December 2, 2025
Crypto glow-up or crypto placebo?
Counter Galois Onion: Improved encryption for Tor circuit traffic
Tor unveils stronger 'onion' lock — cheers, quantum panic, and anonymity angst
TLDR: Tor is replacing its old relay encryption with a new design called Counter Galois Onion to better protect traffic. Comments split between cheers, quantum anxiety, and doubts about Tor’s anonymity, turning a technical upgrade into a full-on debate about the future of online privacy.
Tor just swapped out its old relay encryption (nicknamed “tor1”) for a research-backed glow-up called Counter Galois Onion, promising tougher protection for the data that bounces through its onion-like network of relays. In plain speak: your Tor traffic gets new locks and integrity checks to better fend off sneaky tampering. The official Tor blog kept it nerdy, but the comments instantly turned into a vibe check. One camp yelled “Awesome work!”, while another demanded, “Is it quantum-proof?” and a third asked the existential: “Does Tor still keep you anonymous?” Cue the drama. The typo police showed up to flag “predicatable,” sparking a mini-thread of grammar gladiators. Quantum warriors debated whether any encryption is safe when future super-computers arrive, with jokers quipping “quantum-proof my toaster.” Meanwhile, skeptics revisited the eternal Tor trust question—some claim the network’s flaws are baked in, others fired back that upgrades like CGO are exactly how privacy survives. The meme crowd blessed us with “New onion, extra layers” and “CGO? Can’t Get Owned.” Love it or doubt it, the mood is classic internet: applause, panic, and pedantry, all layered like—well—an onion.
Key Points
- •The Tor Project is replacing its legacy relay encryption algorithm (“tor1”) with Counter Galois Onion (CGO).
- •Tor relies on TLS for transport but uses specialized relay encryption for user data across multiple relays in a circuit.
- •Clients share symmetric keys with each relay and apply layered encryption so each relay removes one layer.
- •Integrity is protected using a cryptographic digest covering the cell, all previous cells in the circuit, and an additional shared secret.
- •The tor1 design uses AES-128-CTR and includes fields like a 2-byte zero and a 4-byte digest; CGO aims to address broader attacker models and support future encryption work.