Sign Up

What is the Tor network and how does it work? | Onlinesim

  • Nov 29, 2022, 11:56 AM
  • 7 minutes

This is the second article from the cybersecurity series. In the last article, we explained what a VPN is and how it helps to stay anonymous on the Internet.

This article will tell you about the next level of cybersecurity — the Tor network. You will learn about its operation principles, its uses, and other interesting facts.

What Is Tor?

Tor (The Onion Router) is a network of virtual tunnels to provide privacy and security on the Internet. The data goes through several computers, gets encrypted, its IP address changes, and a user can surf the Internet through a secure channel.

Tor was invented by U.S. military scientists. Later, its code was released for public use under a free license and called the Tor Project.

Today, the Tor browser is used to create an anonymous internet environment. It is an official browser from the creators of this network. It is also called a system of proxy servers that encrypts users' traffic and automatically clears browsing history after each session. The Tor browser has all the necessary configurations for you to connect to the network.

How Does the Tor Network Work? 

The browser is based on a system of proxy servers connected to each other. Thousands of servers called nodes are available in the network.

When you launch the browser, it first loads node data to the network. Then the browser chooses nodes to transmit the user's request. Every time your requests go through randomly selected nodes, so tracking is impossible.

In Tor, all user’s requests are relayed and encrypted three times. As a result, a real user's IP address and location from which a request originates change.

The Tor network uses three nodes to achieve maximum security. The service support says, “We don't want to encourage people to use paths longer than this.” It increases the load on the network without enhancing security.

Also, using more than three nodes can lead to reduced anonymity, making it easier to conduct an attack like a denial-of-service attack. The long encryption chain can be traced if a small group of people uses the chain of the same length.

Each node has a name. The first one is the entry node. The entry node is usually the one that has been in operation for a long time and has a high throughput.

The second one is the middle node. Its task is to decrypt and transfer data to the next node. It does not know where the data comes from and where it goes to.

The third one is the exit node. It sends a request to a desired address, and only its IP address is visible to the website to which the request was sent.

The server sends its response back to the exit node, which takes care of sending the response back to you with the same three-layer encryption.

This is how the Tor network works

The request transmission looks like this: Tor encrypts a user's request so that only the entry node can decrypt it. Then the request is encrypted again, and only the middle node can decrypt it. Finally, the request is encrypted one last time so that only the exit node can decrypt it.

Layers of encryption in an onion network

The traffic is "wrapped" in layers of encryption like an onion. Hence, it is called onion encryption. Each node obtains only the data it needs: where encrypted data comes from and where it should be sent.

In theory, nodes can belong to the same person and be interconnected. But even so, nodes cannot intercept information, but they can detect the source of the request and its destination.

Why Should You Use Tor?

Protect yourself from surveillance. The browser hides your browsing history.

Finding a real IP address is almost impossible because your request will pass through three layers of encryption.

Besides, Tor tries to make all its users look alike so that fraudsters cannot trace users by their browser or device fingerprints.

Avoid Ad Tracking. Third-party trackers and advertisers can't track you because Tor changes your IP address and automatically clears your browsing history and cookies at the end of each session.

Bypass geo-restrictions. Some websites restrict certain IP addresses. Since Tor changes your actual IP address, you can get access to geo-blocked content.

Test the firewall. The Firewall is a protective shield between the device and the Internet configured by IT specialists. Specialists change an IP address in Tor and conduct a firewall health check.

High if not using HTTP protocol
Geo-blocking bypass
Yes, but not always
Internet connection speed
Reduces significantly
Reduces or does not change
Reduces or does not change
There are free VPN, but paid ones perform better
There are free proxies, but paid ones perform better

The Legality

Tor is a legal software to create an anonymous internet connection. However, some countries restrict access to the browser. The list of these countries:

🇿🇦South Africa

Even if Tor is not banned in your country, you should not engage in any illegal activity on the Internet — otherwise you can be punished accordingly.

Since any website can see the exit node address, law enforcement may come to the operator when investigating crimes committed using Tor.

Advantages of Using Tor

Secures traffic. Hackers and providers will not see your data because they cannot get through the Tor connection.

Prevents governments and advertisers from spying. It is almost impossible to track users' actions in the network since Tor changes IP.

Free. You can download the Tor browser from the official website and use it for free.

Disadvantages of Using Tor

Slows down connection speed. Since Tor routes data via three layers, it may run slower than a regular connection. The connection speed depends on the network infrastructure: the speed is good when there are many nodes in a particular area and vice versa.

You can make Tor run faster. For example, you can update the browser, optimize settings and connect to relays and other nodes.

Remember! Tor is not suitable for watching videos, calls, and downloading files. Its primary purpose is to maintain anonymity and protect from surveillance.

Not that private. In 2016, The US amended Rule 41 . This amendment gave the FBI authority to hack as many computers as they wish anywhere in the world using a single warrant. Law enforcement agencies can now hack into exit nodes and get your personal information. Such a case occurred in 2016. Then the FBI hacked over 8,000 Computers in 120 Countries.

If the government can hack computers, it means that hackers are also capable of it. It is harder for the government to hide the fact of a hack because it has to report on activities, including hacking, and abide by the laws. And hacks by individual cybercriminals are rarely talked about.

At the same time, if you do not engage in illegal activities and your online behavior does not draw attention, you will not be hacked.

The exit node can see request contents . but only if you sent requests using insecure protocols: HTTP, SMTP, FTP.

The danger of using the HTTP protocol in the Tor network

If the information is sent over a secure protocol, for example, HTTPS, then even the exit node will not see it.

The SMTP and FTP protocols can be as safe if used with SSL.

Blocking by provider. In some counties, it is forbidden to use Tor, so providers block the entry nodes. You cannot solve the problem because the list of entry nodes is loaded when you connect to the network, and everyone knows these nodes.

Does not protect if you use it carelessly. Your anonymity will be affected if you log into social media accounts with your username, password, or email in Tor. Specially trained people can identify you on other websites if you access them from the same IP address.

Doesn't always bypass geo-blocking. You cannot select a specific country for the entry codes in Tor. Therefore, you can be assigned IP geolocation listed as blocked on the website.