Tor is a low-latency communication service, meaning that the delays in the network sessions are minor for most users. The system provides a reasonable trade-off between anonymity, usability, and efficiency. The latency is due to the mode of operation. Regular internet connections follow the shortest, fastest, and most efficient route when transferring network packages, depending on the algorithm. Internet users do not have to worry about this since Internet Service Providers (ISPs) deal with delivering the internet packets most effectively.
A Tor network follows a different approach. It creates a private network pathway, a circuit. Starting with the end-user, the network packets follow different hops, called relays, until the final hop of the circuit, the exit relay. Exit relays will then transmit the request to the destination (e.g., the user wants to browse). All connections between the first relay and the exit relay are encrypted, and each relay along the way knows only the previous and the next hop. No one knows the complete pathway in this architecture, except attacks that reveal some of them.
The following figures visualize this process for clarity.
In Figure 1, a simple Tor network layout is represented. The target servers are on the right-hand side, the Tor nodes (relays) are in the middle, and the client and Tor Directory are on the left. In the first step, a client who wants to join the Tor network sends an encrypted request to the Tor Directory to get a list of available Tor nodes. Once he receives the list, the client is ready to initiate connections with those relays in the internet cloud.
In the second step (Figure 2), the client picks a random path to the destination, Server 1 in this example. Note that all network connections between the client and the last relay (exit node) are encrypted, except the Exit Relay and Server 1. This happens when the client wants to connect to unencrypted services such as HTTP websites. Suppose the client sends a request to an HTTPS website, like https:1/ccdcoe.orq./ then, the entire chain would be encrypted. However, encrypted connections can also leak sensitive information, depending on the implementation of the web service. This topic will be elaborated on later.
In another example (Figure 3), the client wants to establish a new connection to a different server, Server 2. In this case, Tor provides a different route to the destination to prevent potential correlation attacks. Different attack vectors are discussed in detail below.
There are other ways to benefit from Tor as well, such as Hidden Services. In Hidden Services, the traffic does not go out from Tor relays but stays inside.