DeMISTIfying Infosec: The Tor Network

By Katherine Teitler

While Tor, short for The Onion Router, is certainly used for nefarious purposes today, the original intent was privacy. The U.S. Naval Research Laboratory created Tor, a worldwide network of servers, in the 1990s so they could send classified messages securely and anonymously. In 2004, the Navy released the code and today Tor is a non-profit, free, and open source method of communications for Windows, Mac, Linux/Unix, and Android. Tor is operated by a worldwide network of volunteers who run servers that create virtual tunnels through which online communication can travel. There are many legitimate uses of Tor and not all activity on Tor should be assumed illegal or illicit.

Register for InfoSec World 2016 before 1/22/16 to save $200!

When a user enters Tor (which can be downloaded online for free), the data and the user's IP address are encrypted and sent through a distributed network of relays so they appear to be coming from random nodes. The encrypted transport data cannot be read by anyone but the intended recipient with the decryption key. As the encrypted data passes from onion router to onion router, each relay strips one layer of encryption so that it may be read only enough to be passed to the next relay. This method keeps the data shrouded and obfuscates the path along which the data is traveling, making it very difficult for anyone to intercept and decipher the message, sender, or recipient.

While traffic on the Tor Network is anonymized, browsing activities at the entry and exit nodes of Tor can be observed, meaning that traffic hitting the "regular" Internet can, in fact, reveal a user and his/her IP address.

It is important to note that anonymity does not equal security; Tor is a privacy tool, and it can be exploited. While Tor anonymizes transport data, it cannot protect a user from malware that could reveal a user's identity or location, for instance.

A Sydney-based researcher Luke Millanta, recently published a breakdown of nodes on Tor by country. Privacy-conscious Germany leads the way with 1,364 relays:
1. Germany: 1,364
2. United States: 1,328
3. France: 714
4. Netherlands: 472
5. Russia: 270
6. United Kingdom: 261
7. Sweden: 210
8. Canada: 209
9. Switzerland: 148
10. Romania: 117


prestitial ad