How TOR works?

How TOR works
How TOR Works

Tor is a network that implements a technique called Onion Routing, designed to protect communications in the United States Navy. The idea is to change the traditional routing mode of the Internet to ensure anonymity and data privacy.

The traditional routing we use to connect to servers on the Internet is direct. For example, if you want to read a website your computer connects directly to its servers. The route is relatively simple: from your computer to your router, from there to the routers of your ISP (Internet Service Provider) and then directly to the servers of the website you are visiting.

The downside is that if someone intercepts data packets at an intermediate point, they will know exactly where they are coming from and where they are going. Even if the data in each packet is encrypted on the HTTPS pages, the headers of the packet are not encrypted, and the sender and recipient fields (among others) are still visible.

That’s where Onion Routing comes in, which consists of sending the data by a non-direct path using different nodes. First, computer A, which wants to send the message to B, calculates a more or less random route to the destination through several intermediate nodes. Then, it gets the public keys of all of them using a node directory.

Using asymmetric encryption, computer A encrypts the message like an onion: in layers. It will first encrypt the message with the public key of the last node in the path, so that only he can decrypt it. In addition to the message, it includes (also encrypted) directions to the destination, B. This entire package, along with the directions to the last node in the list, is re-encrypted so that only the next-to-last node in the route can decrypt it.

The process is repeated until all the nodes in the route are finished. With this we have the data packet ready, so it’s time to send it. Computer A connects to the first node in the route, and sends the packet to it. This node decrypts it, and follows the instructions it has decrypted to send the rest of the packet to the next node. It will decrypt it again and send it to the next node, and so on. The data will eventually arrive at the output node, which will send the message to its destination.

This method provides much more security and privacy, as only the first and last nodes know where the message is coming from or going to. But it is not a foolproof method either, since by analyzing the times at which the packets are received and sent in each node, it could be possible to know, with a lot of time and dedication, which computers are communicating.

In addition, for the conventional user there is the inconvenience that the price to pay for privacy and security is speed, and Darknet TOR pages usually load much slower than the clearnet.