Abstract
Tor is one of the most widely used privacy enhancing technologies for achieving online anonymity and resisting censorship. While conventional wisdom dictates that the level of anonymity offered by Tor increases as its user base grows, the most significant obstacle to Tor adoption continues to be its slow performance. We seek to enhance Tor’s performance by offering techniques to control congestion and improve flow control, thereby reducing unnecessary delays.
To reduce congestion, we first evaluate small fixed-size circuit windows and a dynamic circuit window that adaptively re-sizes in response to perceived congestion. While these solutions improve web page response times and require modification only to exit routers, they generally offer poor flow control and slower downloads relative to Tor’s current design. To improve flow control while reducing congestion, we implement N23, an ATM-style per-link algorithm that allows Tor routers to explicitly cap their queue lengths and signal congestion via back-pressure. Our results show that N23 offers better congestion and flow control, resulting in improved web page response times and faster page loads compared to Tor’s current design and other window-based approaches. We also argue that our proposals do not enable any new attacks on Tor users’ privacy.
Keywords
- Asynchronous Transfer Mode
- Download Time
- Asynchronous Transfer Mode Network
- Exit Router
- Bandwidth Bottleneck
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Bauer, K., McCoy, D., Grunwald, D., Kohno, T., Sicker, D.: Low-resource routing attacks against Tor. In: Proceedings of the Workshop on Privacy in the Electronic Society (WPES 2007), Washington, DC, USA (October 2007)
Bauer, K., Sherr, M., McCoy, D., Grunwald, D.: ExperimenTor: A testbed for safe and realistic Tor experimentation. Technical Report CACR 2011-12 (May 2011), http://www.cacr.math.uwaterloo.ca/techreports/2011/cacr2011-12.pdf
Brakmo, L.S., O’Malley, S.W., Peterson, L.L.: TCP Vegas: New techniques for congestion detection and avoidance. In: Proceedings of the Conference on Communications Architectures, Protocols and Applications, SIGCOMM 1994, pp. 24–35. ACM, New York (1994)
Chen, F., Perry, M.: Improving Tor path selection (July 2008), https://gitweb.torproject.org/torspec.git/blob_plain/HEAD:/proposals/151-path-selection-improvements.txt
Dhungel, P., Steiner, M., Rimac, I., Hilt, V., Ross, K.W.: Waiting for anonymity: Understanding delays in the Tor overlay. In: Peer-to-Peer Computin. IEEE, Los Alamitos (2010)
Dingledine, R.: Prop 168: Reduce default circuit window (August 2009), https://gitweb.torproject.org/torspec.git/blob_plain/HEAD:/proposals/168-reduce-circwindow.txt
Dingledine, R.: Research problem: adaptive throttling of Tor clients by entry guards (September 2010), https://blog.torproject.org/blog/research-problem-adaptive-hrottling-tor-clients-entry-guards
Dingledine, R., Mathewson, N.: Anonymity loves company: Usability and the network effect. In: Workshop on the Economics of Information Security (June 2006)
Dingledine, R., Mathewson, N.: Tor Protocol Specificiation (2010), https://gitweb.torproject.org/tor.git/blob_plain/HEAD:/doc/spec/tor-spec.txt
Dingledine, R., Mathewson, N., Syverson, P.: Tor: The second-generation onion router. In: Proceedings of the 13th USENIX Security Symposium (August 2004)
Dingledine, R., Murdoch, S.: Performance improvements on Tor or, why Tor is slow and what we’re going to do about it (March 2009), http://www.torproject.org/press/presskit/2009-03-11-performance.pdf
Evans, N., Dingledine, R., Grothoff, C.: A practical congestion attack on Tor using long paths. In: Proceedings of the 18th USENIX Security Symposium (2009)
Goldberg, I.: Prop 174: Optimistic data for Tor: Server side, https://trac.torproject.org/projects/tor/ticket/1795
Goldschlag, D.M., Reed, M.G., Syverson, P.F.: Hiding routing information. In: Proceedings of Information Hiding: First International Workshop (May 1996)
Hopper, N., Vasserman, E.Y., Chan-Tin, E.: How much anonymity does network latency leak? In: Proceedings of ACM CCS (October 2007)
Jain, R.: Congestion control and traffic management in ATM networks: Recent advances and a survey. Computer Networks and ISDN Systems (1995)
