Security Analysis And Research Of Tor Anonymous Communication System

With the development of Internet technology, Web-based activities such as e-commerce, Internet voting, e-government are becoming increasingly frequent. The identity for the network activities, content and other information security are increasingly concerned about privacy.To protect users'network communication privacy, anonymous communication technology has been proposed and widely used.Anonymous communication technology's major purpose is to communicate by hiding the identity of both information and communication relationships, which is to achieve the user's the protection of private and sensitive information. Currently, anonymous communication technology has become an important field of information security research.Tor is currently the most popular anonymous communication systems, which is based on second-generation onion routing technology. Tor has a low latency, data encryption transmission, secure channel, etc. and is widely used and anonymous Web browsing, instant messaging, SSH and other TCP-based applications. But the Tor system is not safe enough, how to enhance the Tor system is the ability to withstand attack and improve their safety is the focus of this paper.This paper has three parts, firstly we introduces the Tor system, working principle, the establishment process of the anonymous circuit, onion packet data structure and node selection algorithm.In second part ,we summarizes the main analysis and system security mechanisms, and Tor system's Vulnerability, which give the attacker an great opportunity.We mainly focus on two kinds of attacks against Tor (1) Malicious nodes attack against Tor (2) Distributed Denial of Service against Tor (DDos), and the results obtained showed that: (1) Routing node of Tor system communication is directly related to the anonymity of the user's security.If it did not have the Tor node authentication and validation system,an attacker would use their controlled node replaces the normal node, and thus associated identity and information of communicating parties; (2) It is easily under Tor's DDos attack and the system will not have the ability to distinguish and filter the attack packets. So when a node under DDos attack, the node's service will fail.Therefore, we present two kinds of Tor's security mechanism: The first strategy is based on the identity and the elliptic curve signcryption technique for Tor node authentication system, while the introduction of a signed trusted certificate (Trusted Certificate) to strengthen the authentication between nodes to improve the reliability of the node, to prevent the entrance of malicious nodes. The second strategy is to use the idea of static path packet filtering technology, modify the onion routing data packets and add TTL value and identity field.The onion router will generate the marking with a flexible length according to the TTL value of an arriving packet. Finally, from a security point of view, we discuss these two kinds of security mechanisms for verification and analysis.