The Tor protocol provides an anonymous, secure way for individuals to access the Internet. It also enables access to anonymous websites, commonly known as the dark web. Learn how Tor provides anonymous browsing capability and implements perfect forward secrecy.
- [Instructor] Tor is a software package that provides an anonymous, secure way for individuals to access the internet. Tor also enables access to anonymous websites that are commonly know as the dark web. Tor, which stands for The Onion Router, uses encryption and relay nodes to hide the true sources and destinations of network communications. Tor is widely used in the security community and was made popular by NSA leaker, Edward Snowden, when he used it to transfer secrets to the Washington Post and other media outlets in 2013.
Let's take a look at how Tor works. Suppose that there's a user, Alice, who wishes to visit a website, the Washington Post, but doesn't want that website to know her identity. She also doesn't want anyone along the way to know who she is. Alice opens a Tor browser on her computer and types in the website's URL, washingtonpost.com. Alice's Tor browser then accesses a Tor Directory Server and loads a list of all of the Tor nodes currently available on the internet.
Now this is a very long list, because it includes every Tor node, and there are a lot of them. Here on the Tor Project's Metrics site we can see that there are currently over 7,000 Tor relay nodes active on the internet right now. Each of these nodes is an individual computer system whose owner has placed it at the service of the Tor network. The owner doesn't receive any compensation for this, he or she simply wants to contribute to providing anonymized web surfing.
Once Alice's browser has the list of nodes it randomly selects a series of nodes, usually three, that are used to route traffic to its final destination. Each node involved in the process only knows the identify of the node before and after it. So when Alice sends her request to Node 1 Node 1 knows that the request came from Alice, and it also knows that the next step in the process is to send it to Node 2, but it doesn't know that the Washington Post is the final destination. When Node 2 receives the request it knows that it came from Node 1, and that it's headed next to Node 3, but Node 2 doesn't know Alice's identity, or the fact that the communication involves the Washington Post.
When Node 3 receives the message it knows that the request came from Node 2 and it knows that it needs to send the request on to the Washington Post, but Node 3 does not know that either Alice or Node 1 was involved. When the request does arrive at the Washington Post server it looks just like any other request that the website receives, but it appears to have come from Node 3 and it doesn't provide Alice's identity. The server simply responds with the webpage and sends it to Node 3, thinking that it's done with the communication.
However, when Node 3 receives the Washington Post's response it goes ahead and follows the circuit back, sending the reply to Node 2, who sends it on to Node 1, who finally sends it back to Alice. This preserves the anonymity of the communication and enforces something known as perfect forward secrecy, or PFS. Perfect forward secrecy uses encryption to hide the details of the communication from the participants in the communication, ensuring that each node only knows the identity of the node immediately before and after it in the process.
Here's how it works, Alice creates the original request addressed to the Washington Post and seals it inside a virtual envelope by encrypting it, so that it may only be read by Node 3, Alice's browser then takes that envelope and puts it inside another envelope address to Node 3, encrypting that envelope so that it may only be read by Node 2. Finally, that last envelope is sealed inside one more envelope that's addressed to Node 1. When Node 1 receives the request it opens the first envelope, because it has the needed decryption key.
It can't open the next envelope, because it doesn't have Node 2's key, so it takes that second envelope and passes it onto Node 2, which does have the correct key. Node 2 then opens that envelope and finds inside an envelope addressed to Node 3 and passes that along to Node 3. Node 3 opens that final envelope and then sends the true request along to the Washington Post server. This use of encryption provides perfect forward secrecy. Let's take a look at Tor in action.
Here I am at the desktop of a Windows system that already has the Tor Browser installed. If you want to install the Tor Browser on your system you can do so by visiting the Tor Project website. I'm just going to ahead and double-click on this icon and when I do the first thing that happens is the Tor Browser goes ahead and establishes a connection to the Tor network, that was that dialog box that you saw very quickly pop up and disappear. While that dialog box was present what happened is the Tor Browser went out and performed all those steps we just talked about, it reached out to the directory server, pulled the list of Tor relay nodes, selected three of those nodes, and built a virtual circuit to the Tor network that allows me to reach whatever destination I would like.
I'm now in the Tor Browser and I can go ahead and visit whatever website I'd like to. So I'm just going to ahead and navigate here to www.washingtonpost.com. And the Tor Browser goes ahead and it's reaching through that network and building a connection to the Washington Post website. Now you notice this website is loading a little bit slowly, it took a long time for it to come up and then things are popping up fairly slowly as the page loads. That's because of the overhead of the Tor network. My Tor connection is bouncing around the world right now.
I don't know where the Tor nodes are that have been randomly selected for me, but my connection can be bouncing through Europe and Africa and somewhere in the United States before finally reaching my desktop here. So this browser is taking a while to make this connection. So far I've only talked about how users can use Tor to browse regular internet sites anonymously. Tor also provides the ability to have two-way anonymity, so that the user doesn't know the location of the website either. That's a function known as hidden sites in Tor.
Let's go ahead and access one of those hidden sites. They have very strange URLs, they don't use domain names, like you're used to, they use long, unique identifiers, and then end in .onion, instead of where you'd normally have .com, .net, or .org. I'm going to go ahead and type in the URL for one that I already know, it's vbmwh445kf3fs2v4.onion.
And once that page loads you're going to see that it belongs to a service known as SecureDrop. This site is actually run by the Washington Post. It's a hidden site on the dark net that allows sources who wish to send confidential information to the Washington Post, to do so with complete anonymity. The SecureDrop service is an open-source package used by many different journalists and from different outlets. It allows whistleblowers to communicate completely anonymously with them over the Tor network.
Tor has its fans, but it also has its enemies. Privacy advocates praise Tor, because it does allow completely anonymous activity online. Law enforcement officials do not like Tor very much, because that anonymity may be used to hide criminal activity. As a security professional you should understand how a Tor works and that it may be used for both legitimate and illegal purposes.
Learn about communication and networking best practices, including TCP/IP networking, network security devices, and secure network design and management. Instructor and cybersecurity expert Mike Chapple also includes coverage of converged protocols, network encryption, and wireless networking. You can find Mike's companion study books for this series at the Sybex test prep site and review the complete CISSP Body of Knowledge at https://www.isc2.org/cissp-domains/default.aspx.
- IP addressing
- Switches and routers
- Content distribution networks
- Designing secure networks
- Specialized networking
- Managing secure networks
- Working with virtualized networks like SDNs
- Detecting and preventing network attaches
- Transport encryption
- Wireless networking
- Host security