What is Tor?
Tor, known as "The Onion Router," is a widely used network technology that allows users to access the internet anonymously. It is an open-source privacy network that uses a TCP connection for instant messaging, P2P, Browsing, emailing, and much more. This network ensures user privacy by using a layered approach that resembles the nested layers of an onion.
How Tor works
Onion routing is the technology behind the Tor network. It gets its name from how data is encrypted multiple times in layers. The data is sent through a series of nodes that act as proxy servers, encrypting the data at each step. This creates multiple layers of encryption, corresponding to the number of nodes in the route. Typically, three nodes are in a route to balance anonymity and speed. When the data is received, it is decrypted in the same way.
Onion routing ensures that only the final node in the route can see the request in plain text, but it cannot identify the user. Even within the route, tracking the user's identity becomes challenging when not all the nodes are controlled by the same operator, which is typically not the case.
Components of the Tor network
When a user tries to browse some content through the Tor network, it includes the following stations:
Tor client
When a user tries to connect to a web service, such as searching on Bing.com, they use the Tor client, such as Tor Browser, on their PC or mobile device. The Tor client encrypts the user's request and then sent to one of the predetermined entry points in the Tor network.
Entry point (guard node)
The initial point of entry into the Tor network also referred to as the "entry guard" or "guard," receives an encrypted access request from the Tor client and forwards it to a relay node. The guard node does not have access to the content of the request; it only knows the source (Tor client) and the next Tor node for relaying the request.
Unlike the other nodes in the connection, guards are not chosen dynamically. Instead, the client selects a small number of predefined guards (usually three) for all sessions. These guards are only re-selected every two to three months or in the event of failure.
Tor nodes
The incoming request is now received by the Tor node and forwarded to the destination node or exit point. At each node, one layer is decrypted. It's important to note that even conventional Tor nodes do not have access to the unencrypted content of the requests. Only the nodes before and after the current node in the connection are involved in the communication process.
Exit node
The exit node now establishes a connection with the specified web server. At this stage, the request is decrypted and then sent to the intended target server using a DNS request.
Target server
The target server acknowledges the request and becomes aware of the request as well as the IP address of the exit node. It proceeds to send the requested web content to the exit node.
However, the true source of the request remains undisclosed. Subsequently, the response from the server follows the same path that the initial request took.
Programs that use the Tor network
Many programs use Tor Network, but the famous ones are listed below:
Tor browser: The most well-known program created by the Tor project is the Tor Browser. It is based on a stable version of Mozilla Firefox and includes additional features like NoScript and HTTPS Everywhere.
Onion browser: This is a mobile browser developed for Apple iOS and is also open source. Unlike the Tor Browser, it uses the WebKit engine instead of Mozilla's Gecko engine because of the platform it runs on.
Tails: Tails is an operating system designed for IT security, data protection, and anonymity. By default, all internet traffic in Tails goes through the Tor network.
OnionShare: OnionShare is a service that allows users to exchange data anonymously and securely over the Tor network.
