Performance Analysis Of Onion Routing And Crowds Computer Science Essay

Published: Last Edited:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

Privacy has been a concern for all internet applications, for quite some time now. There has been a lot of debate on this issue and it's a general consensus to handle this sensitive issue very carefully. Internet is the most complex form of a simple network. In order to propose a solution to check on the issue of privacy and data security issues over internet, we can build some prototype algorithm that can work on simple networks.

There are numerous areas that involved this concern. Password safety over internet applications, hacking, identity management are some the prominent areas in this regard. Needless to say there have been exponential growth in search engine and related applications over the past decade and we are continuing to see similar growth even the years to come. The practice of using malware, adware and similar malicious softwares and agents has widespread its presence in many internet based applications.

In order to provide reliability and to gain confidence of customers and internet users, it is vital to provide some robust solution of the above stated problem. Among any proposed solutions, "network anonymity" is one area that is gaining lots of attention and research focus. In broad sense Anonymity can be define as "......." [] Human right workers, spies and activists and even ordinary citizens desire to communicate via internet without revealing what they are doing and who they are. The need for privacy is for anyone who is concerned about password safety, their identity and their own personal information and so forth. [2, 3]

When the identity of sender or receiver cannot be recognized from rest of users on the network then it's called sender or receiver anonymity. The outsider can observe that communication is taking place but cannot recognize through any means that which senders are communicating to which receivers. The ultimate goal of an anonymous network protocol is to protect identities of its users with sender and receiver anonymity, and unlinkability

In this paper we are trying to explore the area of "Anonymity", one the most promising solution to deal with the stated problem. There are many protocols to protect identity over network (and to foster anonymity) like onion routing, crowd routing, Tarzan, proxies, web mixes etc.

Project road map

This can be accomplished by being the user of anonymous network protocols; the main goal of them is to provide anonymity to network users. For this reason there many protocols designed which guarantees the anonymity to users. The aim of this project is to implement one of these protocols called onion routing, and also compare the performance with another protocol called crowds.

This paper first analyses the existing literatures of onion routing, crowd and various systems having same goal but through different approaches. It subsequently describes the proposed implementation of Onion routing providing detailed overview on the components of program and also describes the implementation of simulations performed on Onion routing and Crowds for comparing their performances, providing detailed overview on the components of program. Also some statistics based on testing are provided.


Background research

Onion routing

Crowd protocol

Related technologies


Project management

Work plan and milestone

Week (starting week beginning 1st nov )














Activities and milestones

Background Reading

Literature review

Tool selection/ implementation planning


Comparing with existing algorithm

Report Writing

Demonstrate to sup/examiner


dissertation draft complete


Final corrections

Milestone - Hand-in


The * in boxes indicates that those activities are not done in as expected to be done in 12th week.

Time management

At initial stages of project, everything went fine but due to unexpected illness for 2weeks in December whole plans got changed and done in hurry manner. However got results and statistics of simulation done on onion routing and crowd protocol.

Effort distribution over task

October 2010

Figure 1 : effort distribution for 2 weeks of October

November 2010

Figure 2 : effort distribution for November

December 2010

Figure 3 : Effort distribution for December

January 2011

Figure 4 : Effort distribution for January


Software Requirement Specification


This project is developed to learn and explore the anonymous network and its implementation. We chose onion routing as the prime algorithm and then different anonymity protocols are compared to it.

Project Scope

There are various ways of implementing anonymity : Onion routing, Crowd protocol, Tarzan, web mixes etc. In this project we have considered only onion routing and crowd protocol. Other protocols are out of scope for this project.

System features

Onion routing implementation and illustration.

Comparison with crowd routing on basis of : bandwidth and overhead.

Operating Environment

Operating System: Windows XP or higher.

Implementation platform: Python 2.5 or higher

PyCrypto API


Network X API

Environment: LAN

Development tools

Python IDE : IDLE

User interface

User interacts with the system like a standalone application.


