What is Tor?
Because of the network’s structure, the server doesn’t know who you are – unless you log in, that is. Your Internet service provider (ISP) can see that you’re using Tor, but they have no way of knowing what you’re browsing.
How does onion routing work?
Let’s answer that question with another question – what could onions possibly have to do with privacy?
As it turns out, just like onions (or loveable green ogres), the packets you send through the Tor network have layers. You take your message and encrypt it to form the first layer. You then take this wrapped message, and add another layer – but this time, you encrypt it with a different key. You do this a third time (again with a different key), and you end up with something that structurally resembles a cryptographic onion.
You’ve wrapped your data in multiple layers of encryption.
If someone wanted to get to the core of our onion, they would need to be able to decrypt all three layers. For our purposes, we ensure that no single person can do that. We select three peers in the network (call them Alice, Bob, and Carol). We use three keys, but each peer can only knows one.
Carol is the last person to receive the onion, so we first encrypt our message with the key that she knows. Bob is in the middle, so we encrypt our data with the key he knows next. But we’ll add a bit of information beforehand that tells Bob where he needs to send the data (i.e., to Carol). Lastly, we’ll wrap all of that information (plus the instruction to send the packet to Bob) using the key that Alice knows.
Ever played that game where you wrap a reward in several layers of paper and pass it around a circle, with players unwrapping as it goes? What we’re doing is a bit like that. Except in onion routing, you can’t see the other players. You’re all in different rooms, but you can pass the parcel through holes in the walls.
You make the parcel. The outermost wrapper has a label that says “Alice,” which means that only she can open it. You pass it through the hole in the wall.
Tor is just one implementation of onion routing and is maintained by the Tor Project. Like our illustration above, it uses three hops to obfuscate the source of the message. There’s no reason to limit yourself – you could have a protocol with several layers of encryption if you wanted to.
Additional hops come at a cost, however. If you’ve ever used the Tor Browser, you’ll have probably noticed that it’s considerably slower than your regular browser. That makes sense because you’re not communicating directly with the server. The information is taking a convoluted path to the destination and must be altered every step of the way.
Why use Tor?
In a way, the use of Tor by criminals is a rousing endorsement for the system. If someone’s freedom is dependent on their privacy, then the tools they’re using are probably fit for purpose. You could be a whistleblower on the run from three governments. Or you could be an average person that just doesn’t want your ISP snooping on your conversations with friends and family. It doesn’t matter – technologies like Tor are agnostic tools for enhancing everybody’s privacy
Tor – and onion routing in general – are integral components in the digital privacy landscape. It’s virtually impossible to obtain total anonymity online, but with a simple download, users can enjoy a browsing experience free from prying eyes. Such tools are crucial for evading censorship and defending your fundamental right to privacy.