The Onion Router
Abstract
The Onion Router (TOR for short) is
“a circuit-based low-latency anonymous communication service.”[1] Its purpose
is to provide users with a way to access online networks without having the IP
address recognized. Internet activity is difficult to trace because of
encryption. Layers of relays are encrypted and re-encrypted multiple times and
sent across a virtual circuit, which is relayed across the Internet similar to
a traffic relay. The process of the relaying can be looked at and compared to
layers of an actual onion. TOR protects users from traffic analysis, which can
be a major issue in countries with very stringent censorship. Some reasons why
people use TOR are to find a loophole around censorship bills, such as CISPA,
PIPA, and SOPA. TOR is sponsored and funded by the US Naval Academy and is now
developed by the TOR Project.
Keywords: TOR, encryption, relays, IP address anonymity, layers, low latency, traffic relay, traffic analysis, censorship
Keywords: TOR, encryption, relays, IP address anonymity, layers, low latency, traffic relay, traffic analysis, censorship
1. History
TOR released its first alpha version of the software on September 20, 2002 that was used to communicate sensitive information to bases from naval ships. Three men named Roger Dingledine, Nick Mathewson and Paul Syverson first created this software. A lot of its funding comes from the US government. The US Naval Research Laboratory originally sponsored TOR. In 2006, the software began being developed by the TOR project, which is a 501(c)(3) research-education nonprofit organization and now has plenty of financial support. Now, as of 2012, 80% of TOR’s $2million dollar budget comes from the US and Swedish governments, as well as other integral supporters.
TOR released its first alpha version of the software on September 20, 2002 that was used to communicate sensitive information to bases from naval ships. Three men named Roger Dingledine, Nick Mathewson and Paul Syverson first created this software. A lot of its funding comes from the US government. The US Naval Research Laboratory originally sponsored TOR. In 2006, the software began being developed by the TOR project, which is a 501(c)(3) research-education nonprofit organization and now has plenty of financial support. Now, as of 2012, 80% of TOR’s $2million dollar budget comes from the US and Swedish governments, as well as other integral supporters.
"Using free software, Tor has enabled roughly 36 million people around the world to experience freedom of access and expression on the Internet while keeping them in control of their privacy and anonymity. Its network has proved pivotal in dissident movements in both Iran and more recently Egypt." [2] Now, TOR is described as a (from Jacob Appelbaum) "part of an ecosystem of software that helps people regain and reclaim their autonomy. It helps to enable people to have agency of all kinds; it helps others to help each other and it helps you to help yourself. It runs, it is open and it is supported by a large community spread across all walks of life." [3]
2. How TOR Works
Think of an actual onion. An onion has many layers inside of it. With these layers, when TOR is launched from your browser (ex Firefox), you connect to the TOR relay network. The TOR relay has traffic pass to multiple relays. There are several layers, each being one relay with a different IP address. It is almost impossible to determine the IP address of your computer (or the computer you are running TOR from) because during the encryption/re-encryption process, the IP address is hidden. The relay and IP address change as traffic goes between the relays. The IP address is anonymous because TOR doesn’t pick up your computer’s IP address, but it picks up the IP address of the last relay.
Think of an actual onion. An onion has many layers inside of it. With these layers, when TOR is launched from your browser (ex Firefox), you connect to the TOR relay network. The TOR relay has traffic pass to multiple relays. There are several layers, each being one relay with a different IP address. It is almost impossible to determine the IP address of your computer (or the computer you are running TOR from) because during the encryption/re-encryption process, the IP address is hidden. The relay and IP address change as traffic goes between the relays. The IP address is anonymous because TOR doesn’t pick up your computer’s IP address, but it picks up the IP address of the last relay.
Relays (or
layers) are chosen randomly based on the speed, as well as what is closest to
where you are/where your destination is. It also takes into account which relay
has the least amount of users on that particular relay. After all factors are
taken into account, the “best” relay is used; if the best relay is not
available, the next best relay is used. The same relay/path is also not used
every time. Users can also set the amount of available bandwidth to use.
2.1. Relaying the Traffic
Since traffic is relayed and people who use this want to keep as low of a profile as possible, the bandwidth can be set in order to keep a low latency. According to figure 1 (below), the public relay (the default setting, which is the one in the middle in the image) is used for any standard network where either you don’t want your location to be tracked through the network. This is also used if you’re trying to access a blocked website. For example, when accessing facebook at work when you’re not allowed to, this helps prevent whoever is checking IPs from seeing and knowing that facebook was accessed from that workplace. Also, if someone is working with a non-government agency in a foreign country when the user doesn’t want to disclose his or her location, as well as wanting to access the agency website, this setting is also ideal. The bottom setting is used when users are trying to get around countries that have strong Internet censorship or highly monitored Internet, such as China, that prevent users from accessing social networking sites, Google, and even Youtube.