Project Design

Design consideration

Based on goals of project the following points to be considered and achieved:

The system should be effective and able to handle large number of users. The system is having large user base.

The system should provide protection against corrupt nodes.

The system should protection to origin, destination and content of message along the path.

The system should defend against internal attackers.

The system should defend against corrupt receivers.

The simulation system should make decisions the way we wanted to implement.

The simulation system should measure the time taken for encrypting.

The simulation system should measure real world hop time

Abstract design

In this project we implement onion routing and compare performance with crowd protocol by running simulation on them. This process broadly consists of following steps:

Step 1: sender forwards message to proxy by providing destination address.

Step 2: proxy is responsible for choosing some random path and create onion based on the path, and forwards to next node in the path.

Step 3: node 1 receives onion and decrypts by peeling of first layer of onion so that it contains of address of next node and forwards the remaining packet.

Step 4: step 3 is continued till the message is received to destination.

For simulation broadly consists of following steps:

Step 1: run simulation on crowd and onion routing protocols.

Step 2: calculates band width and over head for both protocols.

Step 3: generates respected graphs and stored in root file.

Block Diagram

Node 1



Node n


Node 2

Block diagram explains the flow of data from sender to receiver.

Detailed Design


The following tables explain the uses cases:

Use case



Sender forwarding to proxy


Message to be transferred



Error handling

Connection made successfully, message received

Use case



Proxy forwarding to next node in path





Error handling

Encryption done successfully

Use case



Node forwarding to next node in path




Remaining onion

Error handling

Decrypted successfully and link established

Use case



Node n forwarding to destination





Error handling

Decryption done and link established

Use Case Diagram

Class Diagram:

Class diagram for onion implementation:

In the above diagram there are four classes and one interface. The classes are sender, proxy, node, receiver and interface common functions. The classes sender, proxy, node implements common functions. The sender class passes the message in string form to proxy. Proxy is key to our project as it responsible for path creation and stores all IP address in a list and creates onion by encrypting it several times based on the path. Node class acts like transportation it receives onion decrypts by using its public key so that one layer of onion is peeled away, after peeling node knows the information about to where to forward it based on information it got by decrypting the layer of onion. Receiver receives exactly the same message as sender has sent to it.

Class diagram for simulation:

The modules used in simulation:

Driver: this module reads all parameters, runs crowd and onion routing protocols and gives graphical data of simulation. This module consists of parameter file and Driver class.

Crowds: this module has crowds class and implements crowd algorithm

Onion: this module has onion class and implements onion routing algorithm

Application: this module consists of all various methods which are used in other modules and has application class

This simulation software splits into various classes which are in modules described above. The classes in this software are crowd, onion, application, and driver. The classes crowd and onion are protocols classes, and used in driver compare them. The classes are described below

Crowd: this class implements crowds algorithm specifies path from source to destination nodes according to the specification of crowds algorithm and specifies overhead and bandwidth statistics to driver which is based on path.

Onion: this class implements onion routing algorithm specifies path from source to destination nodes according to the specification of onion routing algorithm and specifies overhead and bandwidth statistics to driver which is based on path.

Application: this class provides various methods which are used in other classes such as calculating time to send a certain amount of data through the path chosen by both protocols.

Project Design: Methods

Onion routing project has methods like connect ( ) which is responsible for establishing socket connection, Send ( ) this method is responsible for sending the messages, close ( ) it is responsible for closing connection once the transfer of messages has been done, encrypt ( ) is responsible for encrypting IP addresses along with the message using diff keys of nodes, decrypt ( ) is responsible for decrypting the onion, recv ( ) is responsible for receiving packets from previous node.

For simulation the methods in driver class are graph ( ) and simulate ( ) for drawing graph and running simulation. Methods in protocols are getpath (source, destination): list responsible for creation of path and runtest ( ): list for running simulation.


