• Tor logo. Source: Tor Project 2019d.
• Tor users averaged over the year 2015. Source: Kire 2017.
• Three Tor nodes route traffic from source to destination. Source: Ashwin S 2016.
• Message is encrypted in multiple layers. Source: Leiva-Gomez 2013.
• Comparing VPN and Tor. Source: Mason 2018.

# Tor Network

arvindpdmn
1288 DevCoins
Last updated by arvindpdmn
on 2020-01-06 10:25:10
Created by arvindpdmn
on 2019-03-22 02:56:16

## Summary

Using a distributed network of nodes on the Internet, Tor provides users anonymity. Your Internet Service Provider (ISP), governments or corporations can't know which sites you've been visiting. Authorities also cannot censor content or know your location.

Tor is able to do this because it hides your IP address and the addresses of sites you visit. Your packets are bounced across multiple nodes, with each node having only information about the previous and next hops along the route. Moreover, Tor nodes are run by volunteers without any centralized control. Tor is a network service, not a peer-to-peer service like BitTorrent.

The easiest way to use Tor is to use the Tor Browser. There are many other software and services based on Tor.

## Milestones

1995

With widespread adoption of Internet in the 1990s, the US government realizes that Internet can be used by its spies for sharing intelligence. But the problem of identity and security of sources has to be solved. Hence, US Office of Naval Research starts funding research on Onion Routing. This research is initially carried out Paul Syverson, Michael G. Reed and David Goldschlag at the US Naval Research Laboratory.

1996

First prototype system that does onion routing is built. It runs on a single Solaris 2.5.1/2.6 machine emulating five nodes. In July, the code is approved for public distribution.

2002

Work starts on second generation onion routing. This is the beginning of Tor. The name is not an acronym, although it can be expanded as "The Onion Routing". Alpha release of Tor happens is September.

Oct
2003

Tor network is deployed. Tor code is open sourced under MIT license.

2004

Location hidden services are deployed. This is the beginning of Tor Onion Services. The Tor Project is funded by Electronic Frontier Foundation, whose mandate is to defend digital privacy, free speech, and innovation. In August, the Tor design paper is published at USENIX Security Symposium. By the end of the year, there are 100 Tor nodes.

2007

First major criminal activities on Tor are reported. Meanwhile, US government continues to fund Tor. About 75% of total donations for the year come from the US government. In 2013, this figure is about 93%.

2013

A leaked presentation of the National Security Agency (NSA) reveals that they tried to hack Tor and failed. Meanwhile, Edward Snowden leaks NSA documents via Tor. FBI closes Silk Road, a Dark Web marketplace for drugs, weapons and stolen data.

2015

In 2015, Tor network has over 7000 nodes worldwide. Daily, more than 2 million users connect to Tor.

2018

One study reports that Tor serves 8 million users per day. This involves 1.2 billion anonymous circuits per day carrying approximately 517 TiB of data (6.1GiB/s).

## Discussion

• Why should I use Tor?

As an individual, you can use Tor to prevent websites from tracking your activities online and serving you annoying ads. More importantly, your ISP or government may censor some websites. Tor helps in bypassing censorship.

In chat rooms where socially sensitive topics are discussed (rape counselling, suicide prevention, terminal illness), Tor helps users preserve their anonymity. This sort of anonymity is even more important for journalists or whistleblowers who are exposing high-level scams. Even as a normal user, you can use Tor to hide your location for your own safety.

In general, Tor protects against Internet surveillance based on traffic analysis. Even if your message is encrypted, there's a great deal of information in packet headers (address, size, etc.). Timing of packets can be analysed. Statistical techniques can be employed to reveal patterns. Tor overcomes traffic analysis.

• What are the building blocks of Tor?

When using Tor, traffic is routed through three Tor nodes or relays between source and destination. All Tor nodes are run by volunteers. Hence, there's no centralized control. A connection across Tor network consists of the following:

• Tor Client: Either the Tor Browser or a Tor-enabled program on your computer. This adds three layers of encryption to an outgoing message (and decrypts thrice an incoming message).
• Guard Node: First Tor node to receive your message. It removes one layer of encryption. It knows the next node but not the exit node or destination.
• Relay Node: Intermediate node. It removes another layer of encryption to obtain who's the exit node.
• Exit Node: Removes the final layer of encryption to reveal the destination. It can read the original message but doesn't know who sent it. Traffic exits this node without Tor encryption.
• Circuit: The path defined from source to destination via the three Tor nodes.
• Could you explain Tor's Onion Routing?

