The Counter Galois Onion (CGO) Migration: Tor's Cryptographic Engine Swap
If you've ever dug into Tor's internals, you know the network is a masterpiece of practical anonymity. But like any long-running system, its crypto stack was starting to show its age.
Enter the Counter Galois Onion (CGO) Migration - one of the most significant under-the-hood upgrades Tor has seen in years.
It's a fundamental rewrite of how data is encrypted between relays. Let's break down what CGO actually does, why it matters, and how it makes Tor faster, more secure, and quantum-ready.
🧅 The Old Way: tor1 Protocol
The legacy tor1 protocol worked, but it had two major problems:
- Speed bottlenecks - The encryption modes weren't designed for parallel processing on modern CPUs.
- No built-in integrity - Some attacks (like tagging) could go undetected long enough to leak information.
CGO replaces tor1 with a thoroughly modern cryptographic framework.
⚡ 1. Galois/Counter Mode (GCM): Parallel & Authenticated
The star of the show is Galois/Counter Mode (GCM) - an authenticated encryption mode used everywhere from TLS 1.3 to AES-NI hardware instructions.
Why GCM wins:
- Parallel encryption - Counter mode allows independent 128-bit blocks to be encrypted simultaneously. On a modern CPU, that's fast.
- Built-in authentication - GCM includes a Galois hash that acts as a Message Authentication Code (MAC). If a malicious relay flips a single bit, the circuit knows immediately.
Top comments (0)