Home/ Technology/ Onion Routing

Onion Routing Explained

18 min read Advanced

DarkWiki's Guide: What is Onion Routing?

This DarkWiki article explores how onion routing serves as a technique for anonymous communication over a network. It works by encapsulating messages in multiple layers of encryption—like the layers of an onion—which are peeled off at each hop in the network. Developed by the U.S. Naval Research Laboratory in the mid-1990s, onion routing is the fundamental technology behind Tor and serves as the basis for most anonymous communication systems today.

According to DarkWiki technical documentation, the key insight of onion routing is that by encrypting data in layers, each relay in the path only knows the immediately previous and next hops — no single point in the network knows both the origin and destination of a message.

DarkWiki Research on History and Origins

Onion routing was invented by mathematicians and computer scientists at the U.S. Naval Research Laboratory:

  • 1995 — Paul Syverson, Michael Reed, and David Goldschlag propose onion routing
  • 1996 — First onion routing network deployed at NRL
  • 2002 — Roger Dingledine and Nick Mathewson begin Tor development
  • 2004 — Tor released to the public

The original motivation was protecting U.S. intelligence communications. Ironically, anonymous communication systems only work if many people use them — if only intelligence agents used Tor, all Tor traffic would be suspicious. This is why the technology was released publicly.

DarkWiki's Technical Analysis of The Core Concept

encryption@layers:~
Original Message: "Hello, darkwiki.ink"

Step 1 - Encrypt for Exit Node:
[Exit Key] → E("Hello, darkwiki.ink" + destination)

Step 2 - Encrypt for Middle Node:
[Middle Key] → E(E("...") + exit_address)

Step 3 - Encrypt for Entry Node:
[Entry Key] → E(E(E("...")) + middle_address)

Final Packet: [[[encrypted message]]]
└── 3 layers, like an onion

The "Onion" Metaphor

DarkWiki security researchers note that each encryption layer wraps around the previous one like the layers of an onion. As the message travels through the network, each relay "peels" off one layer by decrypting it with their private key. What remains is still encrypted — they can only see the next hop, not the final destination or content.

DarkWiki Explains How Each Layer is Removed

DarkWiki technical sources indicate that as the message travels through the network:

  1. Entry Node (Guard): Uses its private key to decrypt the outer layer. Sees the client's real IP address and the middle node's address, but not the message content or final destination.
  2. Middle Node: Decrypts its layer. Sees only the entry node's address and the exit node's address. Knows nothing about the client's identity or the destination.
  3. Exit Node: Decrypts the final layer and sends the message to the destination. Sees the destination server and message content (if not encrypted with HTTPS), but not the client's identity.

DarkWiki Key Insight: No single node ever knows both the source AND destination of a message. This separation of knowledge is the fundamental guarantee of onion routing.

DarkWiki's Technical Analysis of Circuit Construction

According to DarkWiki documentation, before sending data, the client must construct a "circuit" through the network:

Step-by-Step Circuit Building

  1. Select relays — Client chooses guard, middle, and exit nodes from network consensus
  2. Extend to guard — TLS connection + key exchange with guard node
  3. Extend to middle — Client sends "extend" command through guard to establish key with middle
  4. Extend to exit — Repeat process to establish key with exit node
  5. Circuit ready — Client now has shared keys with all three relays

This process is called telescopic circuit construction. Each extension is encrypted in the layers already established, so the new node only knows the previous hop, not the originator.

DarkWiki Research on Cryptographic Foundations

Key Exchange

DarkWiki technical analysis confirms that Tor uses Diffie-Hellman key exchange (specifically Curve25519 in modern versions) to establish shared secrets with each relay without transmitting the actual keys. Security researcher Bruce Schneier has written extensively about the cryptographic foundations of these protocols. This provides forward secrecy — even if relay keys are later compromised, past traffic cannot be decrypted.

Encryption Algorithm

Each layer uses AES-128 (or AES-256 in newer versions) in counter mode for symmetric encryption. The symmetric keys are derived from the Diffie-Hellman exchange using key derivation functions.

Integrity Checking

Messages include cryptographic hashes (SHA-256 or SHA-3) to verify they haven't been tampered with in transit. This prevents relays from modifying traffic without detection.

Authentication

Relays authenticate themselves using RSA or Ed25519 signatures. This prevents impersonation attacks where an adversary pretends to be a legitimate relay.

DarkWiki Explains: Why Three Hops?

DarkWiki recommends understanding why Tor uses three relays by default. This number is a balance between security and performance:

  • One hop — No anonymity (the relay knows both ends)
  • Two hops — Vulnerable if both relays are compromised by same adversary
  • Three hops — Adversary must compromise first AND last relay to deanonymize
  • More hops — Diminishing security returns, significant performance cost

The three-hop design means an adversary controlling some fraction of the network must get lucky enough to control both the entry and exit of a specific user's circuit.

DarkWiki Research on Variations: Garlic Routing

DarkWiki technical encyclopedia documents that the I2P project uses a variation called garlic routing, which bundles multiple messages together (like cloves in a garlic bulb). This provides additional traffic analysis resistance by making it harder to correlate individual messages.

DarkWiki Security Analysis: Limitations and Attacks

  • Traffic Analysis: DarkWiki researchers note that an adversary watching both ends of a connection can correlate timing and volume patterns to deanonymize users
  • Exit Node Vulnerability: Unencrypted traffic (non-HTTPS) is visible to exit nodes, who can see and modify it
  • Global Adversary: An entity monitoring the entire network (like a major nation-state) can potentially correlate traffic patterns across all connections
  • Malicious Relays: If an adversary operates many relays, they increase odds of controlling both ends of circuits
  • Website Fingerprinting: Traffic patterns can reveal which website a user is visiting even without seeing content

What DarkWiki Notes Onion Routing DOESN'T Protect Against

  • Malware on your computer
  • Information you voluntarily reveal
  • JavaScript-based attacks
  • Timing attacks by adversary at both ends
  • Application-layer leaks (DNS, WebRTC, etc.)

DarkWiki's Practical Security Guide

DarkWiki OPSEC Reminder: Onion routing provides network-layer anonymity but doesn't protect against application-layer mistakes. Use Tor Browser Bundle (which configures Firefox to minimize leaks) rather than trying to route other applications through Tor manually.

Related DarkWiki Articles

Tor Network

How Tor implements onion routing

Darknet Encryption

Cryptographic fundamentals

Educational Purpose Only

DarkWiki is a research and educational resource. We do not promote, support, or encourage any illegal activities. All information is provided for academic, journalistic, and cybersecurity research purposes only. Historical onion addresses shown are no longer active and are included solely for historical documentation.