In the today's Internet, any web server receiving a request from a user logs the IP address of this user. This way, the owner of the web server knows who has looked at which web sites and at what time. The user is not anonymous to the web site. Moreover, the Internet provider of the user may use techniques such as web proxy servers or deep packet inspection to log which web sites a particular user visits. In both cases an anonymity network, also called overlay and onion networks, might bring anonymity to the user.
In these networks, a user's request is routed through several Internet hosts participating in the anonymization network in such a way that the web server does not know where the request originates from, and the Internet service provider of the user does not know to where the request goes.
FIG. 1 illustrates an example of a conventional anonymization network. A portion of the Internet including a plurality of routers 10 and 15 is shown. Of the plurality of routers 10 and 15, some of the routers, routers 15, run an anonymization service, and may act as anonymity routers 15 and form an anonymization network. These anonymity routers 15 are illustrated with a plus sign.
Operation of the conventional anonymization network will be described with respect to a client device 20 communicating with a destination device 40 via the anonymization network. In operation, a client or user device 20 running an anonymization client (e.g., software) obtains a list of anonymity routers 15 from a directory server 30. The directory server 30 maintains a list of active anonymity routers. The anonymization client on the user device 20 (hereinafter collectively referred to as the “client 20”) builds a path of connections through a plurality of anonymity routers 15. In particular, a first anonymity router 15 is randomly selected from the obtained list, and the client 20 negotiates a set of encryption keys for this connection or hop. A second anonymity router 15 is then randomly selected from the obtained list, and the client 20 negotiates a set of encryption keys for the connection or hop from the first anonymity router 15 to the second anonymity router 15. This process is repeated a number of times to build the pathway or circuit through the anonymization network.
The final anonymity router 15 in the pathway is given the address (e.g., URL) of the destination device 40. As shown, traffic sent between the client 20 and the destination device 40 traverses a number of encrypted hops. In FIG. 1, each encrypted hop is shown by a solid double headed arrow, and each unencrypted hop is shown by a dashed double headed arrow.
Because traffic traverses a number of encrypted hops, the destination device 40 (e.g., a web server) and Internet service providers are unable to properly determine the IP address of the client 20 or the web sites visited by the client 20. However, this anonymity does not come without a cost. The use of anonymization networks introduces a degree of latency that can affect the quality of Internet usage at the client 20.