How TOR Works- Computerphile - YouTube

Let's talk a bit about anonymization, more specifically onion routing, so Max has done a very good video on the Dark web

And the deep web and the service web and the differences between them when people talk about the dark web

They're mostly talking about Tor and specifically Tor hidden services. Now I'm not talking about that certainly today

I might do that in a different video

Tor literally stands for the onion router, right, it is an implementation of onion routing right which was developed in the mid 90s by

US Naval research.The idea is

It bounces around connections between different routers so that they're hard to track and it's and it provides anonymity

So this is different from confidentiality which we usually associate with encryption right most of the time, we're encrypting messages

So that even if people see that we've sent a message

We, they can't read what it is like, but sometimes we don't even want people to see that we sent a message at all

So what I'd like to do is focus on onion routing specifically bearing in mind, that Tor is a and implementation of it

so in some sense

I'm also talking about Tor, okay

And maybe we'll focus a little bit more on what it is that Tor does differently a bit later.

So this is me and which is my very well drawn computer as always and I want to talk to a server here

Which doesn't have a monitor because in my view servers don't have monitors, so normally on this client server setup

I want to talk to a server, but in this case

I don't want anyone to know that I'm talking to a server at all

I'd like to be remain completely anonymous, right, now if I then go onto the server and log on obviously that's not anonymous anymore

Right so it's limits to this

but this is the idea, now how this works is I'm going to bounce my connection around and

Then it's going to go to the server and if in essence the last node on the hop, the last hop on the network is

Is going to be the one actually visits that website on my behalf a bit like a proxy we're going to use multiple levels of encryption

to try and

Essentially confuse people who are trying to work out what's going on right now Tor in it in

In its implementation uses three hops three intermediate nodes, so I'm going to limit: one

That's not a very good computer

Two. Hang on I thought servers didn't have monitors. Oh no, so well. Aw, don't. I mean

yeah, so that's a good question right so you can run Tor and you can be an onion router on a client machine on a

Laptop you know it doesn't really matter if your net connection is quite good

you can do it. The software is free and they

Very much want people to sign up and become these intermediate nodes because in some ways that's what the power tor is

we'll get to that a little bit but

in essence what happens here is I send a message to

To this guy he forwarded on to this one he falls it on to this one who then forwards onto the server when a server

Responds they simply pass the messages back now this haven't really solved any problems yet

Because anyone sniffing here will know well ok we just need to sniff there and then sniff there.

and they can kind of reassemble the communication

It makes it a bit of a pain, but it doesn't stop anyone from finding out: What's going on?

I, even if these were encrypted so what we need to do is have multiple layers of encryption

What's clever about onion routing, Is that no one in this network knows anything about the whole connection.

They just know what's before them, and what's after them. Alright?

so let me show you how this works so I'm going to use different colored pen alright, so let's use this red pen.

Let's imagine for a minute that I've established some shared symmetric keys with these three nodes here, right?

So just like in previous videos where we talked about encryption

We're talking about let's say an AES key

And I have one shared with this guy and one shared with him and one shared with this guy no one else knows what they are.

like because I used a key exchange to do this, so I had K1 K2 and K3

and this router knows K1 this router knows K2, and this router knows catering now that might seem implausible

But actually that's quite easy to set up using modern key exchange right Diffie–Hellman for example performance is quite well

If I encrypt something with K1 only this router

Can see it all right and if I could encrypt some of K3 only this router can see it right there is no

Encryption with the server at the Moment. Now onion Routing

Essentially sends messages, encrypted multiple times with different keys in layers, so this message here

is encrypted three times, right

So this is where we sort of fast forward as I draw a bunch of lines on

But we're going to say this [risk route] message here encrypted once with K3. It's encrypted another time with K2

And when it's encrypted a final time

With K1 now let's think about what that means

it means that only

This router here

Could unlock the first layer. That's the first thing it means it also means that when it's done that it's

Got a totally garbled message, but because it's still encrypted twice already right, so it's gibberish it can't possibly know what's going on

But what it can do is forward that message on to k2 so k2 takes a message,

Which is encrypted by k3 and then again encrypted by k2 and it can strip off a layer as well

But again, it then looks at the message

And it doesn't make any sense because it's still encrypted by k3 so it forwarded on to this router

Encrypted by K3 finally K3

Decrypts this message looks at it

And it does make sense because it's not encrypted anymore, and it and it says the message says I'd like to go to Facebook please,

and it goes I can do that and it connects to Facebook and receives a response now on the way back

the exact reverse process happens.

