Hiding Routing information
This paper describes an architecture, Onion Routing, that limits a network's vulnerability to traffic analysis. The architecture provides anonymous socket connections by means of proxy servers. It provides real-time, bi-directional, anonymous communication for any protocol that can be adapted to use a proxy service. Specifically, the architecture provides for bi-directional communication even though no-one but the initiator's proxy server knows anything but previous and next hops in the communication chain. This implies that neither the respondent nor his proxy server nor any external observer need know the identity of the initiator or his proxy server. A prototype of Onion Routing has been implemented. This prototype works with HTTP (World Wide Web) proxies. In addition, an analogous proxy for TELNET has been implemented. roxies for FTP and SMTP are under development.
KeywordsStream Cipher Proxy Server Expiration Time Traffic Analysis Phone Line
Unable to display preview. Download preview PDF.
- 1.D. Chaum. Untraceable Electronic Mail, Return Addresses, and Digital Pseudonyms, Communications of the ACM, v. 24, n. 2, Feb. 1981, pages 84–88.Google Scholar
- 2.D. Chaum, The Dining Cryptographers Problem: Unconditional Sender and Recipient Untraceability, Journal of Cryptology, 1/1, 1988, pages 65–75.Google Scholar
- 3.S. Chuang. Security Management of ATM Networks, Ph.D. thesis, in progress, Cambridge University.Google Scholar
- 4.D. E. Comer. Internetworking with TCP/IP, Volume 1: Principles, Protocols, and Architecture, Prentice-Hall, Engelwood Cliffs, New Jersey, 1995.Google Scholar
- 5.L. Cottrell. Mixmaster and Remailer Attacks, http://obscura.obscura.com/∼loki/remailer/remailer-essay.htmlGoogle Scholar
- 6.C. Gulcu and G. Tsudik. Mixing Email with Babel, 1996 Symposium on Network and Distributed System Security, San Diego, February 1996.Google Scholar
- 7.A. Pfitzmann and B. Pfitzmann. How to Break the Direct RSA-implementation of MIXes, Advances in Cryptology-EUROCRYPT '89 Proceedings, Springer-Verlag, Berlin, 1990, pages 373–381.Google Scholar
- 8.A. Pfitzmann, B. Pfitzmann, and M. Waidner. ISDN-Mixes: Untraceable Communication with Very Small Bandwidth Overhead, GI/ITG Conference: Communication in Distributed Systems, Mannheim Feb, 1991, Informatik-Fachberichte 267, Springer-Verlag, Heildelberg 1991, pages 451–463.Google Scholar
- 9.A. Pfitzmann and M. Waidner. Networks Without User Observability, Computers & Security, 6/2 1987, pages 158–166.Google Scholar
- 10.B. Schneier. Applied Cryptography: Protocols, Algorithms and Source Code in C, John Wiley and Sons, 1994.Google Scholar
- 11.W. R. Stevens. TCP/IP Illustrated, Volume 3: TCP for Transactions, HTTP, NNTP, and the UNIX Domain Protocols, Addison-Wesley, Reading, Mass., 1996.Google Scholar
- 12.L. D. Stein. How to Set up and Maintain a World Wide Web Site: The Guide for Information Providers, Addison-Wesley, Reading, Mass., 1995.Google Scholar