Department of Computer Science and Engineering

Technical seminar
on

ONION ROUTING
Presented by

Jogi Surya Teja

11H61A05E2
Under the guidance of

Mr.V.Rama Krishna
Assistant professor

Organization
Introduction
Traffic Analysis overview
Onion routing
Example
Problem and solution
Conclusion
References

Introduction:
Types of Attackers on
the web:
Active Attackers
Passive attackers

Traffic Analysis:

Traffic analysis focuses on the headers, which

contain meta data like source address,
destination address, timing information etc

Hence even if the packet content is encrypted,

Traffic analysis can reveal useful information

Importance of Traffic Analysis

Although traffic analysis provides lower quality

information, it is preferred over cryptanalysis.

It is also cheaper because traffic data can be

automatically collected and processed to provide
a high degree of intelligence.

It is used for military purposes and by various

organizations to track unpleasant events over the
internet.

Onion Routing:

Onion routing is the

mechanism in which the
sender (initiator) and the
receiver
(responder)
nodes communicate with
each other anonymously
by means of some
intermediate
nodes
called as onion routers

It relies on public key

cryptography

Structure of Onion Routing:

Infrastructure for Onion Routing :

Network
Infrastructure

Proxy Interfaces

Steps in Onion Routing

Defining a route
Constructing an anonymous connection
Moving data through an anonymous
connection

Example:

Let onion routers 4, 3, and 5 be randomly

selected by the onion proxy

The proxy encrypts the

data with 5s public key
followed by 3 and then 4

Thus an onion is created

which looks like
E4pu (3s IP address,
E3pu ((5s IP address,
(E5pu (recipients IP
address, data)))))

The proxy then sends the onion

to the first onion router i.e. 4

Onion router 4 peels the outer

layer of the onion using its
private key

It forwards the onion to 3 which

now looks like E3pu ((5s IP
address, (E5pu (recipients IP
address, data))))

Onion router 3 peels

the outer layer of the
onion using its private
key

It forwards the onion

to 5 which now looks
like (E5pu (recipients
IP address, data))

Onion router 5 now peels

the outer layer of the onion
using its private key

It finds plain data and the

destination address and
forwards it to the
destination

Problems and solutions

The size of the onion reduces as it nears the

destination

Hence an attacker can infer details about the

destination

To avoid this onions are padded at each

onion router to maintain the size of the onion
(Onions can be padded to same or different
sizes )

Every onion router has details of only its

previous and next hop

So even if an onion router has been

compromised the attacker can only get the
encrypted onion .He will not be able to decrypt
the onion without the private keys and hence will
not infer any valuable information from it

Suppose an attacker records data going on

between routers and is able to compromise a
router at a later stage, to acquire private key and
decrypt data.

This can be avoided by using a session key

between communicating parties.

The session key is used to encrypt data and is

valid only for the duration of the communication.

CONCLUSION
Onion routing can be used in anonymous
network and also in military applications.
Resistant to both eavesdropping and traffic
analysis.

THANK YOU

References
www.onion-router.net
https://en.wikipedia.org/wiki/Onion_ro
uting