How does Tor work, technically?
Tor is more than 'a slower VPN.' It's a fundamentally different anonymity model — three random relays, layered encryption, and no single point of trust. Here's exactly what happens when you load a page through Tor.
Tor is the strongest anonymity tool the public internet has. Activists, journalists, whistleblowers, and curious users have relied on it for over twenty years. It's free, open source, and free of the trust problems VPNs have — by design, no single party knows both who you are and what you're doing.
But Tor is also one of the more misunderstood pieces of internet infrastructure. People conflate it with "a free VPN" or "the dark web." It's neither. It's a specific cryptographic system with specific guarantees and limits.
Here's the technical version.
The two-line summary
Tor routes your traffic through three random volunteer-run relays around the world. Each relay decrypts one layer of an "onion" of nested encryption, knowing only the previous hop and the next — never both. By the time the traffic exits the network, no single observer can tie it back to you.
Hence "The Onion Router."
The setup: three relays
Every Tor circuit consists of three relays:
- Guard (entry) relay. The first hop. Knows your real IP. Doesn't know what you're requesting or where it's going (only sees encrypted blob → middle relay).
- Middle relay. The second hop. Knows nothing about you. Knows nothing about what you're requesting. Just shuffles encrypted blobs between guard and exit.
- Exit relay. The final hop. Knows what you're requesting (the destination URL). Doesn't know who you are — sees only the middle relay.
The cryptographic property: no single relay sees both your identity and your traffic content. To deanonymize you, an attacker would need to control both the guard and the exit relay, and correlate timing — a hard, expensive attack that the Tor project has spent two decades hardening against.
The handshake
When you start Tor, your client picks three relays from the public Tor consensus (a list of currently-running relays, signed by the Tor directory authorities). Then, in sequence:
- Build a TLS-like channel to the guard. Negotiate keys.
- Through the guard, build an encrypted channel to the middle. The guard relays packets but can't read what's inside (it's encrypted to the middle).
- Through the middle, build an encrypted channel to the exit. The middle relays packets but can't read them (encrypted to the exit).
Now your client has three layers of nested encryption — like an onion. To send a request:
1. Encrypt request to exit.
2. Wrap that ciphertext, encrypt to middle.
3. Wrap again, encrypt to guard.
4. Send to guard.
The guard peels off its layer, sees a ciphertext addressed to middle. Sends to middle. Middle peels off its layer, sees a ciphertext addressed to exit. Sends to exit. Exit peels off its layer, sees the original request. Sends to the destination on the regular internet.
The reply travels back through the same circuit, encrypting at each hop.
Why three relays specifically
Two relays would still leak: the entry sees your IP, the exit sees your traffic, and they could collude to deanonymize you. With three:
- Entry sees your IP, has no idea what you're doing.
- Middle sees neither — it's a pure relay between two encrypted channels.
- Exit sees what you're doing, has no idea who you are.
To break the system, an attacker needs to control both the guard and the exit relay you happened to pick — out of thousands of relays. Possible at scale (well-resourced national adversaries try this), but expensive and unreliable.
Circuit rotation
Tor doesn't use the same three relays forever. By default:
- Guard relays are sticky — your client picks a small set of guards and uses them for weeks. (Frequent guard rotation makes you easier to deanonymize via repeated sampling, paradoxically.)
- Middle and exit relays rotate every 10 minutes for a given destination. New circuits are built constantly.
- Different destinations get different circuits. Loading two unrelated sites through Tor doesn't go through the same exit, so the exits can't correlate your activity.
This is why Tor feels slow — every new circuit needs a fresh build, and circuits are built for new destinations as you click around.
Hidden services (.onion)
Tor's most distinctive feature: hidden services, accessible only via .onion addresses.
A hidden service:
- Runs on a server somewhere — could be anywhere.
- The server connects outbound to Tor (no inbound connections; never reveals its IP).
- The service publishes a "rendezvous point" address to a Tor directory.
- Clients connecting to the .onion address negotiate a meeting at the rendezvous point.
- Both client and server are anonymous to each other and to the network.
This is why the "dark web" can host services that are hard to take down: the operators are anonymous from the protocol up. (Of course, operational security mistakes — leaked server logs, careless real-world ties — have brought down many high-profile hidden services. The protocol is hard to break; humans are easier.)
