.Onion — The Real incognito

Image courtesy: ibtimes.co.uk

“ Everyone is a Gangster until the Real Gangster arrives! ”


The name sounds misleading, but it has the actual meaning with it. Onion Routing communicates anonymously over the Internet. It achieves it by using the free Software browser called ‘TOR’. When you make an HTTP request from a TOR browser, it bounces around various routers residing in different countries, confusing the attacker by hijacking the connections. So it is hard to find the user who has requested the particular website. Thus it provides anonymity.

To access facebook.com, Tor communicated with multiple routers and passed over different overlay networks called Relay Circuits

How does it Connect?

At first, Online routing connects to the Internet Service Provider and creates relay lists containing all the active nodes. Then, it connects to different middle nodes that finally connects to the Exit Node. Exit node will actually make the HTTP request to the servers. Let’s assume the connections are tracked, then only the last hop (Exit node) would be identified as the one who visited the website. In the above example, when Facebook was accessed, it only contacted the exit node’s IP address rather than the sender’s IP address.

Multiple Layer of Encryption

Online Routing sends messages through strong encryption for each communication, thus acquiring multiple encryption with different keys in layers. Let us assume the Client user has multiple shared keys to each node.

  1. Communicating From browser to the middle node (France). It uses k1 as the shared key to encrypt.
  2. From Middle node (France) to Middle node (Germany). It uses k2 as the shared key.
  3. Similarly, K3 uses Middle nodes (Germany and Netherland)
Image Courtesy: computerphile

The Dark Web:

Initially, these Onion routing services were used by US Naval Research to protect their US intelligence data online. Later, TOR was released as Open Source which gave birth to the Dark Web (Peer-to-Peer Network).

Image Courtesy: legitscript.com

A onion website address may look like: http://3g2upl4pq6kufc4m.onion/

Facebook provides an official onion web address to access through TOR hidden service:

It is advised not to visit some of the onion websites as it will be too horrifying and disturbing. Some of the .onion websites are considered the scariest thing on the internet.

The following information has been taken from here.

  • Black markets such as Silk Road, a platform for selling illegal drugs, and electronic components.
  • Hiring-a-Hacker is a website that hires a real hacker to attack any rivals and pay for it.



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store