Just as an onion has multiple layers, Tor traffic is encrypted repeatedly and then routed through multiple nodes. Let's say, the message goes through nodes A (Guard), B (Relay) and C (Exit). Tor client first encrypts the message with C's key, then B's key, and finally A's key. When A receives the message, it decrypts it with its key. This will reveal to A that the next hop is B. However, A can't know who's C or the destination.

In summary, each node along the route has only partial information. This preserves user anonymity. The focus is to hide IP addresses of source/destination and routers along the route rather than the message content itself.

Unlike traditional IP routing, Tor routing requires the sender to know in advance the route to destination, and keys of routers along the way.

In the original onion routing, public-key cryptography was used. Encryption was done with public keys and decryption with private keys. Today's Tor network uses symmetric keys for encryption and asymmetric public/private keys for authenticating Tor nodes.

• Can my ISP know that I'm using Tor and penalize me for it?

Because Tor has been used for illegal activities, some ISP might throttle or block Tor traffic. Thanks to onion routing, your ISP can't know which site you're visiting or read your traffic. However, ISP will know that you're using Tor. This is because the IP addresses of Tor's nodes are publicly available. Tor Bridges provide a solution to this problem.

A bridge is also a Tor node but it's not listed on the main Tor directory. So your ISP can't easily block all bridges. But ISPs have a solution for this. They inspect packets to figure out if Tor is being used. To partly overcome this, we can use Pluggable Transports. These obfuscate the packets so that they don't resemble Tor traffic.

• Isn't Tor doing the same thing as a VPN or proxy?

A Virtual Private Network (VPN) routes all your Internet traffic through a VPN server that hides your IP address. The VPN provider will have many servers worldwide and one of them will be used. Because online services see requests coming from a VPN server, your location is masked. Moreover, all traffic between your device and the server will be encrypted.

Tor too routes traffic via intermediate servers. The main difference between VPN and Tor is one of trust. VPN provides privacy but this can be compromised if you don't trust your VPN provider. Your VPN provider may use weak encryption, may store logs about all your activities and may be forced to share them with governments. Being decentralized, there's no need to trust anyone on Tor. No logs are stored.

While VPN is about privacy, Tor is more about anonymity. We can also state that VPN emphasizes encryption while Tor emphasizes routing. Ultimately, VPN is sufficient for most online activities. Activists and journalists living under strict censorship laws, when their lives are at risk, can use Tor.

• What are the limitations or criticisms of Tor?

While Tor has its benefits, it can also be misused. Hackers use Tor to hide their identities. They can use Tor for ransomware attacks. Tor can be used for low bandwidth, slow Distributed Denial-of-Service (DDoS) attacks. Tor's hidden services feature has been used to publish suspicious or illegal content: drugs, firearms, child pornography.

One study found that a Tor user is 6-8 times more likely to perform a cyberattack. This gives bad repute to all Tor users, whose activities could be wrongly suspected. ISPs will throttle your Tor traffic or even block completely. Some websites block Tor nodes. For example, Wikipedia doesn't allow content edits from anonymous authors since logging IP addresses of Tor exit nodes makes no sense. This prevents vandals but also blocks genuine authors.

Tor has been criticized for being slow. It can't handle peer-to-peer file sharing. Setting up a Tor relay node is also non-trivial.

• How do I get started with using Tor?

The simplest way is to install Tor Browser for anonymous Internet access. If access to Tor Project website is blocked, you can send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. document.getElementById('cloak24cba07ea788c216c4ea0d51d1eac4c3').innerHTML = ''; var prefix = '&#109;a' + 'i&#108;' + '&#116;o'; var path = 'hr' + 'ef' + '='; var addy24cba07ea788c216c4ea0d51d1eac4c3 = 'g&#101;tt&#111;r' + '&#64;'; addy24cba07ea788c216c4ea0d51d1eac4c3 = addy24cba07ea788c216c4ea0d51d1eac4c3 + 't&#111;rpr&#111;j&#101;ct' + '&#46;' + '&#111;rg'; var addy_text24cba07ea788c216c4ea0d51d1eac4c3 = 'g&#101;tt&#111;r' + '&#64;' + 't&#111;rpr&#111;j&#101;ct' + '&#46;' + '&#111;rg';document.getElementById('cloak24cba07ea788c216c4ea0d51d1eac4c3').innerHTML += '<a ' + path + '\'' + prefix + ':' + addy24cba07ea788c216c4ea0d51d1eac4c3 + '\'>'+addy_text24cba07ea788c216c4ea0d51d1eac4c3+'<\/a>'; . Email body should contain one of these words: windows, osx or linux. You'll get a link to download Tor Browser.

