TY - JOUR
T1 - Improving security and performance in the tor network through tunable path selection
AU - Snader, Robin
AU - Borisov, Nikita
N1 - Funding Information:
The authors would like to thank Roger Dingledine, Ian Goldberg, and Steven Murdoch for helpful discussions about this work, and Joshua Juen for helping gather Tor data sets. This work was supported in part by a grant from the US National Science Foundation, CNS 06-27671.
PY - 2011
Y1 - 2011
N2 - The Tor anonymous communication network uses self-reported bandwidth values to select routers for building tunnels. Since tunnels are allocated in proportion to this bandwidth, this allows a malicious router operator to attract tunnels for compromise. Although Tor limits the self-reported bandwidth, it uses a high maximum value, effectively choosing performance over high anonymity for all users. We propose a router selection algorithm that allows users to control the trade-off between performance and anonymity. We also propose an opportunistic bandwidth measurement algorithm to replace self-reported values that is more sensitive to load and more responsive to changing network conditions. Our mechanism effectively blends the traffic from users of different preferences, making partitioning attacks difficult. We implemented the opportunistic measurement and tunable performance extensions and examined their performance both through simulation and in the real Tor network. Our results show that users can get dramatic increases in either performance or anonymity with little to no sacrifice in the other metric, or a more modest improvement in both. Our mechanisms are also invulnerable to the previously published low-resource attacks on Tor.
AB - The Tor anonymous communication network uses self-reported bandwidth values to select routers for building tunnels. Since tunnels are allocated in proportion to this bandwidth, this allows a malicious router operator to attract tunnels for compromise. Although Tor limits the self-reported bandwidth, it uses a high maximum value, effectively choosing performance over high anonymity for all users. We propose a router selection algorithm that allows users to control the trade-off between performance and anonymity. We also propose an opportunistic bandwidth measurement algorithm to replace self-reported values that is more sensitive to load and more responsive to changing network conditions. Our mechanism effectively blends the traffic from users of different preferences, making partitioning attacks difficult. We implemented the opportunistic measurement and tunable performance extensions and examined their performance both through simulation and in the real Tor network. Our results show that users can get dramatic increases in either performance or anonymity with little to no sacrifice in the other metric, or a more modest improvement in both. Our mechanisms are also invulnerable to the previously published low-resource attacks on Tor.
KW - Anonymous communication
KW - bandwidth estimation
KW - path selection
UR - http://www.scopus.com/inward/record.url?scp=79960549105&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=79960549105&partnerID=8YFLogxK
U2 - 10.1109/TDSC.2010.40
DO - 10.1109/TDSC.2010.40
M3 - Article
AN - SCOPUS:79960549105
SN - 1545-5971
VL - 8
SP - 728
EP - 741
JO - IEEE Transactions on Dependable and Secure Computing
JF - IEEE Transactions on Dependable and Secure Computing
IS - 5
M1 - 5560675
ER -