weaknesses
1)it does not provide much to defend against timing analysis.
If an attacker observes a relatively under-loaded onion router,
he or she can link incoming/outgoing messages by observing
how close together in time they are received and re-sent
2)Onion routing networks are also vulnerable to intersection
attacks and predecessor attacks.
3) In a predecessor attack, an attacker who controls an onion
router keeps track of a session as it occurs over multiple path
reformations (paths are periodically torn down and rebuilt).
4) Onion routing exit nodes give the operator complete access
to the content being transmitted (via sniffing) and therefore
the onion network should not be used to transmit sensitive
information. A Swedish researcher, Dan Egerstad, was able to
collect over one hundred foreign embassy email account
passwords using a sniffing attack.
Conclusion
• To be effective, Onion Routing must
be widely used.
• Onion Routing supports a wide variety of
unmodified services using proxies.
• Anonymity is placed at the application
layer.
THANK YOU!