How Does the Tor Browser Function?

By Jackson Wright

Onion Routing

• The idea of Onion Routing is to protect the privacy of the sender and the recipient while also maintaining the privacy of the content involved in the transfer of data

• Onion routing technology is very complicated and must be broken down into many parts to be analyzed comprehensively

Onion Routing

This diagram represents an overview of the technology that is utilized in order to continuously encrypt data across a network. The data begins in the outermost layer of encryption and is modified at each individual stop.

Initial Steps

• The process of data transfer is initialized in one location

• The data is assigned a randomized encrypted route to the next cooperative system on the Tor network

Encryption

• The data reaches the second system and now it must be decrypted and re-encrypted

• Encryption is achieved using Asymmetric Cryptography, a form of encryption that involves a cryptographic algorithm that utilizes the mathematical aspects of digital signatures

Asymmetric Cryptography

Asymmetric cryptography involves an algorithm that analyzes the digits of public and private digital signatures in order to achieve encryption. The public key is used to encrypt plaintext and the private key decrypts ciphertext. This is the form of encryption that allows the Tor browser to function.

Asymmetric Cryptography

• This encryption method is used because it allows the Tor browser to be utilized as a cooperative network where systems work together to maintain anonymity

• This is possible because asymmetric cryptography allows for decryption and re-encryption of data at each single terminal involved in routing the data to its recipient, unlike many encryption methods which cannot be re-routed through the same node after decryption and re-encryption

Drawing Conclusions

• An analysis of asymmetric cryptography provides evidence for the idea that the network is not capable of being compromised from a single access point, which has great significance for the inquiry aspect of my project, but it also provides the understanding of the encryption methods that allow data to flow through Tor

Cooperative Anonymity

• Asymmetric cryptography is the key to the entire transfer, as the data moves on from the second system in the chain, it is routed through hundreds of others, at each encountering the decryption and re-encryption of the public and private keys associated with the data

• This is how cooperation is utilized to strengthen the network

Additional Encryption

• In addition to the main method of encryption, in order to maintain a relation between the sending system and all other terminals, there is a “private handshake” key maintained by the primary system that must be matched up with at each terminal that the data is routed through

• This handshake key must be ratified by a relay cell at each routed terminal in order for the data to prepare for asymmetric cryptography

Relay Cell

• Relay cells initiate at the second terminal and continue throughout the data’s route

• A new relay cell is created at each terminal, each just slightly different from the one that was passed to it

• This algorithm allows the private handshake key of the sending system to automatically match up with each slightly adjusted relay cell as both are passed down through the network

Encryption

• These methods of encryption work in combination to improve the security and anonymity of the Tor browser

• Often, one chain of decryption/encryption follows another and the combination of many forms of encryption creates issues for those who plan on implementing surveillance in the Tor network

• Tor relay’s become extremely important as they have the capability to decrypt each layer of the onion routed data

Continued

At each terminal, a virtual layer of encryption is added. This leaves the most strain on the final decryption node, which is often a Tor relay server, often known as an “exit node.”

Tor Relay Technology

Tor relay’s utilize the same decryption technique involved in asymmetric cryptography except the exit nodes do not re-encrypt the data, instead, the data is transferred to the recipient with a standard mode of encryption rather than the heavy layered encryption that Tor uses.

Tor Relay Technology

• This last transfer from the exit node to the recipient is very risky and is an important factor in inferring an answer to the inquiry of my course project

• All the layers of the onion routing have been decrypted at this point thanks to asymmetric cryptography, and the Tor relay finally must transfer the data to the recipient

Risks of the Technology

• With all the layers of the network decrypted, this last transfer of data could compromise the recipient and the Tor relay server, a normal private encryption is used for the final step

• If the government can determine the location of recipients in the network, beneficial users will be compromised due to surveillance

• You cannot maintain your peace of mind using the Tor network if you do not feel comfortable with the technology that is supposed to protect your anonymity

Continued

• As is evident, the Tor network has flaws and this analysis of the technology was meant to provide a comprehensive and in-depth review of the positives and negatives of the technology that the Tor network is comprised of

• Browser plug-ins leave traces of IP addresses in digital signatures; just allowing Adobe Flash to run while in Tor mode can compromise your anonymity• This is one of my greatest personal issues with

the network; it is not safe to use for the casual user

Technological Weaknesses

• Tor relay’s do not have the technology to constantly send dummy messages; it is possible to pinpoint when a particular Tor relay is functioning by analyzing the times at when they activate

• If a node stops functioning, any data transfer that involved that terminal is left unprotected because one broken link the chain leaves the data un-encrypted

Continued

• If a node is previously compromised, it may be programmed to target a single sender, eventually giving away the location of the sender and allowing for a successful net traffic analysis

• If an exit node is compromised:• Each terminal involved in routing through that

node is compromised• All data that is routed through any chain that

involved this node is now un-encrypted

Conclusion

• It is evident that there are various positives and negatives of this browser and this course project is meant to highlight the significant aspects. There are solid reasons to utilize this anonymous browser but there are also reasons to be cautious. This analysis has contributed greatly to my understanding of the topic as well as to my inquiry into whether the network is internationally compromised by surveillance entities.

Conclusion Continued

• One issue I hope to tackle with my course project is the lack of awareness of anonymous browsing techniques among the public• I hope to try and alleviate some worries and

provide the in-depth knowledge of Tor’s technology that could allow a casual computer user to confidently and safely use this anonymous browser

• The technology that allows for anonymous browsing is very complicated and encryption was a topic I was not well educated on before this technological analysis; now I feel more secure in how the network functions and can progress towards an educated inference for the answer to my project inquiry

Sources

• https://www.torproject.org/about/overview.html.en

• https://www.torservers.net/wiki/_media/tor-relay-poster.resized.jpg

• http://upload.wikimedia.org/wikipedia/commons/thumb/4/4c/Public_key_shared_secret.svg/250px-Public_key_shared_secret.svg.png

• http://en.wikipedia.org/wiki/Asymmetric_key_cryptography

• http://www.networkworld.com/details/7088.html

• http://en.wikipedia.org/wiki/Onion_routing

• http://www.makeuseof.com/tag/what-is-onion-routing-exactly-makeuseof-explains/

• http://rmonteux.files.wordpress.com/2011/03/tor-works.png

• http://upload.wikimedia.org/wikipedia/commons/thumb/e/e1/Onion_diagram.svg/250px-Onion_diagram.svg.png

• http://www.acsac.org/2011/program/keynotes/syverson.pdf

• http://www.google.com/url?sa=i&rct=j&q=&esrc=s&source=images&cd=&http://www.washingtonpost.com/blogs/the-switch/files/2013/08/tor.png