A Tune-up for Tor: Improving Security and Performance in the Tor Network

A Tune-up for Tor: Improving Security and Performance in the Tor Network. Snader, R. & Borisov, N. February 2008.

The Tor anonymous communication network uses selfreported bandwidth values to select routers for building tunnels. Since tunnels are allocated in proportion to this bandwidth, this allows a malicious router operator to attract tunnels for compromise. Since the metric used is insensitive to relative load, it does not adequately respond to changing conditions and hence produces unreliable performance, driving many users away. We propose an opportunistic bandwidth measurement algorithm to replace selfreported values and address both of these problems. We also propose a mechanisms to let users tune Tor performance to achieve higher performance or higher anonymity. Our mechanism effectively blends the traffic from users of different preferences, making partitioning attacks difficult. We implemented the opportunistic measurement and tunable performance extensions and examined their performance both analytically and in the real Tor network. Our results show that users can get dramatic increases in either performance or anonymity with little to no sacrifice in the other metric, or a more modest improvement in both. Our mechanisms are also invulnerable to the previously published low-resource attacks on Tor.

@conference {snader08,
	title = {A Tune-up for Tor: Improving Security and Performance in the Tor Network},
	booktitle = {Proceedings of the Network and Distributed Security Symposium - NDSS {\textquoteright}08},
	year = {2008},
	month = {February},
	publisher = {Internet Society},
	organization = {Internet Society},
	abstract = {The Tor anonymous communication network uses selfreported bandwidth values to select routers for building tunnels. Since tunnels are allocated in proportion to this bandwidth, this allows a malicious router operator to attract tunnels for compromise. Since the metric used is insensitive to relative load, it does not adequately respond to changing conditions and hence produces unreliable performance, driving many users away. We propose an opportunistic bandwidth measurement algorithm to replace selfreported values and address both of these problems. We also propose a mechanisms to let users tune Tor performance to achieve higher performance or higher anonymity. Our mechanism effectively blends the traffic from users of different preferences, making partitioning attacks difficult. We implemented the opportunistic measurement and tunable performance extensions and examined their performance both analytically and in the real Tor network. Our results show that users can get dramatic increases in either performance or anonymity with little to no sacrifice in the other metric, or a more modest improvement in both. Our mechanisms are also invulnerable to the previously published low-resource attacks on Tor. },
	keywords = {anonymity, Tor},
	doi = {10.1109/NCM.2009.205},
	url = {http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.140.7368},
	author = {Robin Snader and Borisov, Nikita}
}

Downloads: 0

{"_id":"FufAfQn7EM7KpaNuw","bibbaseid":"snader-borisov-atuneupfortorimprovingsecurityandperformanceinthetornetwork-2008","downloads":0,"creationDate":"2018-07-03T04:50:28.065Z","title":"A Tune-up for Tor: Improving Security and Performance in the Tor Network","author_short":["Snader, R.","Borisov, N."],"year":2008,"bibtype":"conference","biburl":"https://gnunet.org/bibliography/export/bibtex","bibdata":{"bibtype":"conference","type":"conference","title":"A Tune-up for Tor: Improving Security and Performance in the Tor Network","booktitle":"Proceedings of the Network and Distributed Security Symposium - NDSS \\textquoteright08","year":"2008","month":"February","publisher":"Internet Society","organization":"Internet Society","abstract":"The Tor anonymous communication network uses selfreported bandwidth values to select routers for building tunnels. Since tunnels are allocated in proportion to this bandwidth, this allows a malicious router operator to attract tunnels for compromise. Since the metric used is insensitive to relative load, it does not adequately respond to changing conditions and hence produces unreliable performance, driving many users away. We propose an opportunistic bandwidth measurement algorithm to replace selfreported values and address both of these problems. We also propose a mechanisms to let users tune Tor performance to achieve higher performance or higher anonymity. Our mechanism effectively blends the traffic from users of different preferences, making partitioning attacks difficult. We implemented the opportunistic measurement and tunable performance extensions and examined their performance both analytically and in the real Tor network. Our results show that users can get dramatic increases in either performance or anonymity with little to no sacrifice in the other metric, or a more modest improvement in both. Our mechanisms are also invulnerable to the previously published low-resource attacks on Tor. ","keywords":"anonymity, Tor","doi":"10.1109/NCM.2009.205","url":"http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.140.7368","author":[{"firstnames":["Robin"],"propositions":[],"lastnames":["Snader"],"suffixes":[]},{"propositions":[],"lastnames":["Borisov"],"firstnames":["Nikita"],"suffixes":[]}],"bibtex":"@conference {snader08,\n\ttitle = {A Tune-up for Tor: Improving Security and Performance in the Tor Network},\n\tbooktitle = {Proceedings of the Network and Distributed Security Symposium - NDSS {\\textquoteright}08},\n\tyear = {2008},\n\tmonth = {February},\n\tpublisher = {Internet Society},\n\torganization = {Internet Society},\n\tabstract = {The Tor anonymous communication network uses selfreported bandwidth values to select routers for building tunnels. Since tunnels are allocated in proportion to this bandwidth, this allows a malicious router operator to attract tunnels for compromise. Since the metric used is insensitive to relative load, it does not adequately respond to changing conditions and hence produces unreliable performance, driving many users away. We propose an opportunistic bandwidth measurement algorithm to replace selfreported values and address both of these problems. We also propose a mechanisms to let users tune Tor performance to achieve higher performance or higher anonymity. Our mechanism effectively blends the traffic from users of different preferences, making partitioning attacks difficult. We implemented the opportunistic measurement and tunable performance extensions and examined their performance both analytically and in the real Tor network. Our results show that users can get dramatic increases in either performance or anonymity with little to no sacrifice in the other metric, or a more modest improvement in both. Our mechanisms are also invulnerable to the previously published low-resource attacks on Tor. },\n\tkeywords = {anonymity, Tor},\n\tdoi = {10.1109/NCM.2009.205},\n\turl = {http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.140.7368},\n\tauthor = {Robin Snader and Borisov, Nikita}\n}\n","author_short":["Snader, R.","Borisov, N."],"key":"snader08","id":"snader08","bibbaseid":"snader-borisov-atuneupfortorimprovingsecurityandperformanceinthetornetwork-2008","role":"author","urls":{"Paper":"http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.140.7368"},"keyword":["anonymity","Tor"],"downloads":0},"search_terms":["tune","tor","improving","security","performance","tor","network","snader","borisov"],"keywords":["anonymity","tor"],"authorIDs":[],"dataSources":["FWsPTwsmjtrBtRS3B"]}