Onionnetworkarchitecture

http://www.ataeyan.com
By: Mahdi ataeyan

Privacy?!

Symmetrickeyalgorithm

Publickeycrypto

Anunpredictable
(typicallylargeand
random)numberis
usedtobegin
generationofan
acceptablepairofkeys
suitableforusebyan
asymmetrickey
algorithm.

Alice
Large
0110101010
Random
1101110100
Number
0011011010
Key
Generation
Program

Public

Private

Publickeyencryption

Inanasymmetrickey
encryptionscheme,
anyonecanencrypt
messagesusingthe
publickey,butonlythe
holderofthepaired
privatekeycandecrypt.
Securitydependsonthe
secrecyoftheprivate
key.

Bob
Hello
Alice!

Encrypt
Alice's
public key

6EB69570
08E03CE4

Alice
Hello
Alice!

Decrypt
Alice's
private key

Publickeysharedsecret

IntheDiffieHellmankey
exchangescheme,eachparty
generatesapublic/privatekey
pairanddistributesthe
publickey.Afterobtainingan
authenticcopyofeachother's
publickeys,AliceandBobcan
computeasharedsecret
offline.Thesharedsecretcan
beused,forinstance,asthe
keyforasymmetriccipher.

Alice
Bob's
public key

Combine
keys

751A696C
24D97009
Alice and Bob's
shared secret

Alice's
private key

Bob
Alice's
public key

Bob's
private key

Combine
keys

751A696C
24D97009
Alice and Bob's
shared secret

what'sOnionrouting?

ORisatechniqueforanonymous
communicationoveracomputernetwork
peelinganonion.

Whyonion?
Router A Key
Router B Key
Router C Key
Message

Source

Router A
Router B
Router C
Destination

entrynode

Firsthopintothetornetwork.

exitnode

lasthopbeforedestination.

relaynode

Middlenode

bridgenode

nodesnotlistedinthetordirectorytoevade
filtering

Steps

Theoriginatorpicksnodesfromthe
directorynodeandchosesomenode.
thechosennodesareordered(chainor
circuit)
Originatorencriptandsenddata.

picksnodesfromthe
directorynode

Selectnode

After10minute...

Whocanseethemessage?

thesender

thelastintermediary(theexitnode)

therecipient

endtoendencryption

Toroffhttpsoff

Toroffhttpson

Toronhttpsoff

Toronhttpson

Weaknesses

Timinganalysis

Intersectionattacks

Predecessorattacks

Exitnodesniffing

Dosnodes

socialengineeringattacks

Who'susingtor?

Diplomaticmission

Militaries

Normalpeople

Journalists

Activists&Whistleblowers

Hiddenservice

anonymitywebsites
andservers.
accessedthrough
onionaddress.
Abcdefghijklmnop.o
nion

rendezvousprotocol

computernetwork
protocol.
Enablesnetwork
nodetofindeach
other.
requireatleastone
unblockedandun
NATedservers.

advertise

advertiseexistence

randomlypickssomerelays

asksthemtoactasintroductionpoints

sendpublickey

introductionpointsdontknowservice
location(ip)

introductionpoints

hiddenservicedescriptor

thehiddenserviceassemblesahidden
servicedescriptor
signsdescriptorwithprivatekey.
uploadsdescriptortoadistributedhash
table.
16characternamederivedfromtheservice's
publickey.onion

hiddenservicedescriptor

Clientrendezvouspoint

clientneedstoknowonionaddress.
downloadthedescriptorfromthe
distributedhashtable.
theclientknowstheintroductionpointsand
therightpublickey.
Clientselectandconnecttorendezvous
pointandtellingitaonetimesecret.

Clientrendezvouspoint

clientintroducemessage

theclientassemblesanintroducemessage
(encryptedtothehiddenservice'spublickey)+
addressoftherendezvouspointandtheonetime
secret.
Theclientsendsintroducemessagetooneofthe
introductionpoints.

introductionpointsdeliveredtothehiddenservice.

theclientandserviceremainsanonymous.

clientintroducemessage

HiddenServicerendezvous
point

Thehiddenservicedecryptstheclient's
introducemessageandfindstheaddressof
therendezvouspointandtheonetime
secretinit.
Theservicecreatesacircuittothe
rendezvouspointandsendstheonetime
secrettoitinarendezvousmessage.

HiddenServicerendezvous
point

thelaststep

therendezvouspointnotifiestheclient
aboutsuccessfulconnectionestablishment.
connectionbetweenclientandhidden
serviceconsistsof6relay.

thelaststep

Hiddenserviceprotocol

Xyz.onion

SHA1hashofthepublickey
thefirsthalfofthehashisencodedto
Base32
thesuffix.onionisadded.
.onionnamescanonlycontainthedigits27
andthelettersazandareexactly16
characterslong.

Whyautomaticallygenerated
servicename?

facebookcorewwwi.onion

cryptographicattack
abuse
communication
betweentwoor
moreparties

Probability of a pair

Birthdayattack
1

0.9
0.8
0.7
0.6
0.5
0.4
0.3
0.2
0.1
0

23

0 10 20 30 40 50 60 70 80 90 100

Number of people

Getspecific.onionaddress

Shallot

Scallion(GPUhashing)

Eschalot(wordlistsearch)

test!

shallot

https://codeload.github.com/katmagic/Shallo
t/zip/master
./configure&&make

./shallot

./shallot^onion

Foundmatchingdomainafter22204717
tries:onion6r33t2v3sq7.onion

Shallot1.5GHZ

Characters

Timetogenerate

Lessthan1sec

Lessthan1sec

1min

7day

2,5years

11

640years

14

2.6milionyears

Hiddenservices

Who'susinghiddenservice

Hitmannetwork

drugs

Childpornography

Hacking

Political
(anarchism,...)
Warez

TornetworkhackedbyFBI?

Plausibledeniability

Listofmostpopularonion
websites

DuckDuckGo

ThePirateBay

Facebook

Blockchain.info

Wikileaks

SecureDrop

GraphRelaysandbridges

http://en.wikipedia.org/wiki/Onion_routing
http://en.wikipedia.org/wiki/Tor_%28anony
mity_network%29
http://www.fbi.gov/news/pressrel/pressrele
ases/morethan400.onionaddressesincludi
ngdozensofdarkmarketsitestargetedas
partofglobalenforcementactionontorne
twork
https://www.torproject.org/docs/hiddenservi
ces.html.en

https://www.eff.org/pages/torandhttps

https://metrics.torproject.org/

http://en.wikipedia.org/wiki/Plausible_deniab
ility
http://www.theguardian.com/technology/2014
/oct/31/facebookanonymoustorusersonion

ThisworkislicensedunderaCreativeCommonsAttribution
ShareAlike3.0UnportedLicense.
ItmakesuseoftheworksofKellyLovesWhalesandNick
Merritt