Code reviews

Jones, Sept. 21st 2014
"As suggested by jl777, I am posting the workings of onion routing and potential pitfalls it could have. Onion routing is a method for sending data from one place to another by bouncing the data across multiple servers with multiple layers of encryption.

Process:

1. the data to send is encrypted on multiple levels by the client

2. the client sends the encrypted packet to the first of many PrivacyServers

3. the privacy server does checks on the packet

4. the server then decrypts the packet one level

5. the server checks if the packet is now completely decrypted and meant for this location

6. If it still has layers of encrytion to go, it locates a new privacy server to send to and repeats the process

7. once the packet reaches the end user, the data is available, seemingly untractably and anonymously

Faults to work out:


 * the packets could be monitored for size and followed by tracing the unique size of the packet through the network


 * ~ mitigated by either padding the values to max or adding a random salt to the packet at each level


 * the packets could be followed by the timing of each hop


 * ~ mitigated by adding random wait times on the system


 * somehow having a code fault that allows access to previous senders or public keys for other levels or privacy servers


 * ~ further code analysis for errors"