2

I'm reading paper on first generation Onion Routing from 1996.

From paper:

"To begin a session between an initiator and a responder, the initiator's proxy identifies a series of routing nodes forming a route through the network and constructs the onion which encapsulates that route."

But how does the initiator's proxy know that this specific route will connect to receiver's proxy? I know that in second generation (TOR) route is created after receiving list of nodes from Node Directory. But that doesn't explain how initiator's proxy know on which of proxies receiver is listening for message.

Is there anything I'm missing here? Where does knowledge about potential routes come from in first generation OR? How do we make sure that chosen route leads to receiver's proxy?

Edit I found another remark about this in paper about Tor.

"(...) The earlier Onion Routing design planned to flood state information through the network—an approach that can be unreliable and complex. (...)"

proslaniec
  • 175
  • 8

1 Answers1

2

In the theory of onion routing, the underlying routing graph is complete. All routing nodes can talk to the initiator's proxy and the receiver's proxy. In TCP/IP terminology, the initiator's proxy, receiver's proxy, and the routing nodes, all have fixed public IP addresses, and any of these machines can open a TCP connection to any other of these machines.

In that sense, the route is not so much discovered than defined. All routes are possible; the initiator just selects one.

The conceptual difficulty here is in realizing that there are two very distinct layers. Physically, there are not wires going between any two pairs of machines; any communication from machine A to machine B will need to go through a number of intermediary hosts. However, once that system is up and running (that's the "Internet"), we can reason about it as an abstract method that can convey information between any two systems. It is the encryption that allows for this abstraction: routers that are physically involved in transferring data from node A to node B won't be able to know where the data should go after node B because that information is encrypted and only B has the decrypting key.

Thomas Pornin
  • 320,799
  • 57
  • 780
  • 949
  • In all that fuzz about anonymity I forgot that I actually need to know who I am connecting with. I didn't realize that receiver's proxy IP would be known prior to creating connection. Thanks. – proslaniec Mar 11 '16 at 18:10