This work addresses the threat posed by quantum computers leveraging Shor’s algorithm to execute “harvest now, decrypt later” (HNDL) attacks against current public-key cryptosystems. To counter this, the paper proposes a quantum-resistant session key establishment mechanism that splits the key into multiple shares and transmits them in parallel over distinct, ephemeral Tor circuits, enabling key reconstruction only when all shares are received by the intended recipient. This approach uniquely integrates onion routing with multi-circuit secret sharing, exploiting Tor’s anonymity to force adversaries to simultaneously de-anonymize all circuits—a significantly harder task that substantially widens the security margin. A prototype implementation, built atop Tor onion services, NEWNYM-based dynamic circuit creation, share encryption, and the Flask framework on AWS EC2, achieves average key establishment times of 13–20 seconds (with tail latencies of 7–50 seconds), 88% of which stems from inherent Tor delays, demonstrating a practical trade-off between strong privacy guarantees and acceptable responsiveness.

Public-key primitives that today anchor session-key establishment - RSA, Diffie-Hellman, and elliptic-curve cryptography - reduce to integer factorization or discrete logarithm and are therefore vulnerable to Shor's algorithm on a sufficiently capable quantum computer. The harvest-now, decrypt-later (HNDL) threat model turns this future capability into a present liability: ciphertext archived today can be decrypted retrospectively once a cryptographically relevant quantum computer becomes available. We propose a session-key establishment scheme that distributes a freshly generated key as multiple, independently encrypted fragments across distinct, ephemeral Tor circuits between an onion-service proxy and an onion-service client. Reconstruction requires every fragment; each fragment travels its own per-bundle circuit established via a NEWNYM signal. The security argument rests on the standard end-to-end correlation bound for onion routing: an adversary controlling a fraction of Tor relays must independently deanonymize every fresh circuit to correlate the fragments belonging to one session, and the per-fragment probability of success decays multiplicatively in the number of fragments. We implement the design as a Flask-based prototype on AWS EC2, with both the proxy and the client deployed as Tor onion services, and measure end-to-end key-establishment latency. The implemented prototype completes a key establishment in 13-20 s on average (7-50 s including tails), of which approximately 88% is attributable to Tor-related delay - a cost we discuss in the context of the privacy-versus-responsiveness trade-off.