What Is Tor Over VPN and How To Use It (Updated for 2023)
VPNs are vital for keeping away bad actors. They create secure tunnels to transport data from one endpoint to another. Tor is also a crucial tool in the fight against network infiltration as it promotes anonymity and safe browsing. The combination of these two security and privacy tools is what is known as Tor over VPN. In this setup, you use both of them at the same time to provide layers of security and privacy, reducing the chances of spying governments or malicious entities accessing your data.
People that use Tor over VPN are usually those who need a high level of security and confidentiality to transfer important or confidential data over the internet. They can use this setup because trading speed for more layers of security and privacy is acceptable to them. This article focuses on understanding Tor over VPN and how you can use it to secure your internet connection. Let’s dive in below!
What Is Tor?
Tor, short for The Onion Router, is an open network that anyone can use to stay anonymous online. When most people mention Tor, they mean the browser, but it can also mean the network. Tor Browser is free and open-source software that computer scientists (Roger Dingledine, Paul Syverson, and Nick Mathewson) initially developed to encourage anonymous browsing.
First publicly released in 2003, Tor uses Onion routing to prevent any entity from tracking anyone on the internet. In Onion routing, data is encrypted multiple times to make it challenging for anyone to break through the layers of protection. The Tor Project, a nonprofit research-education organization, is in charge of maintaining the Tor Browser.
How Does Tor Work?
Imagine you’re on your computer now with the Tor browser open, and you want to reach a website. Since Tor uses Onion routing, the data would have to pass through multiple onion routers before reaching its destination. Once you hit the send button, The Tor network encrypts the data X times (X represents the number of nodes between your IP address and the destination IP address). Imagine there are four nodes between the source (your computer) and destination. The Tor network will encrypt the data four times.
As data reaches the first node, the node removes a layer of encryption, masks the source IP address, and routes the data to the next node. Every node in the path knows the layer to decrypt and how to decrypt it. The first node knows your IP address, but it cannot read the data since layers of encryption protect it. Next, as the data moves to the next node, it repeats the process of decrypting, masking the IP address, and sending the data to the next node. Note that the second node only knows the IP address of the first node and the next node; it does not know the IP address of the source (your computer).
The process above continues until the final node. The final node removes the last layer of encryption and sends it to the destination IP address. Note that the last node (exit node) can read the data, but it doesn’t know the initial sender’s (your computer) IP address. When the destination IP address sends a reply to your message, the reverse happens. Each node adds a layer of encryption as the data passes through them until it reaches your computer.
What is a VPN?
A Virtual Private Network (VPN) protects an open network on the internet using end-to-end encryption. It does this by creating a secure virtual tunnel between two endpoints. When you use a VPN application, you are connecting to a VPN server in a remote location. This allows it to mask your IP address (replaces it with that of the VPN server so the destination address cannot see your IP address), protecting you from bad actors and spying governments. Asides from protecting you from malicious entities, VPNs have other purposes, including bypassing geo-restrictions and internet censorship.
What Is Tor Over VPN and How Does It Work?
Due to the fact that nothing can be a hundred percent secure, information security researchers and professionals always recommend having several layers of security to reduce the chances of data exposure. Using a VPN does not guarantee absolute security, neither does the Tor network.
The main issue with Tor is that before internet traffic enters the entry node or leaves the final node (exit node) for its destination, there is no layer of encryption protecting it. Thus, there is the possibility of a malicious entity monitoring communication to those nodes compromising them to gain access to traffic that passes through them. In addition, VPNs are not without their issues. One is that they have access to every traffic that passes through their servers. Therefore, if you happen to use a VPN that is not trustworthy or connect to a malicious VPN server, you are also at risk of data exposure.
Tor over VPN is when you use both a VPN and Tor at the same time. Firstly, you connect to a VPN server, and then you use the Tor browser. Since a VPN provides end-to-end protection, it protects the connection between your device and the Tor entry node. This prevents anyone monitoring the Tor entry node from seeing your IP address since the VPN masks it.
At the same time, it prevents the VPN server from monitoring your connection since Tor uses Onion routing (multiple encryption layers) to move data from origin to destination. In addition, it prevents your Internet Service Provider (ISP) from seeing that you’re using Tor or a VPN (in cases of VPNs with obfuscation technology). However, data still leaves the Tor exit node unencrypted, leaving you vulnerable to exit node attacks.
