Finance glossary

What is the Tor web?

Bristol James
5 Min

The Tor web is a secure, encrypted network designed to enhance the privacy and anonymity of online users, most often used to access the dark web.

The open-source network routes web traffic across a series of relays that make it hard to determine the identity or physical location of users. In the process, the Tor web provides protection from surveillance, censorship and tracking.

History of the Tor network

The Tor network can trace its origins back to the mid-1990s.

At the time, staff at the U.S. Naval Research Laboratory (NRL) wanted to know if there was a way to create anonymous internet connections that did not reveal who was talking to whom.

This was one of the earliest efforts to create a decentralised network where stakeholders with different interests and needs could interact transparently and honestly.

The solution was a prototype known as onion routing, where the application layer of the communication protocol stack was encrypted and nested like the layers of an onion.

Just under a decade later, computer scientist Paul Syverson and MIT graduate Roger Dingledine started work on another onion routing system. They named their project Tor – an acronym of The Onion Routing – to distinguish it from parallel efforts at the NRL.

The Tor network is launched

The Tor network was officially deployed in October 2002, with its code released under a free and open software license.

Syverson and Dingledine soon attracted funding from the Electronic Frontier Foundation (EFF) which recognised the importance of the network for online privacy and digital rights.

In 2006, the non-profit Tor Project, Inc. was founded to maintain the Tor network. Two years later, development of the Tor Browser commenced with the ultimate aim of enabling less tech-savvy users to access the network.

Today, the Tor Project is produced and maintained by a community of individuals who are passionate about the safety, privacy and human rights of their users. A version of Tor Browser known as Onion Browser is also now available for iOS devices.

According to the Tor Project website, around 3.7 million users now access the Tor network daily. Most sessions originate from Germany, the United States, Finland and India.

How does the Tor browser work?

To understand how the Tor Browser protects the privacy of users, suppose someone wants to post a letter without anyone knowing their identity or where the recipient lives.

Here’s how it would work:

  1. The letter is written and put in an envelope.
  2. The envelope is placed inside another envelope, and then another and so forth.
  3. The nested set of envelopes is then posted to the recipient.

Each envelope contains instructions that dictate where the nest needs to travel next.

When the envelopes arrive at each stop, only the outermost is removed which in turn reveals the next destination. This process repeats until the letter reaches the recipient.

Applying this analogy to the Tor browser

Tor browsers use onion routing in much the same way as the above analogy.

The letter represents a user’s data, each envelope represents an additional layer of encryption and each stop the letter takes on its journey is like a relay in the Tor network.

So what is a relay, exactly?

On the Tor network, a relay is a volunteer-operated server and there are more than 7,000 such servers around the world.

These relays – which are also called onion routers – allow users to have their internet traffic routed via some random path on the network and avoid detection or surveillance.

While thousands of relays are available, it should be noted that only three are utilised before a user reaches a website.


In general, the process looks like this.

1 – Guard relay

When a user opens Tor Browser, their traffic is encrypted and sent to a guard relay at random. Guard relays know the IP address of the user, but since the data is encrypted, do not know what the user is doing.

The guard relay decrypts a portion of the data to determine the IP address of the next relay in the sequence.

2 – Middle relay

The user’s data is then forwarded to a middle relay, again at random.

Similar to the envelope analogy, the middle relay only knows the IP address of the entry node. It does not know the IP address of the user or the final destination of the data.

A similar decryption process occurs to determine the IP address of the next relay.

3 – Exit relay

The exit relay – sometimes called the exit node – sends the traffic to its intended destination. It does this by stripping the last layer of encryption to reveal the destination’s IP address (the web server).

Note that the traffic between the exit relay and the web server is not encrypted on the Tor network. Whatever service the user connects to will see the IP address of the exit relay and not that of the user. In this context, the service may be a website, chat platform, email provider and so forth.

Guard relays, middle relays and exit relays are not aware of their precise roles in a particular traffic transmission. This increases user privacy since none of the relay types know the origin or destination of Tor traffic.

How is the Tor network used?

The Tor network is often associated with the dark web and its associated illegal activity. However, there are various other use cases.

Some individuals use the network to access services unavailable on normal browsers, such as the privacy-enhanced search engine DuckDuckGo. Some may use it to subvert censorship laws while others simply want a way to browse the web privately.

Governments may use the Tor web for secure communication and as a way to collect intelligence on various criminal activities and cybersecurity threats.

Companies, on the other hand, use the network to conduct anonymous competitor research and enable employees to report fraud or unethical behaviour without fear of retaliation.

In summary:

  • The Tor web is a part of the internet that is only accessible via the Tor network. Tor, which stands for The Onion Router, is a network designed to enhance the privacy and anonymity of its users.
  • The Tor network relies on over 7,000 relays (servers) which are managed by a large cohort of volunteers. Three relays are typically used per request such that no relay knows its role in the process or indeed where the traffic came from or where it is going.
  • The Tor web is often associated with the nefarious activities that occur on the dark web. However, it is popular with users who want to browse the web anonymously and also with governments and companies for various purposes where discretion is key.


Related articles

Finance glossary

How to read a check

Reading a check may appear straightforward at first glance, but the various elements that comprise a check play a crucial role in …

Read more
Finance glossary

What is a hedging strategy?

A hedging strategy is a risk management strategy to avoid large financial statement losses due to investment fluctuations. Hedges work like an …

Read more
Finance glossary

What is an external audit?

An external audit is an assessment of the accuracy of your financial statements by an independent third party. Independent examination gives lenders, …

Read more

The new security standard for business payments

Eftsure provides continuous control monitoring to protect your eft payments. Our multi-factor verification approach protects your organisation from financial loss due to cybercrime, fraud and error.