Project implementation

Approach followed for this project

To implement project I used python for following reasons:

Documentation: python provides detailed documentation with support from community. The major advantage is free code available on internet and lot experts available to help.

Efficiency: python offers better performance when compared to similar high level languages like Java. It is a scripting language but still it can be partly compiled.

Flexibility: python suits implementation as many API's available like in this project I used Pycrypto, Networkx, GNU plots.

Implementation platform:






Provides GUI environment for python



It gives facility to run crypto algorithms



Is used to generate graphs to represent network

GNU plots


It generates 2D and 3D of numerical data.

To discuss more about platforms used first we will discuss more about prerequisites to be installed before running the code the following are:

Install python 2.5 or greater

Install Pycrypto library

Install Networkx library

Install GNU plot library

IDLE: is an integrated development environment for Python. The main features of IDLE are multi window text editor by highlighting syntax, smart indent, auto completion and other. It has Python shell with highlighting syntax feature. It has integrated debugger with call stack visibility, persistent breakpoints, and stepping.

Pycrypto library:

This Python cryptography toolkit is intended to provide stable and reliable base for writing Python programs that requires cryptographic functions. The main goal of this tool kit is to provide consistent and simple interface for similar classes of algorithms. It is collection of cryptography modules for implementing protocols and algorithms.


Is a python library for networks and graphs. It is free software released under BSD license. The main features are it has classes for both graphs and digraphs. It can convert graphs from and to several formats. It has ability to construct incremental graphs and can generate random graphs. It can draw network in both 2D and 3D and has a ability to explore degree, adjacency, radius, diameter, betweenness, center etc. NetworkX is suitable for working on real world graphs. Capability of handling graphs with 10million nodes and 100 million edges. [ ]

GNU plots:

Is a command line program for generating two-dimensional and three-dimensional plots data, functions and data fits. This programs runs on all major operating systems. The main features of GNU plots are it can produce output directly on desktop screen or required format of graphic files, including Encapsulated Post Scripts (EPS), JPEG, Scalable Vector Graphics (SVG), Portable Network Graphics (PNG) and many others. It is capable of producing Latex codes which can be used directly in Latex documents making use of powerful formulae ability and Latex's Fonts. These programs can be used both in batch mode and interactively in scripts. We can get more extensive help from internet also. This program is well documented and well supported. GNU plots can be used in Python via Gnuplot - py even though it is programmed in C programming language. We can use directly as it is open source command line.

PARAMETERS: (for simulation)

We can edit simulation parameters in base file called in the base project directory. The parameters are stored in python dictionary named parameters. The syntax for creating dictionary in python is provided online. The available parameters used in simulation are given below.


Example value



(5, 1000, 5)

It gives information of number of nodes in the form of start, stop and step. This means start with 5 nodes and total of 1000 nodes and gives statistics by increasing 5 nodes.

Band width range

(1, 10)

It gives range for using when generating random bandwidths to connect among nodes in out simulated network.



For every network size run the simulation for 5 times and plot the average of those, this is provide stability in results.



Packet size in bytes for calculating band width of both protocols.



Number of packets sent for calculating bandwidth. The amount of data now becomes this times to packet size. So now we will send 68 * 10bytes = 680 bytes of information. The bandwidth is calculated by 680 bytes divided to the time taken for sending 680 bytes from source to destination.


(.1, 1)

Range of encryption times used in both protocols for onion routing and crowd.


(.1, 1)

The Hop time for each node in simulated network. This gives information about the delay it caused by each node is taking to process the current packet.


[10, 20, 100, 200]

Number of nodes of network at which snap shot is taken. That means snap shots of network is produced when the network size is 10, 20, 100 and 200 nodes and output is stores in .png file in current directory.


