KIST

Tor’s growing popularity and user diversity has resulted in network performance problems that are not well understood, though performance is understood to be a significant factor in Tor’s security. A large body of work has attempted to solve performance problems without a complete understanding of where congestion occurs in Tor. In this article, we first study congestion in Tor at individual relays as well as along the entire end-to-end Tor path and find that congestion occurs almost exclusively in egress kernel socket buffers. We then analyze Tor’s socket interactions and discover two major contributors to Tor’s congestion: Tor writes sockets sequentially, and Tor writes as much as possible to each socket. To improve Tor’s performance, we design, implement, and test KIST: a new socket management algorithm that uses real-time kernel information to dynamically compute the amount to write to each socket while considering all circuits of all writable sockets when scheduling cells. We find that, in the medians, KIST reduces circuit congestion by more than 30%, reduces network latency by 18%, and increases network throughput by nearly 10%. We also find that client and relay performance with KIST improves as more relays deploy it and as network load and packet loss rates increase. We analyze the security of KIST and find an acceptable performance and security tradeoff, as it does not significantly affect the outcome of well-known latency, throughput, and traffic correlation attacks. KIST has been merged and configured as the default socket scheduling algorithm in Tor version 0.3.2.1-alpha (released September 18, 2017) and became stable in Tor version 0.3.2.9 (released January 9, 2018). While our focus is Tor, our techniques and observations should help analyze and improve overlay and application performance, both for security applications and in general.

[1]  Weijia Jia,et al.  A new cell counter based attack against tor , 2009, CCS.

[2]  Andrew Miller,et al.  From Onions to Shallots: Rewarding Tor Relays with TEARS , 2014 .

[3]  Nicholas Hopper,et al.  How Low Can You Go: Balancing Performance with Anonymity in Tor , 2013, Privacy Enhancing Technologies.

[4]  Nicholas Hopper,et al.  Shadow: Running Tor in a Box for Accurate and Efficient Experimentation , 2011, NDSS.

[5]  Ian Goldberg,et al.  The Path Less Travelled: Overcoming Tor's Bottlenecks with Traffic Splitting , 2013, Privacy Enhancing Technologies.

[6]  Joan Feigenbaum,et al.  Avoiding The Man on the Wire: Improving Tor's Security with Trust-Aware Path Selection , 2015, NDSS.

[7]  Rob Jansen,et al.  A TorPath to TorCoin: Proof-of-Bandwidth Altcoins for Compensating Relays , 2014 .

[8]  Roger Dingledine,et al.  On the Economics of Anonymity , 2003, Financial Cryptography.

[9]  Björn Scheuermann,et al.  Mind the Gap: Towards a Backpressure-Based Transport Protocol for the Tor Network , 2016, NSDI.

[10]  Harsha V. Madhyastha,et al.  LASTor: A Low-Latency AS-Aware Tor Client , 2012, IEEE/ACM Transactions on Networking.

[11]  Lixin Gao On inferring autonomous system relationships in the internet , 2001, TNET.

[12]  Roger Dingledine,et al.  Methodically Modeling the Tor Network , 2012, CSET.

[13]  Nicholas Hopper,et al.  Protecting Tor from botnet abuse in the long term , 2013 .

[14]  Rob Jansen,et al.  Safely Measuring Tor , 2016, CCS.

[15]  Nick Mathewson,et al.  Deploying Low-Latency Anonymity: Design Challenges and Social Factors , 2007, IEEE Security & Privacy.

[16]  Prateek Mittal,et al.  TorPolice: Towards enforcing service-defined access policies for anonymous communication in the Tor network , 2017, 2017 IEEE 25th International Conference on Network Protocols (ICNP).

[17]  Sally Floyd,et al.  TCP Selective Acknowledgement Options , 1996 .

[18]  Mohamed Ali Kâafar,et al.  Digging into Anonymous Traffic: A Deep Analysis of the Tor Anonymizing Network , 2010, 2010 Fourth International Conference on Network and System Security.

[19]  Prateek Mittal,et al.  Stealthy traffic analysis of low-latency anonymous communication using throughput fingerprinting , 2011, CCS '11.

[20]  Maurizio Casoni,et al.  Implementation and validation of TCP options and congestion control algorithms for ns-3 , 2015, WNS3 '15.

[21]  Nicholas Hopper,et al.  Throttling Tor Bandwidth Parasites , 2012, NDSS.

[22]  Micah Sherr,et al.  Data-plane Defenses against Routing Attacks on Tor , 2016, Proc. Priv. Enhancing Technol..

[23]  Nicholas Hopper,et al.  IMUX: Managing Tor Connections from Two to Infinity, and Beyond , 2014, WPES.

[24]  Anton Stiglic,et al.  Traffic Analysis Attacks and Trade-Offs in Anonymity Providing Systems , 2001, Information Hiding.

[25]  Nicholas Hopper,et al.  PeerFlow: Secure Load Balancing in Tor , 2017, Proc. Priv. Enhancing Technol..

[26]  S. Hahn,et al.  Privacy-preserving Ways to Estimate the Number of Tor Users , 2012 .

[27]  David Wolinsky,et al.  Reducing Latency in Tor Circuits with Unordered Delivery , 2013, FOCI.

[28]  Paul Francis,et al.  IDMaps: a global internet host distance estimation service , 2001, TNET.

