La red Tor es un grupo de servidores operados por voluntarios que permite a las personas mejorar su privacidad y seguridad en Internet. Tor's users employ this network by connecting through a series of virtual tunnels rather than making a direct connection, thus allowing both organizations and individuals to share information over public networks without compromising their privacy. De la misma forma, Tor es una herramienta effectiva para eludir la censura, permitiendo a sus usuarios acceder a destinos o contenido que de otro modo estarían bloqueados. Tor can also be used as a building block for software developers to create new communication tools with built-in privacy features.

Individuals use Tor to keep websites from tracking them and their family members, or to connect to news sites, instant messaging services, or the like when these are blocked by their local Internet providers. Tor's onion services let users publish web sites and other services without needing to reveal the location of the site. Individuals also use Tor for socially sensitive communication: chat rooms and web forums for rape and abuse survivors, or people with illnesses.

Periodistas utilizan Tor para comunicar más seguramente con denunciantes y disidentes. Non-governmental organizations (NGOs) use Tor to allow their workers to connect to their home website while they're in a foreign country, without notifying everybody nearby that they're working with that organization.

Grupos activistas como la Electronic Frontier Foundation (EFF) recomienda Tor como un mecanismo para mantener libertadas cívicas en línea. Corporations use Tor as a safe way to conduct competitive analysis, and to protect sensitive procurement patterns from eavesdroppers. They also use it to replace traditional VPNs, which reveal the exact amount and timing of communication. Which locations have employees working late? Which locations have employees consulting job-hunting websites? Which research divisions are communicating with the company's patent lawyers?

The variety of people who use Tor is actually part of what makes it so secure. Tor hides you among the other users on the network, so the more populous and diverse the user base for Tor is, the more your anonymity will be protected.

Using Tor protects you against a common form of Internet surveillance known as "traffic analysis." Traffic analysis can be used to infer who is talking to whom over a public network. Conocer el origen y el destino de su tráfico de Internet permite que otros puedan rastrear su comportamiento e intereses. This can impact your checkbook if, for example, an e-commerce site uses price discrimination based on your country or institution of origin. It can even threaten your job and physical safety by revealing who and where you are. For example, if you're travelling abroad and you connect to your employer's computers to check or send mail, you can inadvertently reveal your national origin and professional affiliation to anyone observing the network, even if the connection is encrypted.

¿Cómo funciona el análisis del tráfico?

Internet data packets have two parts: a data payload and a header used for routing. The data payload is whatever is being sent, whether that's an email message, a web page, or an audio file. Even if you encrypt the data payload of your communications, traffic analysis still reveals a great deal about what you're doing and, possibly, what you're saying. Esto se debe a que se centra en el encabezado, que revela el origen, el destino, el tamaño, el tiempo, etc.

Un problema básico para la privacidad en mente es que la recepción de sus comunicaciones pueden verse que lo envía mirando las cabeceras. Lo mismo pueden hacer intermediarios autorizados, como proveedores de servicios de Internet, y en ocasiones también intermediarios no autorizados. Un formulario muy simple del análisis del tráfico relaciona determinar donde entre remitente y receptor en la red, al mirar en las cabeceras.

But there are also more powerful kinds of traffic analysis. Algunos atacantes espían en múltiples partes de Internet y usan métodos estadísticos muy sofisticados para rastrear los patrones de comunicación de gran cantidad de organizaciones y personas. El cifrado no ayuda a luchar contra estos tipos de atacantes, ya que sólo oculta el tráfico de internet, no los usuarios.

Tor helps to reduce the risks of both simple and sophisticated traffic analysis by distributing your transactions over several places on the Internet, so no single point can link you to your destination. The idea is similar to using a twisty, hard-to-follow route in order to throw off somebody who is tailing you - and then periodically erasing your footprints. Instead of taking a direct route from source to destination, data packets on the Tor network take a random pathway through several relays that cover your tracks so no observer at any single point can tell where the data came from or where it's going.

To create a private network pathway with Tor, the user's software or client incrementally builds a circuit of encrypted connections through relays on the network. El circuito se extiende un salto a la vez, y cada repetidor a lo largo del camino sólo sabe qué circuito le proporcionó los datos y a qué repetidor le está proporcionando los datos. Ningún repetidor individual conoce jamás la ruta completa que ha tomado un paquete de datos. The client negotiates a separate set of encryption keys for each hop along the circuit to ensure that each hop can't trace these connections as they pass through.

Una vez que se ha establecido un circuito, se pueden intercambiar muchos tipos de datos y se pueden desplegar varios tipos diferentes de aplicaciones de software en la red Tor. Because each relay sees no more than one hop in the circuit, neither an eavesdropper nor a compromised relay can use traffic analysis to link the connection's source and destination. Tor only works for TCP streams and can be used by any application with SOCKS support.

For efficiency, the Tor software uses the same circuit for connections that happen within the same ten minutes or so. A las solicitudes posteriores se les da un nuevo circuito, para evitar que las personas vinculen sus acciones anteriores con las nuevas.