Onion Network, Onion Routing Cybercrimes YouTube Lecture Handouts

Get unlimited access to the best preparation resource for competitive exams : get questions, notes, tests, video lectures and more- for all subjects of your exam.

Onion Network

Onion Routing Cyber Crimes

Illustration: Onion Routing Cyber Crimes
  • Onion routing is a technique for anonymous communication over a computer network.
  • In an onion network, messages are encapsulated in layers of encryption, analogous to layers of an onion. The encrypted data is transmitted through a series of network nodes called onion routers, each of which “peels” away a single layer, uncovering the data՚s next destination. When the final layer is decrypted, the message arrives at its destination. The sender remains anonymous because each intermediary knows only the location of the immediately preceding and following nodes.
  • While onion routing provides a high level of security and anonymity, there are methods to break the anonymity of this technique, such as timing analysis
Illustration: Onion Routing Cyber Crimes
  • Encrypted when leaves client … End to end encryption. Even ISP cannot sniff the data. Using asymmetric key cryptography, the originator obtains a public key from the directory node to send an encrypted message to the first ( “entry” ) node, establishing a connection and a shared secret ( “session key” ) . Using the established encrypted link to the entry node, the originator can then relay a message through the first node to a second node in the chain using encryption only the second node, and not the first, can decrypt. When the second node receives the message, it establishes a connection with the first node. While this extends the encrypted link from the originator, the second node cannot determine whether the first node is the originator or just another node in the circuit. The originator can then send a message through the first and second nodes to a third node, encrypted such that only the third node is able to decrypt it. The third, as with the second, becomes linked to the originator but connects only with the second. This process can be repeated to build larger and larger chains, but is typically limited to preserve performance.
  • When the chain is complete, the originator can send data over the Internet anonymously. When the final recipient of the data sends data back, the intermediary nodes maintain the same link back to the originator, with data again layered, but in reverse such that the final node this time removes the first layer of encryption and the first node removes the last layer of encryption before sending the data, for example a web page, to the originator

Limitations

Illustration: Limitations

Timing Analysis

  • Onion routing creates and obscures a path between two computers such that there՚s no discernible connection directly from a person to a website, but there still exists records of connections between computers. Traffic analysis searches those records of connections made by a potential originator and tries to match timing and data transfers to connections made to a potential recipient.
  • Garlic routing is a variant of onion routing associated with the I2P network that encrypts multiple messages together, which both increases the speed of data transfer and makes it more difficult for attackers to perform traffic analysis.

Exit Node Vulnerability

Although the message being sent is transmitted inside several layers of encryption, the job of the exit node, as the final node in the chain, is to decrypt the final layer and deliver the message to the recipient. A compromised exit node is thus able to acquire the raw data being transmitted, potentially including passwords, private messages, bank account numbers, and other forms of personal information.

Mayank