Onion Encryption Revisited: Relations Among Security Notions

Daichong Chao; Liehuang Zhu; Dawei Xu; Tong Wu; Chuan Zhang; Fuchun Guo

Paper 2025/676

Onion Encryption Revisited: Relations Among Security Notions

Daichong Chao, Beijing Institute of Technology

Liehuang Zhu, Beijing Institute of Technology

Dawei Xu, Beijing Institute of Technology

Tong Wu, University of Science and Technology Beijing

Chuan Zhang, Beijing Institute of Technology

Fuchun Guo, University of Wollongong

Abstract

This paper compares the relative strengths of prominent security notions for onion encryption within the Tor setting, specifically focusing on CircuitHiding (EUROCRYPT 2018, an anonymity flavor notion) and OnionAE (PETS 2018, a stateful authenticated encryption flavor notion). Although both are state-of-the-art, Tor-specific notions, they have exhibited different definitional choices, along with variations in complexity and usability. By employing an indirect approach, we compare them using a set of onion layer-centric notions: IND-CPA, IPR/IPR, and INT-sfCTXT, to compare with the two, respectively. Since the same notion set that implies OnionAE does not imply CircuitHiding, and vice versa, this leads to the conclusion that OnionAE and CircuitHiding are mutually separable. Therefore, neither notion fully expresses satisfactory security on its own. Importantly, IND-CPA, IPR (a stronger variant of IPR), and INT-sfCTXT collectively and strictly imply OnionAE and CircuitHiding. Given their onion layer-centric and thus simpler nature, this provides a practical approach to simultaneously satisfying CircuitHiding and OnionAE. While the formal treatment of (general) public-key onion routing has been relatively well-studied, formal treatment tailored to Tor remains insufficient, and thus our work narrows this gap.

Note: Correction of Author Information

Metadata

Available format(s): PDF
Category: Cryptographic protocols
Publication info: Preprint.
Keywords: Onion encryption Tor Onion routing Anonymity Notion relationship
Contact author(s): chaodaichong @ 163 com
liehuangz @ bit edu cn
xudw @ ccu edu cn
tongw @ ustb edu cn
chuanz @ bit edu cn
fuchun @ uow edu au
History: 2025-04-16: revised; 2025-04-15: received; See all versions
Short URL: https://ia.cr/2025/676
License: CC BY

BibTeX

@misc{cryptoeprint:2025/676,
      author = {Daichong Chao and Liehuang Zhu and Dawei Xu and Tong Wu and Chuan Zhang and Fuchun Guo},
      title = {Onion Encryption Revisited: Relations Among Security Notions},
      howpublished = {Cryptology {ePrint} Archive, Paper 2025/676},
      year = {2025},
      url = {https://eprint.iacr.org/2025/676}
}