[29]  Nikita Borisov,et al.  A Tune-up for Tor: Improving Security and Performance in the Tor Network , 2008, NDSS.

[30]  Matthew Mathis,et al.  Forward acknowledgement: refining TCP congestion control , 1996, SIGCOMM '96.

[31]  Olivier Pereira,et al.  Waterfilling: Balancing the Tor network with maximum diversity , 2016, Proc. Priv. Enhancing Technol..

[32]  Ian Goldberg,et al.  PCTCP: per-circuit TCP-over-IPsec transport for anonymous communication overlay networks , 2013, CCS.

[33]  Roger Dingledine,et al.  Performance Improvements on Tor or, Why Tor is slow and what we're going to do about it , 2009 .

[34]  Ian Goldberg,et al.  Improving Tor using a TCP-over-DTLS Tunnel , 2009, USENIX Security Symposium.

[35]  Dirk Grunwald,et al.  Shining Light in Dark Places: Understanding the Tor Network , 2008, Privacy Enhancing Technologies.

[36]  Syed Obaid Amin,et al.  Minion: Unordered Delivery Wire-Compatible with TCP and TLS , 2011 .

[37]  Nicholas Hopper,et al.  How much anonymity does network latency leak? , 2007, TSEC.

[38]  Wu-chun Feng,et al.  A comparison of TCP automatic tuning techniques for distributed computing , 2002, Proceedings 11th IEEE International Symposium on High Performance Distributed Computing.

[39]  Prateek Mittal,et al.  Tempest: Temporal Dynamics in Anonymity Systems , 2018, Proc. Priv. Enhancing Technol..

[40]  Roger Dingledine,et al.  A Practical Congestion Attack on Tor Using Long Paths , 2009, USENIX Security Symposium.

[41]  Eric Chan-Tin,et al.  Revisiting Circuit Clogging Attacks on Tor , 2013, 2013 International Conference on Availability, Reliability and Security.

[42]  J. Alex Halderman,et al.  Internet Censorship in Iran: A First Look , 2013, FOCI.

[43]  George Danezis,et al.  Low-cost traffic analysis of Tor , 2005, 2005 IEEE Symposium on Security and Privacy (S&P'05).

[44]  Micah Sherr,et al.  Users get routed: traffic correlation on tor by realistic adversaries , 2013, CCS.

[45]  Vern Paxson,et al.  Computing TCP's Retransmission Timer , 2000, RFC.

[46]  Mohsen Imani,et al.  Forming Guard Sets using AS Relationships , 2017, ArXiv.

[47]  Roger Dingledine,et al.  A Case Study on Measuring Statistical Data in the Tor Anonymity Network , 2010, Financial Cryptography Workshops.

[48]  Injong Rhee,et al.  CUBIC: a new TCP-friendly high-speed TCP variant , 2008, OPSR.

[49]  Nadia Heninger,et al.  Torchestra: reducing interactive traffic delays over tor , 2012, WPES '12.

[50]  Ian Goldberg,et al.  DefenestraTor: Throwing Out Windows in Tor , 2011, PETS.

[51]  Nick Mathewson,et al.  Tor: The Second-Generation Onion Router , 2004, USENIX Security Symposium.

[52]  Micah Sherr,et al.  Exploring the potential benefits of expanded rate limiting in Tor: slow and steady wins the race with Tortoise , 2011, ACSAC '11.

[53]  A. Azzouz 2011 , 2020, City.

[54]  Ian Goldberg,et al.  Enhancing Tor's performance using real-time traffic classification , 2012, CCS.

[55]  Ian Goldberg,et al.  An improved algorithm for tor circuit scheduling , 2010, CCS '10.

[56]  Steven J. Murdoch Comparison of Tor Datagram Designs , 2011 .

[57]  Claudia Díaz,et al.  Inside Job: Applying Traffic Analysis to Measure Tor from Within , 2018, NDSS.

[58]  Raj Jain,et al.  Packet Trains-Measurements and a New Model for Computer Network Traffic , 1986, IEEE J. Sel. Areas Commun..

[59]  Vern Paxson,et al.  TCP Congestion Control , 1999, RFC.

[60]  Mohit P. Tahiliani,et al.  TCP Evaluation Suite for ns-3 , 2016, WNS3 '16.

[61]  Claudia Díaz,et al.  Tor Experimentation Tools , 2015, 2015 IEEE Security and Privacy Workshops.

[62]  Micah Sherr,et al.  A3: An Extensible Platform for Application-Aware Anonymity , 2010, NDSS.

[63]  E. Tronci,et al.  1996 , 1997, Affair of the Heart.

[64]  Steven J. Murdoch,et al.  Hot or not: revealing hidden services by their clock skew , 2006, CCS '06.

[65]  Paul F. Syverson,et al.  LIRA: Lightweight Incentivized Routing for Anonymity , 2013, NDSS.

[66]  Nicholas Hopper,et al.  Recruiting new tor relays with BRAIDS , 2010, CCS '10.

[67]  Nick Mathewson,et al.  Anonymity Loves Company: Usability and the Network Effect , 2006, WEIS.

[68]  Micah Sherr,et al.  An Empirical Evaluation of Relay Selection in Tor , 2013, NDSS.

[69]  Tao Wang,et al.  Congestion-Aware Path Selection for Tor , 2012, Financial Cryptography.