Onion Routing: A Comprehensive Analysis of Its Applications

Verified

Added on 2021/04/16

AI Summary

This report provides a comprehensive analysis of onion routing, a method of anonymous communication over computer networks. It delves into the technical aspects of onion routing, including the use of encryption and onion routers. The report examines how onion routing is used for legitimate purposes, such as secure communication by security agencies and the protection of sensitive data. It also explores the ways cybercriminals exploit onion routing for illegitimate activities, including cryptocurrency fraud and terrorist communications. The report critically evaluates the measures that can be adopted to counter the use of onion routing by cybercriminals, such as timing analysis and end-to-end encryption. It also discusses the vulnerabilities of exit nodes. The report provides a literature discussion and contrasts and compares the legitimate and illegitimate viewpoints (usages) of the chosen anonymous technology. The report references various sources to support its findings and conclusions.

Running head: ONION ROUTING
ONION ROUTING
Name of student
Name of University
Author Note

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

1ONION ROUTING
How the chosen class, technique, or application works
Onion routing is defined as a method of communication anonymously i.e without
revealing the users’ identity over a computer network. In this type of network the messages
which are sent and received stays encrypted. The encrypted messages or other data is transferred
through various nodes of a network which are known as onion routers (Chen et al., 2015). Onion
routers communicate among themselves over Transmission control protocol(Sakai et al., 2016,).
The process of onion routing is based on the technique of hiding the source i.e sender of data or
message of a packet data instead of the content of data from the network tracking authorities (eg.
Government or security agencies). Onion routing therefore protects data from the network traffic
analysis type of attack on the encrypted data. There are some routers which serve as entry
funnels and some are as exit funnels. The process of onion routing is based on the usage of
public key cryptography which is a technique that encrypts each and every layer of onion and
allows only the intended receiver of data to decrypt it.
How the onion routing has been used by Internet users for legitimate purposes
The onion routing is used for the anonymous communication by the users where the
information sent over the network stays hidden and the senders’ identity also stays covered. The
security agencies and defence forces use this technique for communication to keep sensible data
safe and secured from tracing the sender and receiver(Zhou et al., 2013). NSA uses vulnerability
of TOR to track illegal activities done in deep or dark web. Internet users has been using onion
routing to send sensible data such as banking details and passwords to specific receiver over the
network. Important details related to research and findings are sent via onion routers to safeguard
them from the hackers and network observers. The educational institutes use this for publication
of results and question papers to prevent them from leaking.

2ONION ROUTING
How the onion routing class, technique, or application has been used by cybercriminals
(illegitimate purposes).
The onion routing method has been widely used by the criminals to stay anonymous and
carry on illegitimate activities of sending data to stay hidden from government and security
agencies. The trading of crypto currencies and other communications related to monetary fraud is
done using onion routing technique by the fraudsters. The terrorists use this to conduct terrorism
related crimes by communicating internationally. The traffic analysis is used by the hackers to
interrupt the message when it travels through a network to steal information of users. The
cybercriminals can hack the exit note and get the raw data transferred over the network. It is a
major vulnerability of TOR which is often used by the hackers(Doshi and Jinwala 2013). The
cybercriminals use this for communication among themselves and exchange of information.
Critical evaluation of measures that can be adopted against the chosen anonymous
technology used by cybercriminals.
The process of onion routing can be cracked by the technique called timing analysis. In
onion routing the sender’s identity is not revealed because if an intermediate router is hacked it
will only reveal about the immediate routers but not the original sender(Biondi et al., 2013). The
conventional internet service is vulnerable because the internet service provider can trace the
connections of two users but in onion routing an obscure path is created between the two
computers in such a way that there is no direct connection between the user and a website but
there are many lines of communication or connections between the computers of the network.
The process of traffic analysis can track the messages transmitted over the network by onion
routing. Traffic analysis method is an onion routing decryption process which searches those

