A Tune-up for Tor: Improving Security and Performance in the Tor Network

Robin Snader, Nikita Borisov

Research output: Contribution to conferencePaperpeer-review

Abstract

The Tor anonymous communication network uses self- reported bandwidth values to select routers for building tunnels. Since tunnels are allocated in proportion to this bandwidth, this allows a malicious router operator to at- tract tunnels for compromise. Since the metric used is in- sensitive to relative load, it does not adequately respond to changing conditions and hence produces unreliable perfor- mance, driving many users away. We propose an oppor- tunistic bandwidth measurement algorithm to replace self- reported values and address both of these problems. We also propose a mechanisms to let users tune Tor perfor- mance to achieve higher performance or higher anonymity. Our mechanism effectively blends the traffic from users of different preferences, making partitioning attacks difficult. We implemented the opportunistic measurement and tun- able performance extensions and examined their perfor- mance both analytically and in the real Tor network. Our results show that users can get dramatic increases in either performance or anonymity with little to no sacrifice in the other metric, or a more modest improvement in both. Our mechanisms are also invulnerable to the previously pub- lished low-resource attacks on Tor.

Original languageEnglish (US)
StatePublished - 2008
Externally publishedYes
Event15th Symposium on Network and Distributed System Security, NDSS 2008 - San Diego, United States
Duration: Feb 10 2008Feb 13 2008

Conference

Conference15th Symposium on Network and Distributed System Security, NDSS 2008
Country/TerritoryUnited States
CitySan Diego
Period2/10/082/13/08

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Control and Systems Engineering
  • Safety, Risk, Reliability and Quality

Fingerprint

Dive into the research topics of 'A Tune-up for Tor: Improving Security and Performance in the Tor Network'. Together they form a unique fingerprint.

Cite this