Tor Network Adopts Counter Galois Onion (CGO) Encryption Algorithm

Timeline

1. 25.11.2025 19:09 1 articles · 23h ago

   Tor Network Adopts Counter Galois Onion (CGO) Encryption Algorithm

   The Tor Project has replaced the outdated tor1 relay encryption algorithm with the new Counter Galois Onion (CGO) encryption algorithm to enhance security and resilience against modern traffic-interception attacks. The CGO algorithm addresses vulnerabilities in tor1, including malleable relay encryption, partial forward secrecy, and weak authentication. The upgrade aims to protect user anonymity and data security by introducing tagging protection, immediate forward secrecy, and stronger authentication mechanisms. The Tor network, used by privacy-conscious individuals, dissidents, and journalists, relies on onion routing to ensure secure and anonymous communication. The transition to CGO is part of ongoing efforts to modernize Tor's cryptographic standards and mitigate potential covert channel attacks.

   Show sources

   • Tor switches to new Counter Galois Onion relay encryption algorithm — www.bleepingcomputer.com — 25.11.2025 19:09

   Open in new tab

Information Snippets

• Tor1 used AES-CTR encryption without hop-by-hop authentication, making it vulnerable to malleable relay encryption and tagging attacks.

  First reported: 25.11.2025 19:09
  1 source, 1 article
  Show sources

  • Tor switches to new Counter Galois Onion relay encryption algorithm — www.bleepingcomputer.com — 25.11.2025 19:09

• Tor1 reused AES keys throughout a circuit’s lifetime, compromising forward secrecy.

  First reported: 25.11.2025 19:09
  1 source, 1 article
  Show sources

  • Tor switches to new Counter Galois Onion relay encryption algorithm — www.bleepingcomputer.com — 25.11.2025 19:09

• Tor1 used a 4-byte SHA-1 digest for cell authentication, allowing a one-in-4 billion chance of cell forgery.

  First reported: 25.11.2025 19:09
  1 source, 1 article
  Show sources

  • Tor switches to new Counter Galois Onion relay encryption algorithm — www.bleepingcomputer.com — 25.11.2025 19:09

• CGO uses wide-block encryption and tag chaining to prevent tagging attacks and ensure tampering resistance.

  First reported: 25.11.2025 19:09
  1 source, 1 article
  Show sources

  • Tor switches to new Counter Galois Onion relay encryption algorithm — www.bleepingcomputer.com — 25.11.2025 19:09

• CGO updates keys after every cell, providing immediate forward secrecy.

  First reported: 25.11.2025 19:09
  1 source, 1 article
  Show sources

  • Tor switches to new Counter Galois Onion relay encryption algorithm — www.bleepingcomputer.com — 25.11.2025 19:09

• CGO replaces SHA-1 with a 16-byte authenticator for stronger authentication.

  First reported: 25.11.2025 19:09
  1 source, 1 article
  Show sources

  • Tor switches to new Counter Galois Onion relay encryption algorithm — www.bleepingcomputer.com — 25.11.2025 19:09

• CGO chains encrypted tags and initial nonces across cells to ensure circuit integrity.

  First reported: 25.11.2025 19:09
  1 source, 1 article
  Show sources

  • Tor switches to new Counter Galois Onion relay encryption algorithm — www.bleepingcomputer.com — 25.11.2025 19:09

• The integration of CGO into the Tor implementation and its Rust-based client, Arti, is underway and marked as experimental.

  First reported: 25.11.2025 19:09
  1 source, 1 article
  Show sources

  • Tor switches to new Counter Galois Onion relay encryption algorithm — www.bleepingcomputer.com — 25.11.2025 19:09