Onion Routing

Onion routing [20, 44, 45] employs the idea of multiple-node routing and multiple-layer encryption. It employs multiple nodes to route a message, where each message is contained in a packet called an onion. In the packet, a message is encrypted layer by layer using the encryption keys of all the routers on its route and the receiver. Each layer of encryption is just like a layer of onion bulb. In onion routing, given a message packet, each router unwraps a layer of encryption by decrypting the message packet using its decryption key, finds out the identity of the next router and forwards the unwrapped message packet to the next router. Unless gaining collusion of all the routers on the routing path of his received message, the receiver cannot trace the message back to the sender, who then obtains anonymity. When a packet is routed together with a large number of other packets in busy traffic, onion routing prevents it from being traced, even if the traffic in the onion network is monitored. However, when the traffic is not busy enough, an onion packet may be traced by a party who can monitor the traffic in the whole onion network. Onion routing is widely employed in anonymous cyber surf activities and a typical example in practice is its simplified and optimised version in Tor [34].