access icon free Modified relay selection and circuit selection for faster Tor

© The Institution of Engineering and Technology
Received 26/06/2018, Accepted 24/06/2019, Revised 08/05/2019, Published 17/07/2019

Users of the Tor anonymity system suffer from less-than-ideal performance, in part because circuit building and selection processes are not tuned for speed. In this study, the authors examine both the process of selecting among pre-built circuits and the process of selecting the path of relays for use in building new circuits to improve performance while maintaining anonymity. First, the authors show that having three pre-built circuits available allows the Tor client to identify fast circuits and improves median time to first byte (TTFB) by 15% over congestion-aware routing, the current state-of-the-art method. Second, they propose a new path selection algorithm that includes broad geographic location information together with bandwidth to reduce delays. In shadow simulations, 20% faster median TTFB and 11% faster median total download times over congestion-aware routing for accessing web page-sized objects were found. The proposed security evaluations show that this approach leads to better or equal security against a generic relay-level adversary compared to Tor, but increased vulnerability to targeted attacks. The authors explore this trade-off and find settings of the proposed system that offers good performance, modestly better security against a generic adversary, and only slightly more vulnerability to a targeted adversary.

Inspec keywords: Internet; telecommunication congestion control; telecommunication security; telecommunication network routing

Other keywords: pre-built circuits; Tor anonymity system; congestion-aware routing; Tor client; broad geographic location information; generic relay-level adversary; faster median TTFB; median time to first byte; faster median total download times; modified relay selection; faster Tor; path selection algorithm; circuit selection

Subjects: Communication network design, planning and routing; Computer communications

