An Operational Overview Of Onion Routing Computer Science Essay

Published: Last Edited:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

Preserving privacy means not only hiding the message content but also hiding who is talking to whom. The common application of cryptography can only hide the content of messages being sent but can reveal who is talking to whom. Onion routing is an infrastructure for private communication over public network [4, 5, 6]. It provides anonymous connections which are resistant to traffic analysis and eaves dropping. Chaum's Mix Cascades principle is used in Onion routing for routing messages in an unpredicted path. This principle uses public key encryption to wrap messages like Russian doll. Each message is encrypted with public key of last node, second to last node, and so on, so that when node received Russian doll message, it can able to view only information it is supposed to receive i.e., where to send data. Onion routing refers to these Russian dolls as onions. Same principle of using layers of encryption is used. Onion routing expands this idea by including padding to maintain the same size for onion.

A random path of onion routers are chosen to transfer messages from sender to destination. There will be unique path for each receiver. The original message is wrapped by layers of encryption that corresponds to chosen path.

Figure 1 onion structure

The above figure shows the structure of onion. It is using layering of encryption, the message is first encrypted with public key of Router C; then the onion is again encrypted with public key of Router B and then onion is again encrypted with public key Router A. Then message is passed along, each Router uses its private key to decrypt it, effectively "peeling" it and message is passed. Now when Router A decrypts the onion it can only see the information to pass the onion to Router B. Note message is not encrypted Onion Routing leaves it to user to use data encryption of data and it only provides the transportation of data from sender to receiver. Thus message is in plain text form when it is leaving from sender to be encrypted and will be in plain text form when it is leaving from final node of chosen path to reach destination. It provides end-to-end encryption for better performance and gives full protection.


The onion routing is accessed via proxies; the sender makes a socket connection to an application proxy. It then connects to Onion proxy; it is responsible for defining a route through onion network by constructing a layered data structure called onion. The onion is then passed to entry funnel which has long standing connections to onion router and multiplexes connection to onion routing network at that onion router. Each layer of onion gives information of next hop in a route. An onion router after receiving onion peels off its layer then identifies next hop and sends the remaining embedded onion to that onion router. The last onion router forwards data to exit funnel, whose job is transport or pass data between responder and onion routing network.

Before sending data in anonymous connection, the onion proxy adds a layer of encryption with the keys of onion router in the route. As data moves in anonymous connection, each onion router removes one layer of encryption so the responder can receive data as plain text.


Firewall configuration:

The onion router serves as an interface between external network and machines behind the firewall. The connections from onion router to the machines behind the firewall are protected by other means. To complicate tracking the onion router should also route data between other onion routers.

Remote proxy configuration:

The initiator trusts onion router to build onions, and carries on with anonymous connection with receiver so that it is hidden from network and observers. The initiator can make encrypted connections to some of the remote onion routers, so that he can function as if he is in firewall configuration.


Onion routing has many weaknesses. Onion routing does not provide much defence on timing analysis. If an attacker observes under-loaded onion router, attacker can link incoming or outgoing messages by observing how close in time they are received and re-sent. However this can be overcome by buffering messages and transmitting them using pseudorandom timing algorithm. []

Onion routing algorithms are vulnerable to predecessor attacks and intersection attacks. In predecessor attack, an attacker who controls onion router will keep track of session as it occurs over multiple path reformations. If he observes same session over enough reformations, he will tend to see first router in a chain more frequently than any other router. In intersection attacks it rely on fact that onion routers will fail or leave the network periodically thus any functioning communication path cannot have been routed through those routers that left and neither it can add routers which joined recently.[]

In onion routing exit nodes has gives the complete access of information being transmitted to operator(via sniffing) and therefore the onion routing should not transmit sensitive data without end-to-end encryption, such as SSL.[]

With onion routing, a Swedish researcher was able to collect around one hundred foreign embassy email account passwords using sniffing attack. []


Its mainly used in TOR and Decoy Cypher

TOR: On August 13, 2004 at the 13th USENIX Security Symposium[] , Roger Dingledine, Nick Mathewson, and Paul Syverson presented Tor, The Second-Generation Onion Router[]

Tor provides perfect forward secrecy making it TCP transport it moves protocol cleaning outside of the onion routing layer. It also provides directory servers, end-to-end integrity, low latency and variable exit policies for routers. The Tor source code is published under the licence of BSD license.

Decoy Cypher: A Decoy Cypher can take the form of noise by sending copious messages encrypted garbage plaintext. A decoy cipher can also take the form of misleading information when a person reading onion to mislead him many layers of onion may contain false information causing them to suspect the wrong parties. The actual message can be at some level but not in lower level as if all layers are decrypted the core seems innocent.


If two sites want to collaborate, they can establish one or more long term tunnels which will multiplex many socket connections, over a single anonymous connection. This will hide who is collaborating with whom and what they are working on; there is no need of constructing individual anonymous connection for each connection made. Basic encrypting firewalls provide encryption only for payloads. Thus it provides only confidentiality there is nothing protect for traffic analysis. Therefore IP Security provides protection to traffic for individual connections by adding packets in encrypted packets of firewall.

Anonymous Chatting:

Anonymous connections can be used as service provided by IRC, where group of persons meet for chatting on central server. Each party defines connections part to itself, so no one trusts other for maintaining its privacy. If the party layers to end-to-end encryption over anonymous connection which prevents even central server listening to them.

