What Is Tor and How Does It Work?
The Tor network — often referred to as just “Tor” — is a free, open-source system designed to enable anonymous communication on the web. The name comes from the original project name: “The Onion Router”.
The Tor network anonymizes your online activity by encrypting your traffic and randomly bouncing it through a global network of access points, or ‘nodes’, which are all maintained by volunteers.
Importantly, the process is designed to be fully anonymous, but it isn’t fully private. The final node — or ‘exit node’ — has no way of knowing who you are, but it can theoretically observe what you are doing. If you were to email someone your name, or your true IP address, you could reveal your identity.
Like an onion, Tor has layers. Here’s how the Tor network encrypts and anonymizes your internet traffic:
- Before connecting to the network, Tor selects three or more random servers (nodes) to connect to.
- The Tor software encrypts your traffic in such a way that only the exit node can decrypt it.
- Additional layers of encryption are added for each of the nodes your traffic will pass through, ending at the first node you will connect to (the guard node).
- At this point in the process at least three layers of encryption protect your traffic.
- When your computer contacts the guard node, the guard node knows your IP address but cannot see anything about your traffic (its content or destination).
- The guard node decrypts the first layer of encryption to discover the address of the next node in the chain. It then sends your traffic onward — still protected by at least two layers of encryption.
- The next node in the chain receives your encrypted traffic. It knows the IP address of the previous server in the chain but does not know your true IP address or how many steps have occurred in the chain up until this point. This node removes a layer of encryption to reveal the identity of the next server in the chain. It then sends your data forwards.
- This process is repeated until your traffic reaches the exit node. The exit node decrypts the final layer of encryption. This reveals your traffic but the exit node has no way of knowing who you are.
- Your traffic completes its journey to the internet.
Because each node only knows the identity of the server directly next to it in the chain, it is impossible for any malicious actor to reverse engineer your connection’s route through the onion network.
At no stage in this process does any node know both who you are and what you are doing.
For added security, your path is also randomly reassigned around every ten minutes. This means your connection is assigned a new set of servers to bounce between.
Tor is most commonly used through the Tor Browser. This is a free, Firefox-based application that you download and install onto your computer. The Tor Browser uses the Tor network to conceal your identity, location, and online activity from tracking or surveillance.
The technology was originally designed for the US military and is favored by political activists and privacy advocates — as well as by some unsavory characters looking to evade detection. It helps you access content which has been blocked by your country or your internet service provider (ISP), while also keeping your identity hidden from both the websites you visit and the network itself.
Tor also lets you access a number of unlisted websites with the .onion domain name — part of the so-called ‘Dark Web’. The most notorious of these sites is the now shut-down Silk Road marketplace, but there are less sinister sites in operation too such as a mirror of BBC News designed to beat censorship.
Despite its occasional link to criminality, Tor often receives endorsements and praise from civil liberties organizations, such as Amnesty International and the Electronic Frontier Foundation (EFF).
In short, Tor allows you to:
- Hide your IP address from the websites you visit.
- Hide your identity from the nodes in the network.
- Access ‘hidden’ .onion domains.
- Anonymize your online activity.
- Communicate confidentially.
- Access censored content.
Over the last decade, the size of the infrastructure and the lack of any centralized authority has moved Tor into the mainstream. However, the trade-off for this large network of community-managed nodes is an unreliable connection and often very slow speeds.
In addition, the network is only designed to handle traffic using the popular TCP protocol, which represents the majority of normal browsing traffic.
Being limited to this protocol creates a potential vulnerability, because all traffic which uses UDP or any other internet protocol will have to travel outside the Tor network. Voice and video traffic, for example, are generally transmitted using UDP.
Tor is undoubtedly the cheapest privacy tool around, but there are risks inherent to using it. Unless you alter your browsing habits, you are at risk of exposing your true IP address or other personally identifiable information: completely wrecking your anonymity. You can learn more about this in our section on How to Stay Safe Using Tor.
For details on how to install and use the Tor browser, check out How Do I Use Tor?