Tor (Anonymity Network)

Scott Pardue

Tor Network

Nodes with routers within the network (entry, middle, exit)

Directory servers Socket Secure (SOCKS) and TCP Virtual circuit switching Cells with header and data

Cell Cryptography

Node decrypts the cell header with its private key to decipher next command

Node modifies the cell header to include the next command and then encrypts the cell header with its successor’s public key

If the node is handling a request, it decrypts a layer of the cell data If the node is handling a response, it encrypts a layer of the cell data

[2] https://www.torproject.org/about/overview.html.en

[2] https://www.torproject.org/about/overview.html.en

[2] https://www.torproject.org/about/overview.html.en

Onion Routing

Originator chooses random path Originator creates a pair of keys for each node in path Originator encrypts the request in multiple layers using the set of keys Each node in the path decrypts one layer of the request Exit node makes request and receives response Path is traversed backwards with each node encrypting the response Originator decrypts all encryption layers of the response

Tor Hidden Services

.onion suffix for addresses .onion top-level domain not in the Internet DNS Root Addresses are known by the pseudo top-level domain Hidden services are registered with pseudo top-level

domain kpvz7ki2v5agwt35.onion

References

[1] https://svn.torproject.org/svn/projects/design-paper/tor-design.html

[2] https://www.torproject.org/about/overview.html.en