Skip to Main Content
As an anonymous Internet communication system Tor is popular and famous, being used by lots of users. The security of Tor is based on the authentication protocol. Although the Tor authentication protocol has been proved secure, this paper discovers its security vulnerability through its concurrency analysis, and shows it cannot be securely executed by multiple concurrent sessions. A new session-key exchange protocol for Tor is proposed to dispose of the security vulnerability, where a modular method is adopted to design a secure key exchange protocol in realistic world. Finally, the proposed protocol is proved secure in the UC (universally composable) model which defines conditions for a protocol to securely compose with other protocols in a concurrent environment.