The Tor web is a secure, encrypted network designed to enhance the privacy and anonymity of online users, most often used to access the dark web.
The open-source network routes web traffic across a series of relays that make it hard to determine the identity or physical location of users. In the process, the Tor web provides protection from surveillance, censorship and tracking.
The Tor network can trace its origins back to the mid-1990s.
At the time, staff at the U.S. Naval Research Laboratory (NRL) wanted to know if there was a way to create anonymous internet connections that did not reveal who was talking to whom.
This was one of the earliest efforts to create a decentralised network where stakeholders with different interests and needs could interact transparently and honestly.
The solution was a prototype known as onion routing, where the application layer of the communication protocol stack was encrypted and nested like the layers of an onion.
Just under a decade later, computer scientist Paul Syverson and MIT graduate Roger Dingledine started work on another onion routing system. They named their project Tor – an acronym of The Onion Routing – to distinguish it from parallel efforts at the NRL.
The Tor network was officially deployed in October 2002, with its code released under a free and open software license.
Syverson and Dingledine soon attracted funding from the Electronic Frontier Foundation (EFF) which recognised the importance of the network for online privacy and digital rights.
In 2006, the non-profit Tor Project, Inc. was founded to maintain the Tor network. Two years later, development of the Tor Browser commenced with the ultimate aim of enabling less tech-savvy users to access the network.
Today, the Tor Project is produced and maintained by a community of individuals who are passionate about the safety, privacy and human rights of their users. A version of Tor Browser known as Onion Browser is also now available for iOS devices.
According to the Tor Project website, around 3.7 million users now access the Tor network daily. Most sessions originate from Germany, the United States, Finland and India.
To understand how the Tor Browser protects the privacy of users, suppose someone wants to post a letter without anyone knowing their identity or where the recipient lives.
Here’s how it would work:
Each envelope contains instructions that dictate where the nest needs to travel next.
When the envelopes arrive at each stop, only the outermost is removed which in turn reveals the next destination. This process repeats until the letter reaches the recipient.
Tor browsers use onion routing in much the same way as the above analogy.
The letter represents a user’s data, each envelope represents an additional layer of encryption and each stop the letter takes on its journey is like a relay in the Tor network.
So what is a relay, exactly?
On the Tor network, a relay is a volunteer-operated server and there are more than 7,000 such servers around the world.
These relays – which are also called onion routers – allow users to have their internet traffic routed via some random path on the network and avoid detection or surveillance.
While thousands of relays are available, it should be noted that only three are utilised before a user reaches a website.
In general, the process looks like this.
When a user opens Tor Browser, their traffic is encrypted and sent to a guard relay at random. Guard relays know the IP address of the user, but since the data is encrypted, do not know what the user is doing.
The guard relay decrypts a portion of the data to determine the IP address of the next relay in the sequence.
The user’s data is then forwarded to a middle relay, again at random.
Similar to the envelope analogy, the middle relay only knows the IP address of the entry node. It does not know the IP address of the user or the final destination of the data.
A similar decryption process occurs to determine the IP address of the next relay.
The exit relay – sometimes called the exit node – sends the traffic to its intended destination. It does this by stripping the last layer of encryption to reveal the destination’s IP address (the web server).
Note that the traffic between the exit relay and the web server is not encrypted on the Tor network. Whatever service the user connects to will see the IP address of the exit relay and not that of the user. In this context, the service may be a website, chat platform, email provider and so forth.
Guard relays, middle relays and exit relays are not aware of their precise roles in a particular traffic transmission. This increases user privacy since none of the relay types know the origin or destination of Tor traffic.
The Tor network is often associated with the dark web and its associated illegal activity. However, there are various other use cases.
Some individuals use the network to access services unavailable on normal browsers, such as the privacy-enhanced search engine DuckDuckGo. Some may use it to subvert censorship laws while others simply want a way to browse the web privately.
Governments may use the Tor web for secure communication and as a way to collect intelligence on various criminal activities and cybersecurity threats.
Companies, on the other hand, use the network to conduct anonymous competitor research and enable employees to report fraud or unethical behaviour without fear of retaliation.
In summary:
References
https://metrics.torproject.org/userstats-relay-table.html
https://metrics.torproject.org/networksize.html
An employer identification number (EIN) is given to business entities that file with the Internal Revenue Service. These numbers, which are used …
A disbursement is the act of paying out money, typically in relation to business or financial transactions. It involves the distribution of …
The American Institute of Public Accountants, known as the AICPA, is a non-profit organization for Certified Public Accountants (CPAs) in the United …
End-to-end B2B payment protection software to mitigate the risk of payment error, fraud and cyber-crime.
