Mind the Gap: Towards a Backpressure-Based Transport Protocol for the Tor Network

Tor has become the prime example for anonymous communication systems. With increasing popularity, though, Tor is also faced with increasing load. In this paper, we tackle one of the fundamental problems in today's anonymity networks: network congestion. We show that the current Tor design is not able to adjust the load appropriately, and we argue that finding good solutions to this problem is hard for anonymity overlays in general. This is due to the long end-to-end delay in such networks, combined with limitations on the allowable feedback due to anonymity requirements. We introduce a design for a tailored transport protocol. It combines latency-based congestion control per overlay hop with a backpressure-based flow control mechanism for inter-hop signalling. The resulting overlay is able to react locally and thus rapidly to varying network conditions. It allocates available resources more evenly than the current Tor design; this is beneficial in terms of both fairness and anonymity. We show that it yields superior performance and improved fairness--between circuits, and also between the anonymity overlay and concurrent applications.

[1]  Donald F. Towsley,et al.  Modeling TCP throughput: a simple model and its empirical validation , 1998, SIGCOMM '98.

[2]  Albert G. Greenberg,et al.  Measuring and Evaluating TCP Splitting for Cloud Services , 2010, PAM.

[3]  Claudia Díaz,et al.  Tor Experimentation Tools , 2015, 2015 IEEE Security and Privacy Workshops.

[4]  Steven J. Murdoch,et al.  Evaluation of a libutp-based Tor Datagram Implementation , 2013 .

[5]  Nicholas Hopper,et al.  Throttling Tor Bandwidth Parasites , 2012, NDSS.

[6]  Eric Rescorla,et al.  Datagram Transport Layer Security Version 1.2 , 2012, RFC.

[7]  Masayuki Murata,et al.  Performance analysis and improvement of TCP proxy mechanism in TCP overlay networks , 2005, IEEE International Conference on Communications, 2005. ICC 2005. 2005.

[8]  Harsha V. Madhyastha,et al.  LASTor: A Low-Latency AS-Aware Tor Client , 2012, IEEE/ACM Transactions on Networking.

[9]  Raj Jain,et al.  A Quantitative Measure Of Fairness And Discrimination For Resource Allocation In Shared Computer Systems , 1998, ArXiv.

[10]  Roger Dingledine,et al.  Methodically Modeling the Tor Network , 2012, CSET.

[11]  Kien A. Hua,et al.  Semi-Split TCP: Maintaining End-to-End Semantics for Split TCP , 2007, 32nd IEEE Conference on Local Computer Networks (LCN 2007).

[12]  Björn Scheuermann,et al.  The Sniper Attack: Anonymously Deanonymizing and Disabling the Tor Network , 2014, NDSS.

[13]  Ian Goldberg,et al.  DefenestraTor: Throwing Out Windows in Tor , 2011, PETS.

[14]  Nick Mathewson,et al.  Tor: The Second-Generation Onion Router , 2004, USENIX Security Symposium.

[15]  Björn Scheuermann,et al.  How (not) to build a transport layer for anonymity overlays , 2013, PERV.

[16]  Noen Given UDP-OR: A Fair Onion Transport Design , 2008 .

[17]  Steven J. Murdoch Comparison of Tor Datagram Designs , 2011 .

[18]  Micah Sherr,et al.  Users get routed: traffic correlation on tor by realistic adversaries , 2013, CCS.

[19]  Micah Sherr,et al.  Never Been KIST: Tor's Congestion Management Blossoms with Kernel-Informed Socket Transport , 2014, USENIX Security Symposium.

[20]  Gabriel Montenegro,et al.  Performance Enhancing Proxies Intended to Mitigate Link-Related Degradations , 2001, RFC.

[21]  Vern Paxson,et al.  Computing TCP's Retransmission Timer , 2000, RFC.

[22]  Renato Lo Cigno,et al.  Solving Performance Issues in Anonymization Overlays with a L3 approach , 2008 .

[23]  Tao Wang,et al.  Congestion-Aware Path Selection for Tor , 2012, Financial Cryptography.

[24]  David Wolinsky,et al.  Reducing Latency in Tor Circuits with Unordered Delivery , 2013, FOCI.

[25]  Alexander Afanasyev,et al.  Host-to-Host Congestion Control for TCP , 2010, IEEE Communications Surveys & Tutorials.

[26]  Ian Goldberg,et al.  Enhancing Tor's performance using real-time traffic classification , 2012, CCS.

[27]  Ian Goldberg,et al.  An improved algorithm for tor circuit scheduling , 2010, CCS '10.

[28]  Micah Sherr,et al.  ExperimenTor: A Testbed for Safe and Realistic Tor Experimentation , 2011, CSET.

[29]  Harsha V. Madhyastha,et al.  LASTor: A Low-Latency AS-Aware Tor Client , 2012, S&P 2012.

[30]  Larry L. Peterson,et al.  TCP Vegas: new techniques for congestion detection and avoidance , 1994 .

[31]  Ian Goldberg,et al.  Improving Tor using a TCP-over-DTLS Tunnel , 2009, USENIX Security Symposium.

[32]  Janardhan R. Iyengar,et al.  Low Extra Delay Background Transport (LEDBAT) , 2012, RFC.

[33]  Larry Peterson,et al.  TCP Vegas: new techniques for congestion detection and avoidance , 1994, SIGCOMM 1994.

[34]  Ian Goldberg,et al.  PCTCP: per-circuit TCP-over-IPsec transport for anonymous communication overlay networks , 2013, CCS.

[35]  Kien A. Hua,et al.  Semi-Split TCP: Maintaining End-to-End Semantics for Split TCP , 2007 .

[36]  Arun Venkataramani,et al.  iPlane: an information plane for distributed services , 2006, OSDI '06.

[37]  Robert Shorten,et al.  On the Fair Coexistence of Loss- and Delay-Based TCP , 2009, IEEE/ACM Transactions on Networking.

[38]  Nadia Heninger,et al.  Torchestra: reducing interactive traffic delays over tor , 2012, WPES '12.

[39]  David Belson,et al.  Akamai state of the internet report, Q4 2009 , 2010, OPSR.

[40]  J Gettys,et al.  Bufferbloat: Dark Buffers in the Internet , 2011, IEEE Internet Computing.

[41]  Thomas R. Henderson,et al.  Network Simulations with the ns-3 Simulator , 2008 .

[42]  Nicholas Hopper,et al.  Shadow: Running Tor in a Box for Accurate and Efficient Experimentation , 2011, NDSS.

[43]  Ian Goldberg,et al.  The Path Less Travelled: Overcoming Tor's Bottlenecks with Traffic Splitting , 2013, Privacy Enhancing Technologies.

[44]  Ryan Hamilton,et al.  QUIC: A UDP-Based Secure and Reliable Transport for HTTP/2 , 2016 .

[45]  John Nagle,et al.  Congestion control in IP/TCP internetworks , 1984, CCRV.

[46]  Keith W. Ross,et al.  Waiting for Anonymity: Understanding Delays in the Tor Overlay , 2010, 2010 IEEE Tenth International Conference on Peer-to-Peer Computing (P2P).

[47]  Björn Scheuermann,et al.  Tor is unfair — And what to do about it , 2011, 2011 IEEE 36th Conference on Local Computer Networks.