References

    1. 1)
      • 22. Shadow, available at: http://shadow.github.io/.
    2. 2)
      • 2. Dingledine, R., Mathewson, N.: ‘Anonymity loves company: usability and the network effect’. Workshop on the Economics of Information Security, Cambridge, UK, 2006.
    3. 3)
      • 30. Levine, B.N., Reiter, M., Wang, C., et al: ‘Timing analysis in low-latency mix systems’. Financial cryptography (FC), Key West, FL, USA, 2004.
    4. 4)
      • 3. Snader, R., Borisov, N.: ‘A tune-up for Tor: improving security and performance in the Tor network’. Network and Distributed System Security Symp. (NDSS), San Diego, California, USA, 2008.
    5. 5)
      • 10. Alsabah, M., Bauer, K., Elahi, T., et al: ‘The path less travelled: overcoming tor's bottlenecks with traffic splitting’. The Privacy Enhancing Technologies Symp. (PETS), Bloomington, IN, USA, 2013.
    6. 6)
      • 7. Wacek, C., Tan, H., Bauer, K., et al: ‘An empirical evaluation of relay selection in Tor’. Network and Distributed System Security Symp. (NDSS), San Diego, California, USA, 2013.
    7. 7)
      • 24. Sun, Y., Edmundson, A., Vanbever, L., et al: ‘RAPTOR: routing attacks on privacy in Tor’. USENIX Security, Washington, D.C., 2015.
    8. 8)
      • 9. Tang, C., Goldberg, I.: ‘An improved algorithm for Tor circuit scheduling’. The ACM Conf. on Computer and Communications Security, Chicago, Illinois, USA, 2010.
    9. 9)
      • 5. Sherr, M., Blaze, M., Loo, B.T.: ‘Scalable link-based relay selection for anonymous routing’. The Privacy Enhancing Technologies Symp. (PETS), Seattle, WA, USA, 2009.
    10. 10)
      • 6. Akhoondi, M., Yu, C., Madhyastha, H.V.: ‘LASTor: a low-latency AS-aware Tor client’. IEEE Symp. on Security and Privacy (S&P), San Francisco, 2012.
    11. 11)
      • 20. Geddes, J., Jansen, R., Hopper, N.: ‘How low can you go: balancing performance with anonymity in tor’. Privacy Enhancing Technologies Symp., Bloomington, IN, USA, 2013.
    12. 12)
      • 23. Qiu, J., Gao, L.: ‘AS path inference by exploiting known AS paths’. GLOBECOM, St. Louis, Mo, USA, 2005.
    13. 13)
      • 27. ‘CAIDA data’, available at: http://www.caida.org/data.
    14. 14)
      • 16. Chun, B., Culler, D., Roscoe, T., et al: ‘Planetlab: an overlay testbed for broad-coverage services’, SIGCOMM Comput. Commun. Rev., 2003, 33, 3, pp. 312.
    15. 15)
      • 4. Wang, T., Bauer, K., Forero, C., et al: ‘Congestion-aware path selection for Tor’. Financial cryptography (FC), Kralendijk, Bonaire, 2012.
    16. 16)
      • 18. Hopper, N., Vasserman, E.Y., Chan-Tin, E.: ‘How much anonymity does network latency leak?’, ACM TISSEC, 2010, 13, (2).
    17. 17)
      • 13. Dingledine, R., Mathewson, N., Syverson, P.: ‘Tor: the next-generation onion router’. USENIX Security, San Diego, CA, USA, 2004.
    18. 18)
      • 31. ‘Maxmind IP geolocation database’, available at: http://dev.maxmind.com/geoip/legacy/geolite/.
    19. 19)
      • 25. Jansen, R., Geddes, J., Wacek, C., et al: ‘Never been KIST: Tor's congestion management blossoms with kernel-informed socket transport’, 2014.
    20. 20)
      • 8. Jansen, R., Bauer, K., Hopper, N., et al: ‘Methodically modeling the tor network’. The Cyber Security Evaluation Tool (CSET 2012), San Jose, CA, 2012.
    21. 21)
      • 15. Chen, F., Pasquale, J.: ‘Toward improving path selection in Tor’. 2010 Global Telecommunications Conf. (GLOBECOM 2010), Miami, FL, USA, 2010, pp. 16.
    22. 22)
      • 26. Johnson, A., Wacek, C., Jansen, R., et al: ‘Users get routed: traffic correlation on tor by realistic adversaries’. The ACM Conf. on Computer and Communications Security, Berlin, Germany, 2013.
    23. 23)
      • 29. ‘Alexa’, available at: http://www.alexa.com.
    24. 24)
      • 19. Mittal, P., Khurshid, A., Juen, J., et al: ‘Stealthy traffic analysis of low-latency anonymous communication using throughput fingerprinting’. The ACM Conf. on Computer and Communications Security, Chicago, Chicago, IL, USA, 2011.
    25. 25)
      • 21. Jansen, R., Hopper, N.: ‘Shadow: running Tor in a box for accurate and efficient experimentation’. The Network and Distributed System Security Symp. (NDSS), San Diego, California, USA, 2012.
    26. 26)
      • 12. Jansen, R., Hopper, N., Kim, Y.: ‘Recruiting new Tor relays with BRAIDS’. The ACM Conf. on Computer and Communications Security, Chicago, Illinois, USA, 2010.
    27. 27)
      • 28. Tor metric portal, available at: https://metrics.torproject.org/userstats-relay-table.html.
    28. 28)
      • 14. Annessi, R., Schmiedecker, M.: ‘NavigaTor: finding faster paths to anonymity’. European Symp. on Security and Privacy (Euro S&P), Saarbrucken, Germany, 2016.
    29. 29)
      • 17. Evans, N., Dingledine, R., Grothoff, C.: ‘A practical congestion attack on Tor using long paths’. USENIX Security, Montreal, Canada, 2009.
    30. 30)
      • 11. Dingledine, R., Wallach, D.S.: ‘Building incentives into Tor’. Financial cryptography (FC), Springer, 2010, pp. 238256.
    31. 31)
      • 1. Acquisti, A., Dingledine, R., Syverson, P.: ‘On the economics of anonymity’. Financial cryptography (FC), Berlin, Germany, 2003.
http://iet.metastore.ingenta.com/content/journals/10.1049/iet-com.2018.5591
Loading

Related content

content/journals/10.1049/iet-com.2018.5591
pub_keyword,iet_inspecKeyword,pub_concept
6
6
Loading