first cut of new website
Roger Dingledine authored 20 years ago
|
1) <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
2)
3) <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
4) <head>
5) <title>Tor: Overview</title>
6) <meta name="Author" content="Roger Dingledine">
7) <meta http-equiv="content-type" content="text/html; charset=ISO-8859-1" />
8) <link rel="stylesheet" type="text/css" href="default.css" />
9) </head>
10)
11) <body>
12) <div class="menu" id="side">
13) <!-- <img id="logo" src="tor.jpg" alt="cute tor gate" /> -->
14) <a href="index.html">Home</a> <br>
15) <a class="current">Overview</a> <br>
16) <a href="download.html">Download</a> <br>
17) <a href="documentation.html">Documentation</a><br>
18) <a href="contribute.html">Contribute</a> <br>
19) <a href="design.html">Design</a> <br>
20) <a href="developers.html">Developers</a> <br>
21) <a href="research.html">Research</a> <br>
22) <a href="people.html">People</a> <br>
23) </div><!-- #side -->
24) <div class="main" id="main">
25)
26) <h2>Tor: an anonymizing overlay network for TCP</h2>
27)
28) <p>
29) Traffic analysis can be used to infer who is talking to whom over a
30) public network. For example, Internet packets have a header used for
31) routing, and a payload that carries the data. The header, which must be
32) visible to the network (and to observers of the network), reveals the
33) source and destination of the packet. Even if the header were obscured
34) in some way, the packet could still be tracked as it moves through the
35) network. Encrypting the payload is similarly ineffective, because the
36) routing information is all an observer needs.
37) </p>
38)
39) <p>
40) Knowing the source and destination of your Internet traffic allows
41) somebody to track your behavior and interests, impacting your checkbook or
42) even threatening your job or physical safety.
43) </p>
44)
45) <p>
46) Individuals, corporations, and governments all have an interest in
47) traffic analysis protection. Individuals want to protect themselves and
48) their family members from remote websites, or connect to resources such
49) as news sites or instant messaging services that are blocked locally.
50) User groups such as the German "Diabetes People" organization recommend
51) Tor for their members' online privacy and security. Activist groups such
52) as the Electronic Frontier Foundation are publicizing Tor as a mechanism
53) for maintaining civil liberties online. Corporations such as Google and
54) Wal-Mart are investigating Tor as a safe avenue for competitive analysis
55) or to try out new experimental projects without associating their name
56) with the project. A branch of the U.S. Navy uses Tor for open source
57) intelligence gathering at its headquarters, and one of their teams used
58) Tor while deployed in the Middle East recently.
59) </p>
60)
61) <p>
62) Tor helps to reduce the traffic analysis risk by distributing your
63) transactions over several places on the Internet, so no single point can
64) link you to your destination. To make private connections in Tor, users
65) incrementally build a path or <em>circuit</em> of encrypted connections
66) through servers on the network, extending it one step at a time so that
67) each server in the circuit only learns which server extended to it and
68) which server it has been asked to extend to. The client negotiates a
69) separate set of encryption keys for each step along the circuit.
70) </p>
71)
72) <p>
73) [Insert snazzy onion diagram here.]
74) </p>
75)
76) <p>
77) Once a circuit has been established, the client software waits for
78) applications to request TCP connections, and directs these application
79) streams along the circuit. Many streams can be multiplexed along a single
80) circuit, so applications don't need to wait for keys to be negotiated
81) every time they open a connection. Because each server sees no
82) more than one end of the connection, a local eavesdropper or a compromised
83) server cannot use traffic analysis to link the connection's source and
84) destination. The Tor client software rotates circuits periodically
85) to prevent long-term linkability between different actions by a
86) single user.
87) </p>
88)
89) <!--
90) <p>
91) Many protocols, not just web.
92) </p>
93) -->
94)
95) <p>
96) Tor also makes it possible for the clients to be hidden. Using Tor
97) "rendezvous points," other Tor clients can connect to these hidden
98) services, each without knowing the other's network identity. These hidden
99) websites let users publish material without worrying about censorship.
100) </p>
101)
102) <p>
103) Of course, Tor can't solve all privacy problems itself. Tor focuses on
104) protecting the <em>transport</em>. You need to use other protocol-specific
105) software, such as Privoxy for web browsing, to clean identifying
106) information such as browser type and characteristics, and you need
107) to use other common sense such as not providing your name or other
108) revealing information in web forms. Also, like all anonymizing networks
109) that are fast enough for web browsing, Tor does not provide protection
110) against end-to-end timing attacks: if your attacker can watch the traffic
111) coming out of your computer, and also the traffic arriving at your chosen
112) destination, he can use simple statistics to discover that they are part
113) of the same circuit.
114) </p>
115)
116) <p>
117) Providing a usable anonymizing network on the Internet today is hard,
118) both in terms of providing usable software that meets users' needs,
119) and also in terms of solving the research challenges. But we're making
120) progress at finding a good balance to provide both usability and security.
121) Our goal is to supplement laws by giving people the power to make their
122) own decisions about their privacy.
123) </p>
124)
125) </div><!-- #main -->
|