Department of Computer Science and EngineeringTechnical seminar on ONION ROUTING

Presented byJogi Surya Teja11H61A05E2

Under the guidance of Mr.V.Rama KrishnaAssistant professorOrganizationIntroductionTraffic Analysis overviewOnion routingExampleProblem and solutionConclusionReferences

# Introduction:Types of Attackers on the web:

Active AttackersPassive attackers

#Traffic Analysis:Traffic analysis focuses on the headers, which contain meta data like source address, destination address, timing information etc

Hence even if the packet content is encrypted, Traffic analysis can reveal useful information#Importance of Traffic AnalysisAlthough traffic analysis provides lower quality information, it is preferred over cryptanalysis.

It is also cheaper because traffic data can be automatically collected and processed to provide a high degree of intelligence.

It is used for military purposes and by various organizations to track unpleasant events over the internet.# Onion Routing:Onion routing is the mechanism in which the sender (initiator) and the receiver (responder) nodes communicate with each other anonymously by means of some intermediate nodes called as onion routers

It relies on public key cryptography

# Structure of Onion Routing:

Infrastructure for Onion Routing :Network Infrastructure

Proxy Interfaces

#Steps in Onion RoutingDefining a routeConstructing an anonymous connectionMoving data through an anonymous connection# Example:Let onion routers 4, 3, and 5 be randomly selected by the onion proxy

#The proxy encrypts the data with 5s public key followed by 3 and then 4

Thus an onion is created which looks like E4pu (3s IP address, E3pu ((5s IP address, (E5pu (recipients IP address, data)))))

#The proxy then sends the onion to the first onion router i.e. 4

Onion router 4 peels the outer layer of the onion using its private key

It forwards the onion to 3 which now looks like E3pu ((5s IP address, (E5pu (recipients IP address, data))))

#Onion router 3 peels the outer layer of the onion using its private key

It forwards the onion to 5 which now looks like (E5pu (recipients IP address, data))

#Onion router 5 now peels the outer layer of the onion using its private key

It finds plain data and the destination address and forwards it to the destination

#Problems and solutionsThe size of the onion reduces as it nears the destination

Hence an attacker can infer details about the destination

To avoid this onions are padded at each onion router to maintain the size of the onion (Onions can be padded to same or different sizes )

#Every onion router has details of only its previous and next hop

So even if an onion router has been compromised the attacker can only get the encrypted onion .He will not be able to decrypt the onion without the private keys and hence will not infer any valuable information from it#Suppose an attacker records data going on between routers and is able to compromise a router at a later stage, to acquire private key and decrypt data.

This can be avoided by using a session key between communicating parties.

The session key is used to encrypt data and is valid only for the duration of the communication.#CONCLUSIONOnion routing can be used in anonymous network and also in military applications. Resistant to both eavesdropping and traffic analysis.

THANK YOU#Referenceswww.onion-router.nethttps://en.wikipedia.org/wiki/Onion_routing