Onion Requests: Layered Encryption Protocols
- Onion requests are cryptographic constructs that recursively layer encryption to enable secure, multi-relay routing and strong anonymity guarantees.
- They employ both asymmetric and symmetric key techniques—using methods like ECDH, Diffie–Hellman, and LFSRs—to construct and process onion packets.
- These protocols enhance privacy in systems such as Tor, blockchain sidechains, and file exchanges, balancing performance overhead, fault tolerance, and security.
Onion requests are cryptographic protocol constructs in which a message is recursively layered in encryption—each “layer” intended for a distinct intermediary relay node—and routed through a pre-selected sequence of relays. Each relay peels off its layer, learns minimal forwarding information, and advances the packet, so that only the final destination can fully decrypt the payload. This mechanism provides anonymity, unlinkability, and traffic-analysis resistance in diverse networked systems, including privacy overlays (Tor, I2P), blockchain sidechains, and privacy-preserving file exchange protocols.
1. Cryptographic Primitives and Formalization
Onion requests rely fundamentally on layered encryption. The primitive is generally formalized as for a security parameter (Ando et al., 2017, Ando et al., 2019, Parizi et al., 2019, Homoliak et al., 6 Oct 2025):
- generates asymmetric or symmetric key pairs for each node.
- creates an onion: a sequence of ciphertexts, each decryptable only by one relay.
- outputs, via decryption with key , either the next-hop tuple or the recovery of message .
Protocols often use additional keyed hash functions (Parizi et al., 2019) for transaction commitment and path identifiers. In advanced designs such as PoS-CoPOR (Homoliak et al., 6 Oct 2025), onion requests incorporate both public-key and symmetric encryption at each layer, with shared keys derived from an authenticated key exchange (e.g., using Diffie–Hellman and a suitable KDF).
In specialized environments such as optical transport, all-optical XOR gates and Linear Feedback Shift Registers (LFSRs) can substitute for electronic ciphers, providing physical-layer, bitwise encryption (Engelmann et al., 2016).
2. Construction and Processing of Onion Requests
The canonical process for constructing an onion request is as follows: 1. The sender selects a relay path 0. 2. For each relay 1, a per-layer encryption key 2 is produced—often via ECDH, KDF, or LFSR, depending on the context (Parizi et al., 2019, Homoliak et al., 6 Oct 2025, Engelmann et al., 2016). 3. The payload 3 is recursively wrapped in encryption layers, starting from the innermost (for 4), up to the outermost (for 5), combining the ciphertext with per-hop forwarding instructions:
6
The final onion packet is 7. 4. Each relay 8, upon receiving 9, decrypts with 0 to learn only the next address and the encrypted packet 1, and forwards as needed (Ando et al., 2017, Parizi et al., 2019, Homoliak et al., 6 Oct 2025).
In hybrid protocols, "garlic" or message bundling extends this by aggregating multiple independent user payloads as "cloves" in a single onion layer, increasing sender/receiver ambiguity and amortizing per-layer overhead (Parizi et al., 2019).
Emerging systems such as Spores utilize stateless, per-hop broadcast encryption to envelop inner headers, with multi-relay candidate sets per hop, rather than single next-hops, yielding probabilistic resilience to churn (Bosk et al., 2020).
3. Protocol Variants and System Architectures
Table: Representative Onion Request Protocols
| System/Context | Notable Feature(s) | Reference |
|---|---|---|
| Tor | 3-hop circuits, TCP overlay, distributed relays | (Ando et al., 2017, Constantinides, 27 Feb 2026) |
| PETES (GOR) | Garlic-onion bundling, blockchain sidechain | (Parizi et al., 2019) |
| DarkHorse | UDP-based, 3-hop data channels | (Azad et al., 2023) |
| Optical Onion Routing | LFSR keys, optical XOR, wire-rate privacy | (Engelmann et al., 2016) |
| PoS-CoPOR | PoS consensus, native onion integration | (Homoliak et al., 6 Oct 2025) |
| Spores | Stateless, multi-relay layers, e-squad P2P | (Bosk et al., 2020) |
Classical protocols such as those in (Ando et al., 2017, Ando et al., 2019) provide polylogarithmic robustness to active adversaries: 2 rounds and per-node onion costs, leveraging checkpoint onions for drop detection and differential privacy guarantees.
Modern blockchain frameworks (e.g., PETES/GOR, PoS-CoPOR) integrate the onion routing abstraction directly into consensus or cross-chain communication, employing two-way pegs, PAM-mediated relay selection, and commit-point triggers to couple privacy with chain-finality (Parizi et al., 2019, Homoliak et al., 6 Oct 2025).
4. Security Properties and Threat Models
The anonymity of onion requests is classically analyzed under three adversary regimes:
- Network adversary: observes all links but no internal node states.
- Passive adversary: controls up to a fraction 3 of nodes and observes their views.
- Active adversary: controls up to 4 of nodes and can drop, modify, or inject traffic.
Protocols such as (Ando et al., 2017) provide formal 5-differential privacy guarantees. For instance, the protocol 6 is 7-DP with padding probability 8 and path length 9. The adversary cannot distinguish between views that differ in a single honest user's message with probability increase over 0.
