What Is Tor? How Does It Work?
Tor nodes communicate over the same cables as everyone else. There’s no secret skein of clandestine, Darknet-web fibre that only Julian Assange has the password for. Tor also uses the same servers, the same TCP/IP protocol, and the same encryption algorithms that the normal internet uses. Tor uses misdirection as a technique to relay traffic between communicating parties.
The most common way that people access the Tor network is through the Darknet. The Tor browser looks and feels just like any other web browser that is used in the surface web. But whereas Chrome and Firefox send their internet traffic directly to the websites requested by the user, the Tor browser sends it traffic via the Tor network.
How Tor Directs Traffic over Its Network
The Tor network is a web of around 6500 or so (as of February 2019) servers called relay nodes (or just relays), all run and maintained by volunteers. Some of these volunteers are individuals; some are universities; some are companies. And even though they don’t publicize this fact, some are almost certainly government intelligence agencies and other organizations interested in attacking the Tor network. However, while this type of subterfuge is absolutely something for Tor to be concerned about, it is not a particularly existential problem. As we will see, so long as the fraction of Tor relay nodes controlled by volunteers around the globe stays low, the deep web links network remains secure.
There’s nothing special about Tor nodes or Darknet traffic. Tor nodes are just normal computers connected to the internet that run a piece of software called Tor that is used to Best Dark web Websites. This is what is called the Tor network. You can use the Tor .onion urls directories network to access the normal internet, or special .onion Sites Link that are only accessible via Tor. In this post we’re only going to look at how Tor accesses the normal internet.
Tor Uses Misdirection to Keep You Safe from Snoopers
When you visit a website using a normal web browser, your computer makes a direct TCP connection with the website’s server. Anyone tracking or monitoring your internet connection or that of the server can inspect your IP packet headers. This will lead to the discovery of the communication that is taking place between the server and you. But if you are communicating using encrypted HTTPS, the snooper will not be able to decrypt the actual content of the message.
In the case when you visit Deep Web Links and Web Sites using the Tor browser, your computer does not communicate directly to the server of the intended destination, what it does is, it constructs a twisty path which consists of three Tor nodes, and sends the traffic over these circuits. The Tor browser starts sending the data packets from the first node which is also known as the guard nodes. The guard node which is by the way is the initial node passes on the data packets to the second node. The second node is also called the middle node. The middle node sends your data on to the third (or exit) node, and finally the exit node sends your data to the website’s server. The server sends its response back to the exit node, which takes care of propagating the response back to you, via the rest of the circuit.
Tor Keeps You Safe from the Tor Networks
Tor’s definition of security is that no one (apart from the Tor end-user) is able to discover the IP addresses of both the origin and destination of a Tor circuit. If this property holds, Tor is secure, even if traffic sometimes flows through relay nodes controlled by an adversary. If traffic flows through an adversary-controlled relay, but does not help this adversary learn the IP addresses of both the origin and destination of a Tor circuit, then the Tor Foundation is grateful to the volunteer for their contribution towards network bandwidth.
Let’s See How Tor Keeps Its Users Safe from the Tor Network Itself
Let’s look at what happens when Alice uses Tor to browse topsecret.com, and consider what each node in her circuit knows about her. Alice’s first (or guard) node knows her IP address, but it has no idea who she is talking to. The guard node is not responsible for communicating directly with the topsecret.com server, and it only ever forwards Alice’s traffic to the middle node of the circuit. It has no way of knowing what the middle node does next.
The middle node knows nothing of any importance at all as it has no information of the activities that is taking place. It knows the IP address of the guard node and the exit node, but it has no idea who is on the other sides of either of them. It doesn’t know that it is transporting Alice’s traffic, and it doesn’t know that this traffic is eventually headed to topsecret.com. Finally, the exit node knows that someone (Alice) is using Tor to browse topsecret.com on the Dark net Sites Links. But since it only ever communicates with the middle node, it has no idea who this someone is.
Can’t Relay Nodes Peek On Each Other?
Suppose that Alice chooses an adversary-controlled guard node. What if this malicious guard node peaked at Alice’s traffic before forwarding it on to the middle node? What if it read the routing instructions — including the end-server’s IP address — that were only intended to be read by the nodes further down Alice’s circuit? Wouldn’t this allow the guard node to discover the IP addresses of both Alice and the server she is communicating with, thereby breaking Tor?
It would not. Tor prevents its relay nodes from snooping on each other’s instructions by wrapping its payloads in multiple layers of TLS encryption. The inventor of this approach decided that this looked a bit like the layers of an onion, and this is where the name “Tor” or the .onion Links extension came from. The analogy is a little tenuous if you ask me, but it makes for a whimsical logo.
How a Tor Circuit Is Formed
Constructing and coordinating a circuit of 3 Tor nodes requires a deft touch and a detailed protocol. When asked to construct a circuit, the Tor daemon running on your computer has to choose the 3 nodes that it wants in its circuit, ask them if they’re available, and negotiate a symmetric encryption key with each of them. Once your Tor browser has constructed a circuit, it uses this circuit for all of its traffic for the next 10 minutes, at which point it constructs a new one. It uses this new circuit for all new TCP streams, although any existing TCP streams using the old circuit stay there.
