Tor replaces tor1 relay encryption with Counter Galois Onion (CGO)
Security Tool/Service
Summary
Hide ▲
Show ▼
Tor is replacing tor1 relay encryption with Counter Galois Onion (CGO), a move that strengthens circuit traffic security for Tor Browser and relay users. The update is meant to reduce exposure to traffic-interception and tagging attacks across the network. Tor is adding the new design into C Tor and Arti as an experimental feature, and users will benefit automatically once deployment is complete.
Timeline
-
25.11.2025 19:09 2 articles · 6mo ago
Tor announces CGO relay encryption replacement
Initial DisclosureTor announced Counter Galois Onion (CGO) as a replacement for tor1 relay encryption to harden Tor circuit traffic against traffic-interception and tagging attacks. The new design is built on UIV+, removes SHA-1 from relay encryption, uses a 16-byte authenticator, updates keys after every cell for immediate forward secrecy, and is being added to the C Tor implementation and Arti as an experimental feature that will roll out automatically to Tor Browser users once fully deployed.
Show sources
- Tor switches to new Counter Galois Onion relay encryption algorithm — www.bleepingcomputer.com — 25.11.2025 19:09
- Tor switches to new Counter Galois Onion relay encryption algorithm — www.bleepingcomputer.com — 25.11.2025 19:09