Friday, February 17, 2012

The Tor anonymity network

Motivation

In this scenario, we are dissidents living in a country like Iran. Our adversary is the government; it controls our ISP, and can observe or censor all web traffic. But still it is technically infeasible to filter all content (deny-by-default) without breaking the Internet.
Imagine we post messages on a social-networking website to organize a protest. The government can observe the content of this post, and the IP address that posted it. Now, in free countries, an IP address does not perfectly reliably reveal one’s identity (since ISPs often NAT or dynamically reassign them). But here the government either controls our ISP or can easily force it to reveal its logs, and thereby reveal our identity and physical location. In any case, where the rule of law is lacking, it wouldn’t trouble the government to prosecute based on unreliable information. We are thus exposed to retaliation.
A simple solution would be to browse the internet over an encrypted connection (e.g. SSH) to a friend’s computer in another country. To avoid government blocking, the IP address of the friend’s computer must be kept private. So this solution only works for those few dissidents fortunate enough to personally know someone in another country who is willing to share their Internet connection.

Further reading

Onion routing

The Tor network consists of a set of publicly-known computers called relays that function as nodes in the network. Nodes are run by volunteers living in free countries. Each node can be contacted by a Tor client, and can relay messages to other nodes, and make requests directly to public web servers (Actually that is a simplification; only exit nodes do this.). Each node generates a public-private key pair, and its public key is published.
To connect to a web server Z, our computer A chooses a sequence of 3 relays, P, Q, and R. Our request will be routed as APQRZ. To ensure untraceability, each packet is encrypted together with its routing information, wrapped in several layers of public-key cryptography.
Each relay decrypts the received message using his own private key, revealing the payload and who it is to be sent to. The relay peels off one layer of the onion.
  1. A randomly chooses P, Q, and R and looks up their public keys. A computes
    encryptP(Please send [encryptQ(Please send [encryptR(Please send [GET / HTTP/1.1…] to web server Z.)] to R.)] to Q.)
    and sends the result [afec462d473193670795bc08ecab5fa5] to P.
  2. P receives [afec462d473193670795bc08ecab5fa5]. He decrypts it using his private key, yielding Please send [2da1ab427df46b3cf8c7b28536c41fa5] to web server Q., and sends it on.
  3. Q receives [2da1ab427df46b3cf8c7b28536c41fa5]. He decrypts it using his private key, yielding Please send [498b4ddc9f957eca6473923163dd117f] to web server R., and sends it on.
  4. R receives [498b4ddc9f957eca6473923163dd117f]. He decrypts it using his private key, yielding Please send [GET / HTTP/1.1…] to web server Z., and sends it on.
  5. Z receives [GET / HTTP/1.1…]. To Z (which may be under government control or surveillance), the request appears to originate from the exit node R (who is in a free country, outside their jurisdiction) rather than us.
  6. The web server Z sends its response back to R, who relays it back to Q encrypted with Q’s private key. This repeats until the response reaches us at A. (Each intermediate node keeps connections open to its predecessor and successor, so returning packets don’t need to be wrapped with routing information.)
In this way, each intermediary only knows the identities of the two adjacent nodes. Thus even if the government controls an intermediary (by setting up their own Tor relay), they do not observe both the originator and content of a particular message. To reliably observe messages, the government would need to create several hundred nodes under their control; it would be noticed if hundreds of nodes suddenly appeared in some authoritarian country. Our anonymity is protected. (Of course there are other attacks on this scheme, which Tor mitigates by other means.)

The network in practice

There are currently about 2759 relays transmitting a total throughput of about 200 MB/s. There are approximately 470,000 users daily. Iranians comprise the second-largest group of Tor users by country.
The chief disadvantage of onion routing is that it is slow. Because packets are sent across the world several times, latency in particular suffers.

References

SHA-256 token: b3d1858590c0825cc18b66268794019535708eaea8716b1b51df199efff3d5e3

No comments:

Post a Comment