This router will add its encryption of k3 and forward the message onto router 2 - who will add K2

Route 1 adds k1 and only we can decrypt the whole message because we have all the keys

What's really interesting is the property that this gives us, the first thing is that k 2 doesn't need to know anything,

except the address of K1 and the address of k3 it doesn't need to know who I am right it receives a message from

K1 and all it knows based on the protocol is this is a message that needs to be forwarded to k3

After I've removed my layer of encryption

That's all it knows when it receives a message from k3 it adds its encryption

And then passed it straight out the other door to router 1 so if this was compromised by an attacker

They've learnt nothing right. They've learned that two of these guys and running Tor nodes or onion routing nodes

They haven't learned who I am they haven't learned who the server is because both times it is encrypted with layers of encryption that they can't remove.

This is kind of gives you an insight into what it is

That's clever about onion routing they think about some of the other things that it does.

K3 knows who the server is because it receives a message. That said I'd like to go to Facebook

So it knows that someone on this network in visiting Facebook, and it knows that the next

Hop is this chap this router here it knows nothing else. It doesn't know who this client is

It doesn't know who router one is so there's no way for it to say: Ahh, Mike's visiting Facebook again, right?

He's on there too often, because the way that the Tor protocol works. You don't actually know when you decrypt your layer

How many more layers there are there could be 200 nodes and layers they don't tend to be but they could be.

so the output node only knows what's going on on the server side and

Similarly the input node my external is called a guard node is only aware that this client is browsing Tor any messages

It receives are usually encrypted with two other layers of encryption that it can't decrypt so it just says well

I've got this message. I need to forward it on to this router. That's all I know right

I don't know, but they're on Facebook. I don't know that they are on a forum or they're doing amazon shopping

I don't know anything about what they're doing, so this is what Tor does Tor is in essence an implementation of this approach, right?

So it has a protocol with you know message lengths and structures that are well defined in its

Documentation that specify how you establish these keys how you send these messages

How each one should decrypt them and forward them on to the next one, but in essence what you do is

This client here will create what we call a circuit

Which is this three hops, by

first establishing a shared key of him then instructing him to do the same and then him to do the same and

adding extending the circuit each time they want to with new nodes on the end and

Every time I do that all the previous messages have been encrypted. So nobody knows what's going on, so it's quite interesting

Is it slower because of all these hops? It's a lot slower like you've got to consider that

These nodes first of all they might be they might be serving a lot of clients at once so there might be other ca-

uhh, keys

shared with other people coming in here and leaving here and this one might be an exit node sometimes and he's talking to servers and

browsing the web for people

and so yes

You don't want to be signing up to be an onion router if you haven't got quite a lot of bandwidth also consider that they?

May not be located very close together, right?

So this could be in Germany this one in the united states this over in Japan not really important

but a point is that it's making you know large global hops which take in the order of

Sub-second but not small amounts of time

so you can expect to wait a

Little bit longer for your messages to get through, all right, but the benefit you get is that no one knows?

What what it is you're doing, right?

We've got a situation here where no one really knows anything about what's going on at all, right? Which is very very clever

and

Has obvious benefits to people who want to remain anonymous.

Now there's a few things we've missed out

It's a lot of things I've missed out right because because the Tor protocol is quite complicated

But this is the general idea the first thing is that if you go, if you if you create this circuit,

And then you just go to Facebook and type in your username password and click it

You know that's going to give away what you're up to, all right, Facebook will know who you are for a start

But if you go to a website, that's not even encrypted at all. This is sent in the clear, right?

