Glossary

A symmetric block cipher adopted by the U.S. government. AES-256 is considered secure against all known attacks.

The state of being unidentifiable. Distinct from privacy (hiding what you do) and pseudonymity (using a consistent fake identity).

Encryption using two mathematically related keys: a public key for encryption and a private key for decryption.

A secret method of bypassing normal authentication or encryption, often inserted by governments or malicious actors.

A distributed ledger technology where transactions are grouped into blocks and cryptographically chained together.

An algorithm for performing encryption or decryption. Examples include AES, ChaCha20, and RSA.

In Tor, a path through the network consisting of a guard, middle relay, and exit node.

The practice and study of techniques for secure communication in the presence of adversaries.

An overlay network that requires specific software to access, designed for anonymity. Examples: Tor hidden services, I2P.

Distribution of power and control away from central authorities, making systems more resistant to censorship.

A cryptographic mechanism for verifying the authenticity and integrity of digital messages or documents.

Encryption where only the communicating parties can read the messages, not even the service provider.

The final relay in a Tor circuit that connects to the destination and can see unencrypted traffic.

Techniques for identifying users based on unique characteristics of their browser, device, or behavior.

A property ensuring that session keys cannot be compromised even if long-term keys are compromised in the future.

I2P's routing mechanism that bundles multiple encrypted messages together for improved anonymity.

The first relay in a Tor circuit, chosen from a stable set to protect against certain attacks.

A one-way function that converts input data into a fixed-size output. Used for integrity verification.

A server accessible only through the Tor network, hiding its IP address. Uses .onion addresses.

A protocol allowing two parties to establish a shared secret key over an insecure channel.

Malware that records keystrokes, potentially capturing passwords and other sensitive data.

Data about data - who communicated, when, for how long, but not the content itself.

A network where messages are routed through multiple nodes that "mix" traffic to prevent tracking.

A technique for anonymous communication using layers of encryption, like layers of an onion.

Practices and procedures to protect sensitive information from adversaries.

Encryption program providing cryptographic privacy and authentication for email and files.

An intermediary server that forwards requests, potentially hiding the client's IP address.

Using a consistent fake identity. Different from anonymity, which provides no linkable identity.

The Onion Router - free software enabling anonymous communication via onion routing.

Analyzing patterns in network traffic to identify participants or reveal communications metadata.

Creates an encrypted tunnel to a server, hiding traffic from local network observers.

A cryptographic method to prove knowledge of something without revealing the information itself.