A method for anonymous communications over a wide area network such as the Internet. It hides the names of the parties that are communicating as well as the data by encrypting the payload in layers, with a different encryption layer for each hop in the route. Using cooperating proxy routers throughout the network, the initiating onion router, called a "Tor client" in the Tor (The Onion Router) system, determines the path and encrypts the layers using the different public keys of each router. It also encrypts the destination for the next hop in each layer. Each router decrypts the payload with its private key, unpeeling the message like an "onion" and sending the data to the next router after the next hop is decrypted and revealed. See Tor, OnionLand Search Engine, onion domain, anonymous Web surfing and anonymous remailer.
Origin of onion-routing
- By analogy with the many layers of an onion.