The History of Tor: From the US Navy to a Global Anonymity Network
Few modern technologies have a history as paradoxical as Tor. Developed by the US Navy in the 1990s to protect the communications of its agents abroad, opened to the public in 2004, it became the cornerstone of online anonymity for millions of dissidents, journalists, and ordinary citizens. Tor is today an unlikely bridge between American geopolitical interests and global digital liberation. This is the story of a technology that outgrows its creators — in the best possible sense: the US government, which still partly funds the project, simultaneously deploys all the resources of the NSA to try to weaken it in certain contexts.
⚫ This page is the storefront. The rest is elsewhere. Tor access →Military origins at the Naval Research Laboratory
Tor's history begins in the mid-1990s in a US military laboratory, the Naval Research Laboratory (NRL), one of the US Navy's leading research centers. Three researchers are working on a specific problem: how can a US intelligence agent communicate from a hostile foreign country without their traffic being identified as coming from the US government?
Paul Syverson, a mathematician, together with Michael Reed and David Goldschlag, published in 1996 the first academic papers describing the concept of "onion routing." The fundamental idea: route traffic through a sequence of intermediate relays, with each relay knowing only the previous and next hop. Messages are encrypted in successive layers, hence the onion metaphor. Each layer is decrypted by the corresponding relay, which discovers the next destination without being able to trace back to the origin.
The paradoxical reasoning underlying the project: for US agents to be truly anonymous, the system must be used by many other people with varied profiles. If only US military personnel used the network, identifying anyone on it would be equivalent to identifying a US agent. By opening the technology to the public, you create a "background noise" in which military communications become undetectable. This strategic intuition, as elegant as it is counterintuitive, lies at the heart of the decision to make Tor public.
For the first few years, development remained academic and confidential. Papers were published at cryptography conferences, prototypes were built, and tests were conducted. Initial funding came from the Navy and the DARPA (Defense Advanced Research Projects Agency), the US government agency that also funded the early internet.
Opening to the public and the birth of the Tor Project
In October 2002, a public alpha version of the Tor software was launched. The code was released under the BSD free license, allowing anyone to study, modify, and redistribute it. This was a historically significant decision: the NRL retained some rights but agreed that its invention would be open to the global research community and the general public.
In 2004, two new figures picked up the development torch. Roger Dingledine, a young MIT computer scientist, and Nick Mathewson, a talented developer, became Tor's main maintainers. They continued the technical development while thinking about the project's long-term governance. Paul Syverson remained active as a scientific contributor but gradually stepped back from operational leadership.
In December 2006, the project took an institutional form: Dingledine and Mathewson founded the Tor Project in Seattle as a 501(c)(3) nonprofit under US law. The objective was to ensure the project's longevity beyond the individuals carrying it, to be able to receive tax-deductible donations, and to structure governance. The NRL continued to support the project but was no longer its center of gravity.
The Tor Project's early years were modest. The team was small, resources limited. The network had a few hundred volunteer relays, mostly operated by computer science students and privacy activists. The Electronic Frontier Foundation (EFF) financially supported the project from its inception, joining the cypherpunk community that saw in Tor the continuation of decades of work on cryptography as a tool of empowerment.
The 2010s: explosion, Silk Road, and Snowden
The early 2010s marked a turning point for Tor. Two major events, with radically different implications, propelled the project into global media visibility.
Silk Road and the drift of uses
In February 2011, Ross Ulbricht, a young libertarian idealist, launched under the pseudonym "Dread Pirate Roberts" the first major dark web marketplace: Silk Road. Tor's hidden services, until then used by a handful of activists and researchers, suddenly became the infrastructure for a global illegal market primarily dedicated to drugs. The media attention was considerable.
This drift posed an existential challenge to the Tor Project. Its founders had imagined Tor as a tool of political empowerment; it suddenly became associated in the press with criminal activities. Roger Dingledine and the team publicly defended the tool's neutrality, stressing that the majority of uses remained legitimate. The seizure of Silk Road in October 2013 and the arrest of Ross Ulbricht partially reassured the public debate, but the reputation of the dark web as a criminal marketplace became firmly entrenched. For a complete timeline, see our article Silk Road: complete timeline.
Snowden and global recognition
In June 2013, Edward Snowden's revelations about the NSA's mass surveillance programs radically changed the public perception of Tor. Documents made public by the whistleblower showed that the NSA itself regarded Tor as a major obstacle to its surveillance capabilities. An internal presentation, titled "Tor Stinks", admitted that the agency could not deanonymize the entire network's user base, even with its considerable resources.
Paradoxically, those same documents revealed NSA attempts to compromise individual users: the "EgotisticalGiraffe" operation exploited vulnerabilities in Firefox (the base of Tor Browser) to identify specific targets. The Tor Project quickly patched the identified flaws and strengthened security audits. But the public message was clear: Tor works, even against the most powerful adversary.
Edward Snowden became one of Tor's most influential ambassadors. He publicly recommended its use, joined the board of the Freedom of the Press Foundation which develops SecureDrop, and uses Tails OS (the operating system that routes everything through Tor) himself daily. His media profile considerably accelerated the network's growth: from a few hundred thousand users in 2012 to over one million by 2014.
Attacks and repression attempts
In parallel with its growth, Tor has faced regular attacks. Several waves of international police operations have targeted criminal hidden services hosted on Tor. Operation Onymous, conducted in November 2014 by Europol and the FBI, simultaneously shut down more than 400 .onion services including Silk Road 2.0, demonstrating that hidden services are not invulnerable against targeted investigations.
