Tor Key Establishment

Let’s learn how keys are managed in Tor.

Each onion router in Tor possesses several public-key pairs, including:

  • An identity key pair, which is a long-term key pair used to sign certificates and other important routing information.

  • An onion key pair, which is a medium-term key pair used to support symmetric key establishment.

  • A connection key pair, which is a short-term key pair used to establish SSL/TLS connections.

To conduct the triple encryption operation, Alice first establishes separate symmetric keys with each of the three onion routers in the circuit. It is not immediately obvious how to do this. The problem Alice faces is that while they can advise OR1 to pass the communication to OR2, router OR1 is not permitted to know the rest of the circuit. So how can they arrange for the communication to continue to OR3 and ultimately WS?

The core idea behind the solution is clever:

  1. Alice first establishes a set of symmetric keys with OR1.

  2. Alice then establishes, via OR1, a set of symmetric keys with OR2. This involves OR1 learning OR2 as the next node in the circuit, but OR1 does not learn the keys relating to OR2. Further, OR2 is unaware of who it shares these keys with.

  3. Alice then establishes, via OR1 and OR2, a set of symmetric keys with OR3. This involves OR2 coming to know that OR3 is the next node in the circuit, but OR1 and OR2 do not learn the keys relating to OR3. Importantly, Alice can prevent OR1 from knowing about the identity of OR3 by encrypting the information relating to OR3 using one of the keys they now share with OR2.

At the end of this process, Alice has a shared set of symmetric keys with each of the onion routers, and each of the routers is aware only of its predecessor and successor in the communication path.

Each of these sets of symmetric keys is derived from a secret established using the Diffie-Hellman protocol (the most recent version of Tor uses elliptic-curve Diffie-Hellman). A simplified version of the establishment of the first two sets of symmetric keys is shown in slightly more detail in the illustration below:

Get hands-on with 1400+ tech skills courses.