Ethical Hacking News
The Tor network has upgraded its encryption algorithm to Counter Galois Onion (CGO) to boost security and address vulnerabilities that threatened user anonymity. The change marks an important step forward for online privacy and protection.
The Tor network is switching from tor1 relay encryption algorithm to Counter Galois Onion (CGO) for enhanced security.The change aims to address modern traffic-interception attacks, which can compromise data security and user anonymity.The new CGO system uses wide-block encryption and tag chaining to prevent tampering resistance loss across cells in the circuit.CGO updates keys after every cell, ensuring past traffic cannot be decrypted even if current keys are exposed.The implementation of CGO is underway, with a timeline for deployment not yet confirmed.
The Tor network has been a cornerstone of online anonymity for decades, providing users with a secure and private way to browse the internet. However, as technology advances, so too do the threats to this critical infrastructure. In response to these evolving threats, the Tor project has taken significant steps to improve the security and resilience of its network.
In November 2025, it was announced that the Tor network would be switching from the old tor1 relay encryption algorithm to a new design called Counter Galois Onion (CGO). This move is designed to address several key security concerns that have been identified with the current system.
One of the primary reasons for this change is the threat posed by modern traffic-interception attacks. These types of attacks can compromise data security and undermine user anonymity, making it essential to implement a more robust encryption algorithm. The tor1 relay encryption algorithm, which has been in use since 2014, was developed at a time when cryptography was less advanced than today.
While the tor1 design is adequate for its original purpose, it has several limitations that make it vulnerable to certain types of attacks. For example, the use of AES-CTR encryption without hop-by-hop authentication leads to malleable relay encryption, allowing attackers to modify traffic between relays they control and observe predictable changes. Additionally, the tor1 design reuses the same AES keys throughout a circuit’s lifetime, enabling decryption in the event of key theft.
Furthermore, the tor1 system uses a 4-byte SHA-1 digest for cell authentication, giving attackers a one-in-4 billion probability to forge a cell without being detected. While this may seem like an extremely low risk, it highlights the need for improved security measures.
In contrast, the new CGO encryption algorithm is designed to address these issues and provide enhanced security. It is built on a Rugged Pseudorandom Permutation (RPRP) construction called UIV+, which has been verified to meet specific security requirements, including protection against "tagging resistance, immediate forward secrecy, longer authentication tags, limited bandwidth overhead, relatively efficient operation, and modernized cryptography."
The CGO system improves on several key aspects of the tor1 design. For instance, it uses wide-block encryption and tag chaining, making any modification to the cell unrecoverable for attackers. This ensures that tampering resistance is maintained across all cells in the circuit.
Furthermore, CGO updates keys after every cell, ensuring that past traffic cannot be decrypted even if current keys are exposed. It also removes SHA-1 from relay encryption entirely and uses a 16-byte authenticator, which provides stronger authentication than the old system.
The implementation of CGO into the C Tor implementation and its Rust-based client, Arti, is currently underway. However, it is marked as experimental until further work is completed, including the addition of onion service negotiation and performance optimizations.
For users of the Tor Browser, the change will happen automatically once the new system can be fully deployed. While a timeline for when this will occur has not been provided, rest assured that the Tor team is committed to ensuring that security remains at the forefront of all their development efforts.
In conclusion, the switch from tor1 to CGO represents an important step forward in enhancing the security and resilience of the Tor network. By adopting a more modern and robust encryption algorithm, users can enjoy greater protection against threats to their online anonymity. As the landscape of cybersecurity continues to evolve, it is crucial that critical infrastructure like the Tor network remains vigilant and proactive in addressing emerging challenges.
Related Information:
https://www.ethicalhackingnews.com/articles/Tor-Network-Overhauls-Encryption-Algorithm-to-Enhance-Security-ehn.shtml
https://www.bleepingcomputer.com/news/security/tor-switches-to-new-counter-galois-onion-relay-encryption-algorithm/
https://blog.torproject.org/introducing-cgo/
Published: Tue Nov 25 11:43:06 2025 by llama3.2 3B Q4_K_M