In July 2017, Operation Bayonet, coordinated by the DEA, the FBI, and the Dutch police, dismantled AlphaBay (the largest dark web marketplace at the time) and secretly took over Hansa (the second largest) for a month. Authorities collected information on tens of thousands of transactions before publicly closing Hansa. This police honeypot technique would be replicated in subsequent operations.
On the technical side, the main threats to the network are traffic correlation attacks: an adversary controlling a large number of relays simultaneously can attempt to identify users by correlating entry and exit traffic patterns. The Tor Project responds with successive protocol improvements (introduction of "entry guards" in 2005, transition to v3 addresses in 2021, ongoing improvements to anti-fingerprinting defenses).
Several states officially block Tor. China has done so for more than fifteen years via its Great Firewall; Iran intensified its blocks after the 2009 protests; Russia officially blocked torproject.org in December 2021 (a block largely bypassed thanks to bridges). Belarus, Turkey, Saudi Arabia, and other countries practice intermittent restrictions. Tor responds with pluggable transports (obfs4, meek, Snowflake) that disguise Tor traffic to bypass Deep Packet Inspection systems.
Tor and global political movements
Several historic moments of the past decade have been marked by massive Tor use to bypass government censorship.
The Arab Spring of 2010–2011 saw an explosion of Tor usage in Tunisia, Egypt, and Syria, when governments cut or filtered social networks. Activists used Tor to access Twitter, Facebook, and YouTube in order to document protests and communicate with the outside world. Tor Project statistics show massive peaks in users in these countries at each political crisis.
The protests in Iran in 2022–2023, following the death of Mahsa Amini, caused the largest ever recorded increase in Iranian Tor users. The Iranian government responded with a massive block, but the Snowflake pluggable transport maintained access via ephemeral proxies operated by volunteers around the world. The Tor Project published specific guides in Persian for Iranian users.
In Russia, the official blocking of tor.org in December 2021 (reinforced after the invasion of Ukraine in February 2022) turned Tor access into a political act. Anti-war activists, independent journalists, and ordinary citizens wanting to access blocked Western media use bridges and Snowflake daily. Tor Project statistics show hundreds of thousands of Russian users despite the block.
Other, less prominent contexts have seen significant usage: Hong Kong during the 2019 protests, Belarus in 2020 after the contested election, Myanmar after the 2021 coup. Each time, Tor functioned as a democratic safety valve when ordinary digital infrastructure was compromised by those in power.
Current state of the Tor network in 2026
Thirty years after the first research papers and twenty years after the creation of the Tor Project, the network has become a stable, mature global infrastructure.
The network comprises between 7,000 and 8,000 volunteer relays in permanent operation, spread across more than 100 countries. Total available bandwidth exceeds 500 Gbit/s. The number of daily users fluctuates between 2 and 3 million, with significant spikes during political crises. France has between 15,000 and 30,000 daily users according to Tor Project measurements.
The Tor Project, as an organization, employs around sixty people. Its annual budget is approximately $5 to $7 million, funded by the US government (roughly 50% via the Open Technology Fund), philanthropic foundations (Mozilla, Ford Foundation, Open Society Foundations), and individual donations (via its annual "Take Action" campaign). Roger Dingledine and Nick Mathewson remain active in the project, as "Co-Founder, Director" and "Co-Founder, President of Research" respectively.
The ecosystem around Tor has grown considerably. SecureDrop is used by more than 80 newsrooms worldwide. Tails OS is the standard for investigative journalists. OnionShare, Ricochet Refresh, and Briar form a coherent toolkit. Major media organizations (BBC, NYT, ProPublica, Deutsche Welle) and institutions (the CIA, and paradoxically Facebook) maintain .onion versions. To explore these services, see our top 30 unusual sites.
Key figures in Tor history
Beyond the founding figures, several personalities have shaped the project.
Roger Dingledine and Nick Mathewson remain the main public figures, active in communication, research, and advocacy with governments and foundations. Paul Syverson continues his academic work on anonymity at the NRL.
Jacob Appelbaum, activist and developer, was one of Tor's most visible spokespersons in the 2010s. His departure from the project in 2016, following misconduct allegations, marked a difficult period for the community. Isis Lovecruft, cryptographer and developer, contributed to several critical components (including BridgeDB).
Shari Steele, former EFF director, led the Tor Project from 2015 to 2018, modernizing governance and organization. Isabela Bagueros succeeded her as Executive Director until 2024. Alec Muffett, a British engineer, championed Facebook's Tor integration in 2014.
On the research side, Matthew Wright, Nikita Borisov, Aaron Johnson, Nick Feamster, and many other academics have contributed to the scientific literature on network attacks and defenses, ensuring Tor evolves in step with threats.
Further reading
Tor's history is inseparable from the broader history of the dark web. Our article on the complete Silk Road timeline tells the most widely covered episode. Our pillar on 50 dark web myths debunked deconstructs common misconceptions. Our Dark Web vs Deep Web guide clarifies the technical distinctions.
To use Tor concretely today, see our guide to safely accessing the dark web and our complete Tails OS guide. Our glossary precisely defines the technical terms encountered, and our top 30 legitimate .onion sites offers a guided tour of the contemporary ecosystem.