Jansen, R., Hopper, N., Kim, Y.: Recruiting new Tor relays with BRAIDS. In: Proceedings of the ACM CCS (2010)
Kiraly, C., Bianchi, G., Cigno, R.L.: Solving performance issues in anonymiziation overlays with a L3 approach. University of Trento Information Engineering and Computer Science Department Technical Report DISI-08-041 (September 2008)
Kung, H.T., Blackwell, T., Chapman, A.: Credit-based flow control for ATM networks: credit update protocol, adaptive credit allocation and statistical multiplexing. SIGCOMM Comput. Commun. Rev. 24, 101–114 (1994)
Loesing, K.: Measuring the Tor network: Evaluation of client requests to the directories. Tor Project Technical Report (June 2009)
McCoy, D., Bauer, K., Grunwald, D., Kohno, T., Sicker, D.: Shining light in dark places: Understanding the Tor network. In: Proceedings of the 8th Privacy Enhancing Technologies Symposium (July 2008)
Murdoch, S.J., Danezis, G.: Low-cost traffic analysis of Tor. In: Proceedings of the 2005 IEEE Symposium on Security and Privacy. IEEE CS, Los Alamitos (2005)
Murdoch, S.J., Zieliński, P.: Sampled traffic analysis by Internet-exchange-level adversaries. In: Privacy Enhancing Technologies Workshop (June 2007)
Ngan, T.W.J., Dingledine, R., Wallach, D.S.: Building Incentives into Tor. In: Proceedings of Financial Cryptography (January 2010)
Øverlier, L., Syverson, P.: Locating hidden servers. In: Proceedings of the 2006 IEEE Symposium on Security and Privacy. IEEE CS, Los Alamitos (2006)
Pries, R., Yu, W., Graham, S., Fu, X.: On performance bottleneck of anonymous communication networks. In: Parallel and Distributed Processing (2008)
Ramachandran, S.: Web metrics: Size and number of resources, https://code.google.com/speed/articles/web-metrics.html
Rapier, C., Bennett, B.: High speed bulk data transfer using the SSH protocol. In: 15th Mardi Gras Conference on Distributed Applications. ACM, New York (2008)
Reardon, J., Goldberg, I.: Improving Tor using a TCP-over-DTLS tunnel. In: Proceedings of the 18th USENIX Security Symposium (August 2009)
Savage, S., Cardwell, N., Wetherall, D., Anderson, T.: TCP congestion control with a misbehaving receiver. SIGCOMM Comput. Commun. Rev. 29, 71–78 (1999)
Serjantov, A., Sewell, P.: Passive attack analysis for connection-based anonymity systems. In: Snekkenes, E., Gollmann, D. (eds.) ESORICS 2003. LNCS, vol. 2808, pp. 116–131. Springer, Heidelberg (2003)
Sherwood, R., Bhattacharjee, B., Braud, R.: Misbehaving TCP receivers can cause Internet-wide congestion collapse. In: Proceedings of the 12th ACM Conference on Computer and Communications Security (2005)
Shmatikov, V., Wang, M.H.: Timing analysis in low-latency mix networks: Attacks and defenses. In: Gollmann, D., Meier, J., Sabelfeld, A. (eds.) ESORICS 2006. LNCS, vol. 4189, pp. 18–33. Springer, Heidelberg (2006)
Tang, C., Goldberg, I.: An improved algorithm for Tor circuit scheduling. In: Proceedings of the 2010 ACM Conference on Computer and Communications Security. ACM, New York (2010)
Vahdat, A., Yocum, K., Walsh, K., Mahadevan, P., Kostić, D., Chase, J., Becker, D.: Scalability and accuracy in a large-scale network emulator. SIGOPS Oper. Syst. Rev. 36, 271–284 (2002)
Viecco, C.: UDP-OR: A fair onion transport. HotPETS (July 2008)
Wang, Z., Crowcroft, J.: Eliminating periodic packet losses in the 4.3-Tahoe BSD TCP congestion control algorithm. SIGCOMM Comput. Commun. Rev. 22, 9–16 (1992)
Wright, M.K., Adler, M., Levine, B.N., Shields, C.: The predecessor attack: An analysis of a threat to anonymous communications systems. ACM Trans. Inf. Syst. Secur. 7(4), 489–522 (2004)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
AlSabah, M. et al. (2011). DefenestraTor: Throwing Out Windows in Tor. In: Fischer-Hübner, S., Hopper, N. (eds) Privacy Enhancing Technologies. PETS 2011. Lecture Notes in Computer Science, vol 6794. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-22263-4_8
Download citation
DOI: https://doi.org/10.1007/978-3-642-22263-4_8
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-22262-7
Online ISBN: 978-3-642-22263-4
eBook Packages: Computer ScienceComputer Science (R0)