2.1. Relaying the Traffic
Since traffic is relayed and people who use this want to keep as low of a profile as possible, the bandwidth can be set in order to keep a low latency. According to figure 1 (below), the public relay (the default setting, which is the one in the middle in the image) is used for any standard network where either you don’t want your location to be tracked through the network. This is also used if you’re trying to access a blocked website. For example, when accessing facebook at work when you’re not allowed to, this helps prevent whoever is checking IPs from seeing and knowing that facebook was accessed from that workplace. Also, if someone is working with a non-government agency in a foreign country when the user doesn’t want to disclose his or her location, as well as wanting to access the agency website, this setting is also ideal. The bottom setting is used when users are trying to get around countries that have strong Internet censorship or highly monitored Internet, such as China, that prevent users from accessing social networking sites, Google, and even Youtube.
Figure 1: This figure shows TOR settings that users would see when using the software [4]
3. TOR and Stringent Censorship Laws
Many countries, such as China, have very strict censorship laws. According to an article from the New York Times, China has completely blocked websites, such as Google and Youtube. [5] This would be a reason to use TOR because people would want to find ways around the stringent censorship. Even worse, “Although the existence of an Internet police force - estimated at more than 30,000 - has been known for some time, attention has previously focused on their work as censors and monitors. Countless critical comments appear on bulletin boards of major portals such as Sohu and Sina only to be erased minutes, or sometimes just seconds, later. In the most recent case, all postings that blamed corrupt local officials or slow-moving police for the deaths of 88 children in floods last Friday were removed almost as soon as they appeared.” [6] People are outraged, especially in America, by these actions because of how radical and violating they are.
People should be entitled to post whatever they want on the internet, even political remarks, because it’s a first amendment constitutional right, at least in the US. CISPA, PIPA, and SOPA are examples of bills being passed around the government that are used for regulating Internet privacy/censorship. Although there are many risks for posting something controversial on the Internet, one of the biggest issues is the posting of political comments.
Many countries, such as China, have very strict censorship laws. According to an article from the New York Times, China has completely blocked websites, such as Google and Youtube. [5] This would be a reason to use TOR because people would want to find ways around the stringent censorship. Even worse, “Although the existence of an Internet police force - estimated at more than 30,000 - has been known for some time, attention has previously focused on their work as censors and monitors. Countless critical comments appear on bulletin boards of major portals such as Sohu and Sina only to be erased minutes, or sometimes just seconds, later. In the most recent case, all postings that blamed corrupt local officials or slow-moving police for the deaths of 88 children in floods last Friday were removed almost as soon as they appeared.” [6] People are outraged, especially in America, by these actions because of how radical and violating they are.
People should be entitled to post whatever they want on the internet, even political remarks, because it’s a first amendment constitutional right, at least in the US. CISPA, PIPA, and SOPA are examples of bills being passed around the government that are used for regulating Internet privacy/censorship. Although there are many risks for posting something controversial on the Internet, one of the biggest issues is the posting of political comments.
3.1. CISPA
The most relevant one of the Internet regulation bills is CISPA because PIPA/SOPA are currently on hold and not being dealt with in Congress. CISPA also encompasses both PIPA and SOPA.
The most relevant one of the Internet regulation bills is CISPA because PIPA/SOPA are currently on hold and not being dealt with in Congress. CISPA also encompasses both PIPA and SOPA.
CISPA is the Cyber Intelligence Sharing and Protection Act, as well as the post SOPA/PIPA. If this bill is passed, military and government agencies will be able to share private information from people/companies without a warrant if they think a threat is being imposed. For example, if you download a copyrighted movie, you are mandatorily entitled to share your information with the government and have all of your Internet activity being monitored. Many people disagree with using CISPA being passed in Congress because they feel like it violates amendment rights (ex privacy, freedom of speech). Online websites, such as Reddit, have even held protests of this bill by shutting down their website.
4. Why TOR?
“Using Tor protects you against a common form of Internet surveillance known as "traffic analysis." [7] This picks up your Internet communication and the source/destination of your traffic (ex which sites you visit), as well as your private identity. TOR helps users to avoid these issues while creating a private network pathway to prevent your information from being tracked. For an e-commerce site, with knowing the destination of where the site is housed and where the users are located, price discrimination is used. Sometimes, people don’t want his or her location revealed; if it were to be revealed on a specific occasion, jobs could be jeopardized, as well as safety. Also, there are instances where users in America may want to stream BBC in Europe since it’s not available in America. Without TOR, when using media players such as HULU or Spotify, these media players check IP addresses to ensure licensing in the proper country. With censorship and violating constitutional rights becoming a constant issue, TOR makes sure that people’s private information remains private and not subject to government monitoring.