3ONION ROUTING
series of connections constructed and used by a potential creator of the data or message.
Thereafter it matches the traffic data and tracks the traffic which is transferred through network.
Although in onion network the message which is being sent is transmitted within many stages of
encryption process, the job of the exit or final node, as the final or exit node of the network
chain, is to decrypt the last layer and deliver the message to the recipient of the message. A
hacked exit node is therefore be able to get the raw information which is being transferred,
potentially leakble data including email or computer passwords, private messages, bank account
details like account numbers or net banking passwords, e-wallet passwords and other forms of
personal information. Dan Egerstad, who was a Swedish researcher, who found a way to hack
this kind of information and executed such hacking attack to gain access the passwords of many
email accounts of officials which are related to foreign embassies of different nations. Exit node
vulnerabilities are same as of those on unsecured wireless networks like wifi network, where the
information which is being transmitted by a user on the network may be hacked by another user
of the same network or by the router administrator. Both the problems are solved by using a safe
end-to-end connection system like SSL (security sockets layer) or secure HTTP (HTTPS-
hypertext transfer protocol secured). If there is end-to-end encryption between the sender and the
recipient, then it is not even possible for the last intermediary router can get the original content
or message.
Literature discussion
The process of onion routing helps to keep privacy online by hiding information of the
sender and receiver. The onion routing hides the identity of the sender of the message by using
various onion routers which even when is compromised only gives information about the
immediate nodes and not the source of message (Haraty and Zantout, 2014). The onion routing is

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

4ONION ROUTING
thus useful for the anonymous communication and acts as a VPN (virtual private network) for
the users of the network. The users send the anonymous data without any trace of traffic
tracking. The onion routing is therefore a great technique for the cyber criminals and security
agencies to keep their data safe and tracing proof.
Contrast and comparision of the legitimate and illegitimate viewpoints (usages) of the
chosen anonymous technology.
The onion routing is both used for legitimate and illegitimate purposes by cybercriminals
and security agencies, government organizations. The TOR technology is so designed that the
routers even when compromised only gives out the content of packet data instead of the sender
of the data. The same technology is used by both the criminals and government for legitimate
and illegitimate processes. Cybercriminals use this technology to keep their data away from the
network observers’ reach. The use of onion routing is done by the military agencies to send and
receive data securely without any risk of stealing of data from enemies. The security agencies
use this to share the security related details to prevent leakage and potential threats. The research
institutes use this to transfer data from one laboratory to other and researchers use this to share
information among themselves for better collaboration and sharing of ideas related to research.
The onion routing is also used by space research organizations and for keeping the research data
such as satellite launching data secured. Onion routing though mostly used for illegitimate
processes but it is also used for legitimate processes to a large extent.

5ONION ROUTING
Reference
Chen, C., Asoni, D.E., Barrera, D., Danezis, G. and Perrig, A., 2015, October. HORNET: High-
speed onion routing at the network layer. In Proceedings of the 22nd ACM SIGSAC Conference
on Computer and Communications Security (pp. 1441-1454). ACM.
Sakai, K., Sun, M.T., Ku, W.S., Wu, J. and Alanazi, F.S., 2016, June. An analysis of onion-based
anonymous routing for delay tolerant networks. In Distributed Computing Systems (ICDCS),
2016 IEEE 36th International Conference on (pp. 609-618). IEEE.
Zhou, P., Luo, X., Chen, A. and Chang, R.K., 2013. SGor: Trust graph based onion
routing. Computer networks, 57(17), pp.3522-3544.
Doshi, N. and Jinwala, D., 2013. AB-OR: Improving the Efficiency in Onion Routing Using
Attribute Based Cryptography. In Computer Networks & Communications (NetCom) (pp. 425-
432). Springer, New York, NY.
Biondi, F., Legay, A., Malacaria, P. and Wąsowski, A., 2013, January. Quantifying information
leakage of randomized protocols. In International Workshop on Verification, Model Checking,
and Abstract Interpretation (pp. 68-87). Springer, Berlin, Heidelberg.
Haraty, R.A. and Zantout, B., 2014. The TOR data communication system. Journal of
Communications and Networks, 16(4), pp.415-420.