Anonymous Cash:

Certain forms in e cash are designed to be anonymous unless they are misused or double spent. However if customer cannot contact merchant without identifying himself then anonymous cash is undermined. For transaction like buying products electronically anonymous connection can be used to hide the identities of both parties.

Electronic Mail:

Electronic mail is proxied by using [email protected]@proxy form of mail id instead of [email protected] This form works both for old and new mail systems. In this form client contacts a proxy servers SMTP port. Instead of normal mail listening to port here proxy listens and follows a strict state machine; it waits for HELO command, wait for MAIL From: command and waits for RCPT To: command. Once this process is done and after receiving RCPT To: command it creates a anonymous connection to the destination and relays both HELO and MAIL From: commands exactly as it received. Once the data request is transmitted to sever then proxy acts as transmitter from both client and server. An example of email from [email protected] on machine to [email protected] via onion router is given below. Gunda types mail to [email protected] First the communication between to onion router SMTP proxy on is given, followed by communication from exit funnel to recipients is given

110 SMTP Onion Routing Network


250 -connection from

250 (

MAIL From: [email protected]

250 sender is [email protected]

RCPT To: [email protected]

The proxy messages the RCPT To: to find the address of [email protected] and creates an anonymous connection to

110- sendmail 4.1/SMI 4.1 ready

110 at Mon, 17 Jan 2011 17:44 EDT


250- HELO

250 [], pleased to meet you

MAIL From: [email protected]

250 [email protected] -sender ok

RCPT To: [email protected]

250 [email protected] -recipient ok


354 enter mail end with "." On line by itself

After this point proxy forwards messages in both directions until a line containing only period is sent from sender to recipient

This is a Note

The proxy forwards a line containing only period to recipient and forwards the recipient response to sender. At this point proxy sends QUIT to recipient and reads response after that closes the connection to recipient. After that proxy waits for command from sender; if that command is QUIT the it closes the connection with sender:

250 Mail accepted


221 service closing transmission channel.


The main idea of crowds is as follows: when user requests a resource in web, a group of users participate to make each member equally to be the originator of the request. If they succeed in this they are said to be "probably innocent". To achieve this, when client performs web request, it decides whether to send it directly to end server or forward it through peer users. In latter case user performs the similar decision, until someone transfers it to end server. At this point the servers answer is sent back in the same path until it reaches to originator. Even members cannot find the initiator as initiator id indistinguishable from member that simply forwards the request. Each user joins crowd by registering himself at blender which is single server responsible for membership management. When user registers all other members in crowd are notified. The blender also responsible for key management as it distributes symmetric keys each pair of jondos used for cryptography applications as encryption and decryption when packet is routed along virtual paths. Each user is represented by jondo which is an application that runs on user's computer. Each jondo submit request to end server or forwards to randomly chosen other jondo. A jondo itself find initiator. Request and reply follow same virtual paths chosen by algorithm involving probabilities. The virtual paths change by time to time as new members are added in crowd.

Basic design:

Crowd basically work by making each node look like initiator of message. By said earlier each node joins network by starting a jondo which is small process for receiving and forwarding requests from other users. Upon receiving the message the node flips biased coin with probability Nf > 1/2 and if it lands heads then it transfers to other user or it forwards to final destination. Each node when forwarding keeps record of predecessor so that tunnel is built and this is as channel of communication between sender and receiver.

The algorithm on each machine is as follows:

On receive (node N, message M)

Flip biased coin (Nr(heads)= Nf)

If heads then select other uniformly random node and forward to it

Else forward to destination

Record N so that tunnel is built.


Figure 2 an example of crowd with three running paths sourced from[5]


Anonymity: there are three types of anonymity one is sender anonymity second one is receiver anonymity and the third one sender and receiver unlinkability. Unlinkability of sender and receiver means even the sender and receiver knows their identity in communication but they cannot identify that actually they both are communicating with each other.

We can list the type of privacies one is absolute privacy: it means that attacker cannot distinguish the situations in which potential sender actually sent message and those in which it did not. That is there is no observable effect for attacker. The other one is provably exposed. There are three main points regarding to privacies they are:

Beyond suspicion: the sender anonymity is beyond suspicion as even if attacker sees evidence of sent message, the sender will appear as peer member rather like originator.

Probable innocence: this is weaker than beyond suspicion as attacker may have reason to expect sender as an originator than any other potential member.

Possible innocence: a sender is possible innocent if in attackers point of view there is probability of real sender is someone else.

What crowd achieves:

Crowd system consists of collection of users called as crowds. These users requests to various web servers, thus users are senders and web servers are receivers. There are three distinct types of attackers:

--Local eaves dropper is an attacker who observes all communication to and from the users computer.

--collaborating crowd member are other crowd members who can deviate from protocol.

--the end servers are web server to which transaction is directed.

The above descriptions are intended to capture capabilities of each attacker.


Security is main concern for this project, as the project guarantees what is called probable innocence []. This is however large term and in system if we translate it comes to mainly providing to maintain anonymity of originator. Overall this operation is expensive one in terms of performance and it has to be balanced to preserve usability in system.


Efficiency is not major concern for crowds system. A user who is opting to adopt crowd system is not one looking to improve their performance regarding to home broad band but one who is willing to give up speed for anonymity. When considering how protocol is designed, if program does not take into account of performance, the time complexity of whole system would increase exponentially. One need only to consider about number of clients if it tends to be infinity, if the end server has same probability to be forwarded as client, it would potentially be never reached, or reached only after many number of loops. More over the inventors of crowd developed their network with company network in mind with large bandwidth and low latency.