DOR — Dynamic Onion Routing
Academic peer-to-peer (P2P) onion routing prototype developed in Go, aiming to hide metadata by integrating volatile user-operated relays and dynamic paths.
About
DOR (Dynamic Onion Routing) is a prototype of an anonymous peer-to-peer communication network inspired by onion routing. The project is based on the observation that encrypting content alone is not sufficient: metadata (who communicates with whom, when, and from where) remains exploitable through traffic analysis. The goal is to increase anonymity by increasing the number of relays, in particular by integrating user devices (PCs, smartphones, etc.) — which are more numerous but also volatile, heterogeneous, and only partially trusted. DOR therefore explores a distributed approach where path construction is dynamic and routing relies on a group-based organization to multiply the number of possible combinations. From an implementation perspective, the demonstrator implements onion-style encapsulation with session key negotiation/derivation and layer-by-layer encrypted transport. The packet format includes practical mechanisms (wrapped keys, relay count masking) to limit certain information leaks. The project was validated through simulations and experiments (including exchanges with three relays, both local and remote), and includes an analysis of attack scenarios (e.g., timing analysis / DDoS). Measurements show a linear-complexity onion construction and computation times that are low compared to network variance, helping to mitigate timing attacks. This work is a research and evaluation prototype (not a production-ready solution).
Papers
Key Features
Distributed onion routing (P2P)
Transmission through a chain of relays with cryptographic processing at each hop, masking the sender–receiver link.
Dynamic paths and user-operated relays
Adaptive path construction integrating volatile and heterogeneous nodes (user devices) to increase scale and relay availability.
Group-based encapsulation and encryption
Group organization and multi-layer encapsulation with key derivation, wrapped keys, and relay count masking.
Validation through simulation and experimentation
End-to-end evaluation (e.g., exchanges with three relays including a remote one) and performance measurements showing linear and stable onion construction.
Threat analysis and attack scenarios
Study of realistic scenarios (e.g., timing attacks / DDoS) and design choices aimed at reducing the exploitability of timing measurements under network variance.
Technologies
Interested?
Feel free to reach out if you want to collaborate or learn more about this project.
Get in touch →