So someone's sniffing in at this point

Let me use my blue pen for sort of eavesdroppers like if someone's eavesdropping in at this position

They'll know exactly what you're doing, right?

And you type in username and password then they have your username and password. So you still have to use TLS or HTTPS,

uhh,

connections to the actual servers right, but that's really on you once you've set up this circuit

You said normal HTTP requests and responses to servers as you would normally

It's just instead of it going through your normal internet connection and your normal ISP router it goes through this circuit

and with all the encryption happening

so in actual fact the

Implementation the Tor uses. It works essentially like a proxy you talk to your own proxy server which handles all this for you and then

responses come back so yes your web connection is a little bit slower, but for all you know it's

Just a normal connection to a server. That's basically how it works is really not a lot

more to it than that right and it's quite elegant, and it works very very well

is using tools that like just installing a different kind of browser?

Yeah You use a Tor browser or you can use it as a service and then you know pipe other thi- other services through it

But Tor is not illegal and nor should it be it's just encryption. There are a few downsides right the first aside from the speed

The first is that

people can sniff on this network and start to get the pieces of the puzzle the more positions

You are you know the more pieces you get right?

But so if I'm sniffing here at position A then what you see is you see that I'm using Tor you can't see anything else

If I'm sniffing here or here I learn nothing right apart from this encrypted messages going on Tor these onion routers are

listed publicly in the directory so finding their identity is not a

Great concern of mine if I'm sniffing a position B at the exit node

I find out that someone on Tor is visiting this website if it's encrypted

Let's say using TLS

Then that's all I find out the next question that people be asking is what happens if I control both A and B

All right, if I'm at the front of the network going in and at the exit node

Can I start to find out?

What's going on? And the answer is yes, right?

That's the weakness of Tor and something that basically is unsolvable apart from just to be very very vigilant

So how would this work, well?

You've got to remember that this is the big network. There's lots of users on it

C is not the only person talking to this router, right?

He's going to be the intermediary for conversations the third node the second node the first node

He might be an exit node. He might also be talking to servers

There's a lot of traffic going in and out like some of which is Tor some of which is not

What we're talking about is looking at a lot of traffic coming from my machine to this router

And a lot of traffic going from other routers to websites and trying to correlate them and work out what it was that I did

Right, which is not an easy job, but you can imagine that if you've got some time signature of messages

But let's say a sort of message, message, message, message, message

Then talking to this server coming out here is going to be a kind of mess of lots of messages

But you might be able to find the key points that match up

With what I sent in like that's the idea this traffic. Analysis is the main

Approach to essentially De-Anonymizing people if you found that I sent 15 messages of a certain size and

a certain Sort of Tempo should we say and

Then you found out that those 50 messages came out somewhere else on the network

At the same just shortly after let's say a half a second after, at the exact same tempo

That's a little bit interesting.

With all these layers of encryption does that change the file size?

No, which is a good thing right? This is cleverly designed with that in mind

So Tor messages are called cells and cells are 512 bytes long. They're always

512 bytes long the way that a router works out whether it's

Reading a message or whether it needs to forward it on it's basically based on a small

hash or digest that's held in the message essentially it looks at the tail end of the message,

calculates a hash on it and goes well

that doesn't match the hash I've got at all it must still be encrypted because it's nonsense

So then it knows to forward it on, see. And it does this by basically

avoiding changing the size of the message it will be obvious as you say right if if

three layers of Encryption added ahead of each time

You would know how far along the hops were and the whole attack would be a lot easier

Right so onion routing is based around the idea that any message between any node in the network looks like any other message

Right it could be the first one could the last one it could be something in the middle

Right it could have nefarious information on it. It could have perfectly benign information on it impossible to know all right

Which is really really clever.

There's a lot of research on Tor that goes into

Working out how to minimize a chance for both A and B are nefarious

That's the idea, so this is why they sometimes call these guard nodes because usually you select some trusted ones

And you only use those for example. We don't pick at random because lots of