Mixing and equalizing properties (Ando et al., 2019) ensure that, after polylogarithmic rounds, the adversary's belief distribution over sender–receiver mappings is negligibly close to uniform, and that the per-recipient delivered onion counts are computationally indistinguishable across protocol runs.
Garlic bundling amplifies resistance to traffic-correlation by disrupting one-to-one timing correspondences, and increasing the size of the plausible sender/receiver set, with formal anonymity set size 1 for path length 2 in node set 3 (Parizi et al., 2019).
In applied systems, physical-layer onion routing can achieve information-theoretic secrecy provided generation polynomials and keys are truly random with at least plaintext entropy per hop (Engelmann et al., 2016).
Intersection attacks exploiting circuit determinism, as described in (Constantinides, 27 Feb 2026), target specific Tor constructs (introduction-point circuits persisting 18–24 h), achieving hop-level deanonymization with an expected number of trials determined by consensus relay weights. Countermeasures include periodic circuit rotation, randomized padding flows, and multi-path introductions.
5. Performance, Overhead, and Practical Implications
Onion request systems universally incur performance overheads:
- Latency: 4 with 5 = number of hops per path; 6 = 3–5 in low-latency overlays like Tor; 7 in provably secure, asynchronous mix protocols (Parizi et al., 2019, Ando et al., 2017, Azad et al., 2023).
- Bandwidth: Each layer adds a per-hop encryption header (e.g., 256 bytes for ECDH-based circuits); garlic bundling amortizes overhead across multiple messages (Parizi et al., 2019).
- Computation: At most 8 symmetric decryptions per hop per message, plus public-key operations for session setup; modern CPUs process 9 ECDH operations/sec (Parizi et al., 2019).
- Fault-tolerance: Polylogarithmic drop tolerance (up to 0 onions per sender per round) possible with appropriately parameterized protocols (Ando et al., 2019).
In blockchain-integrated approaches (e.g., PETES, PoS-CoPOR), onion request encapsulation modestly reduces throughput (10–15%) but confers robust resistance against targeted DoS (Homoliak et al., 6 Oct 2025). UDP-based overlays such as DarkHorse reduce end-to-end latency by up to 1 and network overhead by 47%, at the cost of increased deployment constraints and possible traffic fingerprintability (Azad et al., 2023).
Performance in physical-layer onion schemes is limited by the line rate of WDM channels, with the security/performance tradeoff governed by the number of anonymization hops and the entropy of session key choices (Engelmann et al., 2016). In P2P overlays (Spores), reliability under churn is optimized via redundant multi-candidate hop selection—tuning the candidate set threshold 2 enables high (91%) message survival at moderate header overhead (Bosk et al., 2020).
6. Measurement, Discovery, and Application Insights
Empirical measurement of onion requests reveals critical observations regarding practicality and network health. Differentially private aggregation of Tor network events indicates that only 3 of attempted onion-service circuits succeed in carrying payload, due primarily to high lookup and rendezvous failure rates. High invalid descriptor fetches (90.9%) reflect scanner activity, misconfiguration, or deprecated address use (Mani et al., 2018). This results in resource exhaustion on directories and significant stub traffic.
Onion service discovery in web contexts is dominated by centralized channels (e.g., Ahmia search index), as shown by steep drops in users’ authentic interaction with honeypot onion sites once removed from search, indicating the pivotal importance of search platforms for human-directed onion requests (Paju et al., 10 Mar 2026).
In non-web applications, such as supply chain metadata lookups (ONS), Tor-tunneled onion requests add 4 ms of median overhead (from 25 ms to 500 ms per DNS query) but achieve a measured anonymity metric 5 (ideal = 1), provided that best practices including DNSSEC, entry guards, and circuit randomization are enforced (0911.4313).
7. Cross-Application Trends and Design Implications
Onion request protocols have become integral to a diverse range of systems, including cross-chain blockchain bridges (Parizi et al., 2019), consensus-leader anonymization (Homoliak et al., 6 Oct 2025), privacy-preserving RFID lookup (0911.4313), and decentralized file transfer (Bosk et al., 2020). The trade space centers around communication cost, latency, drop resilience, and the formal strength of anonymity guarantees.
Key unifying insights include:
- Statistically provable anonymity is possible with polylogarithmic rounds and onion costs, at the price of increased latency.
- Each additional hop or garlic clove increases the anonymity set multiplicatively.
- Protocol designs that randomize forwarding, insert checkpoint onions, or fan out candidate relay sets provide scalable defense against active adversaries and network churn.
- Cross-domain robustness (e.g., blockchain, optical, P2P) is achievable provided that circuit setup and key exchange can be securely integrated.
The continuing evolution of onion request protocols is motivated by the need for scalable, composable, and formally analyzable privacy-enhancing techniques that synchronize with evolving threat models and deployment constraints (Ando et al., 2017, Ando et al., 2019, Engelmann et al., 2016, Homoliak et al., 6 Oct 2025, Bosk et al., 2020).