Result s and Discussion

Results: (for simulation)

The software when runs produce various outputs including live graphs presenting simulation data. One graph is for band width and the other for over head. The band width graph contains the amount of data sent using both protocols divided by amount of time it took to send data. The overhead shows simply the amount of time taken to send data. Hence for high bandwidth, speed and low overhead is desirable. The both graphs look as shown in following figures. The raw data of graphs is stored in overhead and bandwidth files in base project directory by running the simulation.

The lines of above graph show bandwidth measurement, which indicates higher speeds. Crowd has better measurements when compared to onion routing protocol. From these measurements we can conclude that anonymity provided by onion routing comes with cost when compared to crowd routing.

The graph above shows overhead measurements for both onion routing and crowd protocols. It's clear that onion routing has more over head when compared to crowd protocol, especially when network grows in number. A browser running an anonymous protocol might experience two or more delay than standard browser. Which is enough to cause many users to give up hopes of anonymity in exchange to speed.

While running simulation snapshots of network also created. These snapshots will be saved in current directory with filenames like nodes_10_protocol_onion.png. This says that the snap shot is for 10 nodes, highlighted path is the path chosen by onion protocol. These snapshots will have colored circles which denotes as nodes in network, and edges between nodes. Width of nodes denotes the latency of connection between two nodes and so we can say that thin edges are for fast connections and wide edges are for slow connections. Blue nodes and pink edges represent the path chosen by protocol, the first blue node is source and last blue node is for destination of the connection. The snapshots look as follows.

Measurement data:

The simulation output statistics about overhead and bandwidths of both protocols for fixed size networks. The following tables are the summary of data generated by simulation. The number of nodes column gives us the size of network by number of nodes and both protocol columns gives us overhead in seconds and band width in Mbps.

Number of nodes

Onion routing protocol

Crowd protocol

























Number of nodes

Onion routing protocol

Crowd protocol

























Our simulation snapshots are not useful as the raw data, or graphs for data analyzation, but it's useful for the kinds of path chosen by crowd and onion protocols.


As seen from graphs and tables crowds have been outperformed onion routing. Crowds routing was able to give better performance than onion routing as it is designed to choose shortest random path through crowd. This decreases the amount of overhead cost for both encryption and decryption. Crowds also finds shortest path between last jondo to added to path and the final destination. Using shortest path this reduces the amount of encryption and decryption. While initially onion routing performed well than crowd protocol, its performance got decreased by increase of number of nodes i.e., with the increase of size of network. This decline is because onion routing chooses random paths which can be large. As path increases that leads to increase in number of encryptions and decryptions which results in increased over head and poor bandwidth.



From simulation results we can say that "As the number of nodes increases crowd protocol gives better performance than onion protocol in terms of minimizing overhead and utilizing bandwidth". During starting the project I assumed that onion routing performs better than crowd routing up to network size of 100 nodes but the results showed that with network size of 20 nodes only it got changed and crowd started to give better performance then onion routing protocol. The project main goal is to protect user's privacy and system provides it. Onion routing is resistant to both traffic analysis and eaves dropping. The system is successful in creating onions and forwarding them through the path.

Future work/scope

It has lot of future scope as still lot of research is going on privacy and which system provides better and fast service. Future work is to create simulations of other exiting anonymous protocols. Compare the results of other protocols against protocols implemented. Collect more performance data instead of just bandwidth and overhead. Go beyond simulating the protocol and test the performance of real world implementations. Determine the methods of analyzing anonymity such that the same anonymity measurements could be used across multiple dissimilar protocols. Research ways to improve overhead and usability of existing protocols, especially in real-world implementations such as Tor. Develop our own protocol based on learning. Extend the onion routing system to support other protocols, such as FTP. Extend full support, inclusive of installer, to other operating systems such as Mac OS, in Mac OS only command line installation is available. Re design the onion routing for improving through put and implementing on reply onions. [ ] [ ]. Can implement other mechanisms for responding to anonymous connections. Can do detailed analysis of onion routing to enable quantative assessment in terms of resistance to traffic analysis.