Using Tor Over VPN
There are two ways you can use Tor over VPN. One way is to use a VPN service that has built-in support for the Onion network. Such VPN services have special Tor over VPN servers besides their regular servers. Once you connect to a Tor over VPN server, the VPN routes all your data through the Onion network automatically; you don’t need to use the Tor Browser.
On the other hand, the other way you can use Tor over VPN is to download the Tor Browser and use it after downloading, installing, and connecting to a VPN. Both methods achieve the same result. Most people just prefer connecting to a Tor over VPN server without needing to download the Tor Browser.
Benefits of Using Tor Over VPN
Tor over VPN gives you layers of security, making it significantly harder for bad actors to access data in transit. Below, we look at the benefits of using Tor over VPN.
1. Double Protection
With Tor over VPN, you have an extra layer of security and privacy. Tor encrypts traffic multiple times before it reaches its destination, and a VPN creates a tunnel that provides end-to-end encryption between two endpoints. Combining these two technologies makes it challenging for malicious entities to break through the security and privacy layers.
2. Tor Entry Node Protection
Hackers can attack a Tor entry node if they know that’s the node that your data passes through first. When you use a VPN, even if malicious entities compromise the Tor entry node, the VPN has already masked your IP address and protects you from an IP address trace. In addition, before your data reaches the VPN server, the VPN and Tor clients encrypt it twice, preventing the Tor entry node from reading the data.
3. Access to Websites on the Onion Network
Websites on the onion network end with “.onion,” and no one can access such sites outside the onion network. When you use Tor over VPN, you have access to sites on the onion network in addition to websites outside it, depending on how you set it up.
4. Your ISP or VPN Cannot See Your Traffic
Tor over VPN prevents your Internet Service Provider from seeing your traffic or discovering you’re using the Tor network. VPNs that cannot see websites you visit cannot log your connection details. This is especially important if bad actors compromise or own a VPN server you are using.
Disadvantages of Using Tor Over VPN
Combining Tor over VPN can give you a double layer of security and privacy. However, it is not without its disadvantages. These include:
1. Speed Reduction
The biggest drawback to using Tor over VPN is the speed reduction that comes along. Usually, using either a VPN or Tor comes with a speed reduction. Now, combining both of them will significantly affect the speed of your connection. Only use Tor over VPN if you’re ready to sacrifice speed for more layers of security and privacy.
2. Tor Exit Node Vulnerability
Using Tor over VPN does not eliminate the threat that unprotected Tor exit nodes harbor; your data is vulnerable to Tor exit node attacks. In addition, websites can see that you’re using Tor. As a result, you will not have access to sites that block inbound traffic from the Tor network.
3. Tor Only Supports TCP
Tor does not support using UDP to move data through its network. This is because UDP is not as secure as TCP and is not compatible with cryptographic protocols Tor uses. Therefore, using Tor over VPN is a bad idea if you have any application that supports only UDP or UDP-based protocols.
Tor Over VPN Vs. VPN Over Tor
There are two ways you can use a VPN with Tor: Tor over VPN and VPN over Tor. We have discussed extensively the former, but the latter is another combination that some people prefer. So, what is the difference between Tor over VPN and VPN over Tor? VPN over Tor is when you set up a VPN connection between the Tor exit node and your data’s final destination.
VPN over Tor is advantageous when the destination website does not allow inbound connections from the Tor network, so having a VPN connection after the Tor exit node allows the data to pass through the VPN server before it reaches the website. Compared to Tor over VPN, it is significantly harder to set up, and there are not many VPN service providers that support it.
Tor over VPN masks your IP address, preventing the Tor entry node from seeing it but leaves your data vulnerable to Tor exit node attacks. On the other hand, VPN over Tor protects your data from exit node attacks but leaves you vulnerable to IP address tracing as the Tor entry node knows your IP address. In addition, with Tor over VPN, you can access regular websites and websites on the Tor network, while using VPN over Tor does not give you access to .onion websites.
Tor over VPN can seem unnecessary if you’re not passing sensitive information through the internet. For example, journalists, whistleblowers, and political activists sending sensitive information can use Tor over VPN to hide their identities and protect data in transit. However, everyday internet users can use it if they don’t care about the speed reduction that accompanies the Tor over VPN setup.