Tor Network

Overview

Tor (The Onion Router) is free and open-source software enabling anonymous communication on the Internet. It directs Internet traffic through a free, worldwide volunteer overlay network consisting of thousands of relays, concealing users' locations and usage from surveillance and traffic analysis.

Key Features

Anonymity: Conceals IP addresses and location
Encryption: Multi-layer encryption (onion encryption)
Hidden Services: .onion sites accessible only via Tor
Censorship Resistance: Bypasses internet blocks and filters
Open Source: Fully auditable codebase

How Tor Works

When you use Tor, your traffic is routed through three randomly selected relays (nodes) before reaching its destination. Each relay only knows the identity of the previous and next node in the chain.

The Three Relays

1

Guard Node (Entry)

The first relay knows your IP address but cannot see what you're accessing or your final destination. Guard nodes are chosen from a stable set of relays to prevent certain attacks.

2

Middle Node

The middle relay only knows the guard node and exit node. It cannot see your IP address or your final destination. This is the most anonymous position in the circuit.

3

Exit Node

The exit relay connects to your destination website. It can see the traffic content (if not HTTPS) but cannot identify you. Exit nodes are crucial and face legal scrutiny.

Onion Encryption

Before your data leaves your computer, the Tor client encrypts it in three layers, one for each relay:

encryption-layers

# Original message wrapped in encryption layers

Layer 3 (Exit): [ Layer 2 (Middle): [ Layer 1 (Guard): [ Message ] ] ]

# Each relay peels off one layer

Guard peels → Layer 2: [ Layer 1: [ Message ] ]

Middle peels → Layer 1: [ Message ]

Exit peels → Message → Destination

Hidden Services (.onion)

Tor Hidden Services (now officially called Onion Services) allow servers to hide their location while being accessible only through the Tor network. These sites use the .onion pseudo top-level domain.

How Onion Services Work

Introduction Points: The hidden service selects random Tor relays as introduction points
Service Descriptor: A signed descriptor with introduction points is published to a distributed hash table
Client Request: Clients download the descriptor and choose an introduction point
Rendezvous: A rendezvous point is created for the actual connection
End-to-End Encryption: All traffic between client and service is encrypted

⚠️

Version 3 Onion Addresses: Modern .onion addresses are 56 characters long (v3) compared to the older 16-character (v2) format. V3 addresses use stronger cryptography and are more secure.

Using Tor

Tor Browser

The recommended way to access Tor is through the official Tor Browser, a modified version of Firefox with Tor integration and privacy enhancements built-in.

tor-installation

# Download from official source

user@cosmic:~$ wget https://www.torproject.org/dist/torbrowser/...

# Verify signature

user@cosmic:~$ gpg --verify tor-browser-*.asc

# Extract and run

user@cosmic:~$ tar -xvf tor-browser-*.tar.xz && cd tor-browser && ./start-tor-browser

Best Practices

Always download from torproject.org
Verify cryptographic signatures
Keep Tor Browser updated
Don't install additional plugins
Don't maximize the browser window
Use HTTPS whenever possible
Never torrent over Tor

Limitations & Threats

While Tor provides strong anonymity, it's not perfect. Understanding its limitations is essential for proper operational security.

Traffic Analysis Powerful adversaries monitoring both ends may correlate traffic patterns

Browser Exploits Vulnerabilities in the browser itself can compromise anonymity

User Behavior Logging into personal accounts or revealing identity defeats anonymity

Timing Attacks Correlation between entry and exit traffic timing

Network Statistics

0

Daily Users

0

Relays

0

Onion Services

0

Gbps Bandwidth