If you wish to use the Tor network for purposes other than web browsing (such as FTP or SSH), read about privoxy, torsocks, and torification.

To learn more, the official Tor documentation and Tor FAQ are good places to start. FAQ is also a good place to find solutions to common problems. For community support, head to Tor StackExchange. Follow Privacy Enhancing Technologies Symposium (PETS), an annual event featuring the latest developments. For in-depth understanding, read Tor specification documents.

If you run a site, and it's getting hacked over Tor, you can block exit nodes that are accessing your server. An online service such as TorDNSEL can also help.

• What are the different projects based on or related to Tor?

For safe web browsing, use the Tor Browser. For Tor statistics and resource utilization, use Nyx and Metrics Portal. Orbot is a project that aims to bring web browsing to Android platform. Orlib is a library that can be used with any Android app to route traffic through Orbot/Tor. Tails is a live CD/USB distribution of Tor and leaves no trace on the local system.

There are also many community projects. OnionShare is for anonymous file sharing. SecureDrop is for whistleblowers to submit documents to media organizations. GlobalLeaks also enables whistleblowers. Ahmia is a search engine for content published on Tor Onion Services.

Three general methods to "torify" apps are proxification, socksification, transsockification. Torifier can be used to tunnel any software application over Tor.

For developers, Shadow, Stem and txtorcon might be of interest. Orchid can be used to torify Java and JVM applications.

## Milestones

1995

With widespread adoption of Internet in the 1990s, the US government realizes that Internet can be used by its spies for sharing intelligence. But the problem of identity and security of sources has to be solved. Hence, US Office of Naval Research starts funding research on Onion Routing. This research is initially carried out Paul Syverson, Michael G. Reed and David Goldschlag at the US Naval Research Laboratory.

1996

First prototype system that does onion routing is built. It runs on a single Solaris 2.5.1/2.6 machine emulating five nodes. In July, the code is approved for public distribution.

2002

Work starts on second generation onion routing. This is the beginning of Tor. The name is not an acronym, although it can be expanded as "The Onion Routing". Alpha release of Tor happens is September.

Oct
2003

Tor network is deployed. Tor code is open sourced under MIT license.

2004

Location hidden services are deployed. This is the beginning of Tor Onion Services. The Tor Project is funded by Electronic Frontier Foundation, whose mandate is to defend digital privacy, free speech, and innovation. In August, the Tor design paper is published at USENIX Security Symposium. By the end of the year, there are 100 Tor nodes.

2007

First major criminal activities on Tor are reported. Meanwhile, US government continues to fund Tor. About 75% of total donations for the year come from the US government. In 2013, this figure is about 93%.

2013

A leaked presentation of the National Security Agency (NSA) reveals that they tried to hack Tor and failed. Meanwhile, Edward Snowden leaks NSA documents via Tor. FBI closes Silk Road, a Dark Web marketplace for drugs, weapons and stolen data.

2015

In 2015, Tor network has over 7000 nodes worldwide. Daily, more than 2 million users connect to Tor.

2018

One study reports that Tor serves 8 million users per day. This involves 1.2 billion anonymous circuits per day carrying approximately 517 TiB of data (6.1GiB/s).

## Tags

• Tor Browser
• Tor Protocol
• Tor Onion Service
• IP Tunnelling
• Onion Routing
• Virtual Private Network

Author
No. of Edits
No. of Chats
DevCoins
3
0
1288
1785
Words
0
Chats
3
Edits
4
Likes
1223
Hits

## Cite As

Devopedia. 2020. "Tor Network." Version 3, January 6. Accessed 2020-04-03. https://devopedia.org/tor-network
• Site Map