Operation
Tor aims to conceal its users' identities and their network activity from surveillance and traffic analysis by separating identification and routing. It is an implementation of onion routing, which encrypts and then randomly bounces communications through a network of relays run by volunteers throughout the globe. These onion routers employ encryption in a multi-layered manner (hence the onion metaphor) to ensure perfect forward secrecy between relays, thereby providing users with anonymity in network location. That anonymity extends to the hosting of censorship-resistant content via Tor's anonymous hidden service feature. By keeping some of the entry relays secret (bridge relays), users can evade Internet censorship that relies upon blocking public Tor relays.
Because the internet address of the sender and the recipient are not both in cleartext at any hop along the way (and at middle relays neither piece of information is in cleartext), someone eavesdropping at any point along the communication channel cannot directly identify both ends. Furthermore, to the recipient it appears that the last Tor node (exit relay) is the originator of the communication rather than the sender.
Originating trafic
Users of a Tor network run an onion proxy on their machine. The Tor software periodically negotiates a virtual circuit through the Tor network, using multi-layer encryption, ensuring perfect forward secrecy. At the same time, the onion proxy software presents a SOCKS interface to its clients. SOCKS-aware applications may be pointed at Tor, which then multiplexes the traffic through a Tor virtual circuit. The Polipo proxy server can speak the SOCKS 4 & SOCKS 5 protocols and therefore is recommended to be used together with the Tor anonymising network. Polipo is a web proxy that does HTTP 1.1 pipelining well, so it can enhance Tor's communication latency.
Once inside a Tor network, the traffic is sent from router to router, ultimately reaching an exit node at which point the cleartext packet is available and is forwarded on to its original destination. Viewed from the destination, the traffic appears to originate at the Tor exit node.
Tor's application independence sets it apart from most other anonymity networks: it works at the Transmission Control Protocol (TCP) stream level. Applications whose traffic is commonly anonymised using Tor include Internet Relay Chat (IRC), instant messaging and World Wide Web browsing. When browsing the Web, Tor is often coupled with Polipo or Privoxy proxy servers. Privoxy is a filteringproxy server that aims to add privacy at the application layer. Polipo can speak the SOCKS protocol and does HTTP 1.1 pipelining for enhancing latencies, therefore is now recommended to be used together with the Tor anonymising network by the torproject.org.
On older versions of Tor (resolved May–July 2010), as with many anonymous web surfing systems, direct Domain Name System (DNS) requests are usually still performed by many applications, without using a Tor proxy. This allows someone monitoring a user's connection to determine (for example) which WWW sites they are viewing using Tor, even though they cannot see the content being viewed. Using Privoxy or the command "torify" included with a Tor distribution is a possible solution to this problem.Additionally, applications using SOCKS5 – which supports name-based proxy requests – can route DNS requests through Tor, having lookups performed at the exit node and thus receiving the same anonymity as other Tor traffic.
As of Tor release 0.2.0.1-alpha, Tor includes its own DNS resolver which will dispatch queries over the mix network. This should close the DNS leak and can interact with Tor's address mapping facilities to provide the Tor hidden service (
.onion) access to non-SOCKS-aware applications.reff:ww.en.wikipedia.org
No comments:
Post a Comment