Tor (anonymity network)
From Wikipedia, the free encyclopedia
Tor | |
Maintainer: | Roger Dingledine and Nick Mathewson |
Stable release: | 0.1.1.26 (December 14, 2006) [+/-] |
Preview release: | 0.1.2.12-rc (March 16, 2007) [+/-] |
OS: | Cross-platform |
Use: | Onion routing / Anonymity |
License: | BSD license |
Website: | tor.eff.org |
Tor (The Onion Router) is a free software implementation of second-generation onion routing — a system enabling its users to communicate anonymously on the Internet. Originally sponsored by the US Naval Research Laboratory, Tor became an Electronic Frontier Foundation (EFF) project in late 2004. The EFF supported Tor financially until November 2005 [1], and continues to provide web hosting for the project.
Like all current low latency anonymity networks, Tor is vulnerable to correlation attacks from attackers who can watch both ends of a user's connection.
Contents |
[edit] Overview
Tor aims to protect its users against traffic analysis attacks. Tor operates an overlay network of onion routers that enables two things: anonymous outgoing connections and anonymous hidden services.
[edit] Anonymous outgoing connections
Users of the Tor network run an onion proxy on their machine. This software connects out to Tor, periodically negotiating a virtual circuit through the Tor network. Tor employs cryptography in a layered manner (hence the onion analogy), ensuring perfect forward secrecy between routers. At the same time, the onion proxy software presents a SOCKS interface to its clients. SOCKS-aware applications may be pointed at Tor, which then multiplexes the traffic through a Tor virtual circuit. This means you can surf without being seen.
Once inside the Tor network, the traffic is sent from router to router, ultimately reaching an exit node at which point the cleartext packet is available and is forwarded on to its original destination. Viewed from the destination, the traffic appears to originate at the Tor exit node.
Tor's application independence sets it apart from most other anonymity networks: it works at the TCP stream level. Applications commonly anonymised using Tor include IRC, instant messaging and browsing the Web. When browsing the Web, Tor is often coupled with Privoxy — a filtering proxy server — that aims to add privacy at the application layer.
[edit] Weaknesses
[edit] DNS leaks
As with many anonymous web surfing systems, direct DNS requests are usually still performed by many applications, without using the Tor proxy. Solutions such as the previously mentioned Privoxy or using the command 'torify' included with the Tor distribution are possible solutions to this problem. [2] Additionally, applications using SOCKS5 — which supports name-based proxy requests — can route DNS requests through Tor, having lookups performed at the exit node and thus receiving the same anonymity as other Tor traffic.
[edit] Traffic analysis
Steven J. Murdoch and George Danezis from University of Cambridge presented an article Low-Cost Traffic Analysis of Tor, in the 2005 IEEE Symposium on Security and Privacy, Oakland, California, USA, May 8 – 11, 2005. They presented traffic-analysis techniques that allow adversaries with only a partial view of the network to infer which nodes are being used to relay the anonymous streams and therefore greatly reduce the anonymity provided by Tor. They have also shown that otherwise unrelated streams can be linked back to the same initiator.
[edit] Etiquette and abuse
Because Tor is capable of anonymising arbitrary TCP traffic, it attracts its fair share of abuse. Routers maintain an exit policy of what traffic is and is not permitted to leave the Tor network through that node. Using a combination of addresses and ports, it is possible to combat most major abuses of the Tor network. Potential abuses include:
- Bandwidth hogging
- It is considered impolite to transfer massive amounts of data across the Tor network — the onion routers are run by volunteers using their own bandwidth at their own cost.
- Anonymous usage of SMTP (i.e., e-mail) can result in spam. Consequently the default exit policy of Tor nodes rejects outgoing connections to port 25, the port used for SMTP.
[edit] Anonymous hidden services
Although Tor's most popular feature is its provision of anonymity to clients, it can also provide anonymity to servers. By using the Tor network, it is possible to host servers in such a way that their network location is unknown. In order to access a hidden service, Tor must also be used by the client.
Hidden services are accessed through the Tor-specific .onion
pseudo top-level domain. The Tor network understands this TLD and routes data anonymously to the hidden service. The hidden service then hands over to standard server software, which should be configured to listen only on non-public interfaces. Services that are reachable through Tor hidden services and the public Internet are susceptible to correlation attacks, and consequently are not really hidden.
An added advantage of Tor hidden services is that, because no public IP address is required, services may be hosted behind firewalls and NAT.
[edit] See also
- Tools to use with Tor:
- Privoxy — a filtering proxy
- Vidalia project — a GUI controller for Tor
- Anonymous Chat
- ScatterChat - an encrypted instant messaging client based on Gaim
- Anonymous remailers
- Cypherpunk anonymous remailer — Type 1 Cypherpunk remailer
- Mixmaster anonymous remailer — Type 2 Mixmaster remailer
- Mixminion — Mixminion anonymous remailer
- Anonymous Proxy servers
- Anonymous Search
- Yacy — A P2P web search engine without central server
- Preinstalled Environments with Tor enabled:
- Torpark — Software suite for anonymous web surfing from a USB flash drive
- OperaTor - Preconfigured bundle with Opera (Internet suite) + Tor + Privoxy
[edit] References
- Anonymity Bibliography
- Schneier, Bruce. Applied Cryptography. ISBN 0-471-11709-9.
- Schneier, Bruce. Email Security. ISBN 0-471-05318-X.
- Bacard, Andre. Computer Privacy Handbook. ISBN 1-56609-171-3.
[edit] External links
- Tor homepage
- Freshmeat project page
- Tor wiki with FAQs & HOWTOs
- Tor design document
- Introduction to Tor
- Tor Network Status Site
- I2P's comparison of anonymity networks
- Security Now! podcast discussing TOR
- Tor step by step install and setup guide for Windows XP
- HowTo Anonymity With Tor and Privoxy for Linux
- Tor recommendations for hack-proof anonymity