Most major news sites, including the New York Times and BBC, run .onion mirrors for users in censored regions.
What Tor protects against
- Network observers (your ISP, the cafe Wi-Fi, your government): can see you're using Tor (handshake to a known guard relay), can't see what you're doing.
- Destination websites: see only the exit relay's IP, not yours.
- Casual logging and tracking: your IP rotates per circuit, no cookies persist between Tor Browser sessions, no JavaScript fingerprinting (the browser disables most of it).
What Tor doesn't protect against
- You logging into accounts. If you sign into Gmail through Tor, Google still knows it's you. Tor anonymizes the network layer, not the application layer.
- Browser fingerprinting via JS (mostly mitigated in Tor Browser, but not 100%).
- End-to-end correlation attacks — if an attacker watches both the entry guard and the exit relay you happen to use, plus has timing data, they can sometimes correlate. This is the "global passive adversary" problem.
- Malicious exit relays — exits can read your unencrypted traffic. Always use HTTPS through Tor. With HTTPS, the exit sees only ciphertext.
- Endpoint compromise. If your machine is owned, no amount of Tor helps.
- Operational security mistakes — sharing identifying details, downloading documents that phone home, etc.
Performance reality
Tor is slow. Always. Three random hops, often spanning multiple continents, plus encryption overhead:
- Page loads: 5–30 seconds.
- Streaming video: usually unwatchable.
- Real-time apps: unworkable.
- Latency: 200ms–2 seconds.
For simple browsing, it's tolerable. For anything performance-sensitive, it's not.
This is the unavoidable tradeoff. Anonymity through three random global hops can't be fast.
Bridges and pluggable transports
In countries that block Tor by recognizing its handshake, bridges offer entry points. These are unlisted relays whose IPs aren't in the public consensus.
Pluggable transports disguise Tor traffic to look like other protocols (Skype, regular HTTPS) so deep-packet-inspection censors can't easily block it. obfs4, meek, and snowflake are the main ones. They make Tor usable in heavily censored networks.
How Tor differs from a VPN
| Feature | VPN | Tor |
|---|---|---|
| Hops | One (to VPN server) | Three (to exit, plus circuit setup) |
| Trust required in | One company (the provider) | None — distributed across thousands of volunteers |
| Speed | Fast (10–30% slower) | Slow (5x–10x slower) |
| Anonymity | Trust the provider's no-logs | Mathematically anonymous if relays diverse |
| Cost | $3–12/month | Free |
| Hidden services | No | Yes (.onion) |
| Country choice | Yes | Effectively yes (exits in many countries) |
For most users wanting privacy, a VPN is enough. For users wanting anonymity — especially against well-resourced adversaries — Tor is the right tool.
Quick FAQ
Can the FBI / NSA / GCHQ break Tor? Probably not at scale, but they've attacked specific high-value targets via timing correlation, malware planted on exit nodes, and compromise of underlying browser bugs. Tor protects against passive observation; targeted attacks are a different story.
Is Tor only for criminals? No. The largest user populations are journalists, activists, citizens of censoring countries, and people who simply value privacy. Criminals are a noisy minority.
Can I run a Tor relay? Yes — the project welcomes it. Guard and middle relays can run on any reasonably-stable server. Exit relays are more legally complex (you'll see traffic with your IP attached), so people typically run them as projects of organizations rather than individuals.
Why doesn't every privacy person use Tor? Speed. Tor is genuinely slow. For everyday use, a quality VPN gives 95% of the privacy at 10% of the latency cost. Tor is reserved for situations where anonymity, not just privacy, is the goal.
What about Tor over VPN, or VPN over Tor? Both are possible, both add complexity, both have edge cases. For the threat models that benefit from one of them, you probably know which you need. For others, just use Tor Browser as-is.
TL;DR
- Tor encrypts your traffic in three nested layers and routes it through three random relays.
- No single relay knows both your identity and your destination.
- This gives strong anonymity at the cost of performance.
- Best for journalism, activism, censorship circumvention, and serious privacy needs — not everyday browsing.
- For "I want privacy from advertisers," use a VPN. For "I want my activity to be unlinkable to me," use Tor.
Twenty-plus years later, Tor remains one of the most genuinely impressive privacy tools the open internet has produced.