Subscribe

Govt snooping highlights need for Tor

Kirsten Doyle
By Kirsten Doyle, ITWeb contributor.
Johannesburg, 26 May 2015
Nearly every city has a team of graduate students working on a Tor paper, says co-founder Roger Dingledine.
Nearly every city has a team of graduate students working on a Tor paper, says co-founder Roger Dingledine.

The National Security Agency spying scandal, through its PRISM programme, in June 2013, highlighted the need for individual privacy advocates to protect their communications from snooping eyes.

Enter the Tor Project, created in 2006 as a non-profit organisation aimed at keeping everyone safe on the Internet. Tor is a free-software anonymising overlay network that helps people around the world use the Internet in safety. The project's 7 000 volunteer relays carry more than 48Gbps of traffic for around two million users each day.

So said Roger Dingledine, co-creator of Tor, speaking at ITWeb Security Summit 2015 in Midrand this morning.

Hiding headers

Tor is essentially free, downloadable software that anyone can install and run on a computer. Once installed, the software obfuscates a sender's e-mail header by sending that e-mail through a series of nodes, or other machines, around the globe.

Tor encrypts the original data, including the destination IP address, many times over, and sends it through a virtual circuit made up of successive, randomly-selected Tor relays. Each relay decrypts a layer of encryption to reveal only the next relay in the circuit in order to pass the remaining encrypted data on to it.

The last relay decrypts the innermost layer of encryption and sends the original data to its destination without revealing, or even knowing itself what the source of the IP address is. As the routing of the communication is concealed in part at every hop in the Tor circuit, any one point at which the communication can be de-anonymised through network surveillance that relies upon knowing its source and destination, is removed.

Tor essentially resists observers and insiders by distributing each transaction over several nodes in the network, Dingledine explained. In this way, the software makes it almost impossible for the recipient, or someone wishing to snoop, to know exactly where the message originates.

Distributed approach

Dingledine said Tor goes beyond being an e-mail client, but is a safe environment for millions of Internet users. Particularly in countries where free speech is not on the table, it is used by journalists, non-governmental organisations, citizens and activists.

Having a distributed trust approach means the Tor network can be safely operated and used by multiple users, noted Dingledine. Tor works on the real-world Internet, needs little synchronisation or coordination between nodes, and offers a trade-off between anonymity, usability, and efficiency.

Tor is funded by the US Department of Defense, The Electronic Frontier Foundation, Voice of America, Google, NLnet, Human Rights Watch, NSF, US State Department, SIDA, and The Knight Foundation, among others.

"Tor has a large community of researchers, developers and relay operators all around the world. Nearly every city has a team of graduate students working on a Tor paper."

Share