4.1. Traffic Analysis
With TOR, users want to keep personal information anonymous. With using traffic analysis, it is “a special type of inference attack technique that looks at communication patterns between entities in a system." [9] What that means is that messages are intercepted and examined within the communication patterns when messages are unable to be decrypted when they are encrypted. When the government observes messages for example, those messages, which may contain classified or illegal information, are intercepted and stored. Even more information can be taken from the traffic patterns and used against people. Traffic analysis is done for military intelligence, counter-intelligence, or when security may be an issue.
From a more technical standpoint, with traffic analysis, data packets on the Internet have two parts: a data payload and a header. The payload contains whatever is sent across the network (ex an email, audio or video file). If the data payload is encrypted, traffic analysis can reveal much of the information due to the header, which is what traffic analysis focuses on. The header discloses information such as the source, destination, and size. An even more in-depth form of traffic analysis even defeats encryption tactics because only the traffic is hidden; the header is still revealed.
5. Uses of TOR in the Real World
TOR is very widely used, such as by Indymedia, for protecting the privacy of members, as well as their security. Even activist groups, such as the Electronic Frontier Foundation (EFF) see TOR as software that can maintain integral civil liberties on the Internet. It is also used for online company competition analysis. Branches of the US Navy use TOR for gathering important information wile being deployed in the Middle Easy. Law enforcement uses TOR for website surveillance and security during sting operations. People generally are highly in favor of TOR because of how secure it is. It hides and distinguishes users on the TOR network to the most diverse user base. Anonymity is protected, which is what people like.
6. Conclusion
TOR is a very useful tool for hiding IP addresses and the location of your personal machine. It is even more appealing because it is a free download. When launched in a browser, traffic is passed through multiple relays. Privacy is maintained because the last relay IP is picked up instead of the location of the computer itself. Many individuals and companies use TOR in order to protect personal information, safety, and even for downloading British TV in Tennessee. Since censorship is a very controversial issue in America, people want to use TOR as a legal loophole around the censorship and monitoring. People are very aggravated by CISPA and want to avoid legal issues. Even though people can still use TOR for illegal actions, ultimately, if users want to keep personal information private, TOR is the best tool that can be used out there.
Sources
[1] "Tor: The Second-Generation Onion
Router." Tor: The Second-Generation Onion Router. N.p., n.d.
Web. 23 Apr. 2013.
<https://svn.torproject.org/svn/projects/design-paper/tor-design.html>.
[2] "Free Software Foundation." 2010
Free Software Awards Announced — — Working Together for Free Software.
N.p., n.d. Web. 24 Apr. 2013.
<http://www.fsf.org/news/2010-free-software-awards-announced>.
[3] "The Verge." The Verge.
N.p., n.d. Web. 25 Apr. 2013.
<http://www.theverge.com/2013/3/11/4091186/interview-uncut-jacob-appelbaum>.
[4] "Tor." Project: Relay
Configuration Instructions. N.p., n.d. Web. 23 Apr. 2013.
<https://www.torproject.org/docs/tor-doc-relay.html.en>.
[5] "Google Is Blocked in China as Party Congress Begins." Bits Google Is Blocked in China as Party Congress Begins Comments. N.p., n.d. Web. 26 Apr. 2013. <http://bits.blogs.nytimes.com/2012/11/09/google-is-blocked-in-china-as-party-congress-begins/?ref=internetcensorship>.
[6] Watts, Jonathan. "China's Secret Internet Police Target Critics with Web of Propaganda."The Guardian. Guardian News and Media, 13 June 2005. Web. 3 May 2013. <http://www.guardian.co.uk/technology/2005/jun/14/newmedia.china>.
[7] "Tor." Project: Overview.
N.p., n.d. Web. 23 Apr. 2013.
<https://www.torproject.org/about/overview.html.en>.
[8] "Linux, BSD, and
Everything Else..." : Using Tor to View Restricted Video Sites
Internationally. N.p., n.d. Web. 2 May 2013.
<http://all-things-linux.blogspot.com/2011/07/using-tor-for-viewing-restricted-video.html>.
[9] "Security Laboratory." Traffic Analysis. N.p., n.d. Web. 3 May 2013. <http://www.sans.edu/research/security-laboratory/article/traffic-analysis>.
[9] "Security Laboratory." Traffic Analysis. N.p., n.d. Web. 3 May 2013. <http://www.sans.edu/research/security-laboratory/article/traffic-analysis>.
No comments:
Post a Comment