Skip to main content
SpringerLink
Log in

DefenestraTor: Throwing Out Windows in Tor

  • Conference paper
Privacy Enhancing Technologies (PETS 2011)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 6794))

Included in the following conference series:

Abstract

Tor is one of the most widely used privacy enhancing technologies for achieving online anonymity and resisting censorship. While conventional wisdom dictates that the level of anonymity offered by Tor increases as its user base grows, the most significant obstacle to Tor adoption continues to be its slow performance. We seek to enhance Tor’s performance by offering techniques to control congestion and improve flow control, thereby reducing unnecessary delays.

To reduce congestion, we first evaluate small fixed-size circuit windows and a dynamic circuit window that adaptively re-sizes in response to perceived congestion. While these solutions improve web page response times and require modification only to exit routers, they generally offer poor flow control and slower downloads relative to Tor’s current design. To improve flow control while reducing congestion, we implement N23, an ATM-style per-link algorithm that allows Tor routers to explicitly cap their queue lengths and signal congestion via back-pressure. Our results show that N23 offers better congestion and flow control, resulting in improved web page response times and faster page loads compared to Tor’s current design and other window-based approaches. We also argue that our proposals do not enable any new attacks on Tor users’ privacy.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Bauer, K., McCoy, D., Grunwald, D., Kohno, T., Sicker, D.: Low-resource routing attacks against Tor. In: Proceedings of the Workshop on Privacy in the Electronic Society (WPES 2007), Washington, DC, USA (October 2007)

    Google Scholar 

  2. Bauer, K., Sherr, M., McCoy, D., Grunwald, D.: ExperimenTor: A testbed for safe and realistic Tor experimentation. Technical Report CACR 2011-12 (May 2011), http://www.cacr.math.uwaterloo.ca/techreports/2011/cacr2011-12.pdf

  3. Brakmo, L.S., O’Malley, S.W., Peterson, L.L.: TCP Vegas: New techniques for congestion detection and avoidance. In: Proceedings of the Conference on Communications Architectures, Protocols and Applications, SIGCOMM 1994, pp. 24–35. ACM, New York (1994)

    Chapter  Google Scholar 

  4. Chen, F., Perry, M.: Improving Tor path selection (July 2008), https://gitweb.torproject.org/torspec.git/blob_plain/HEAD:/proposals/151-path-selection-improvements.txt

  5. Dhungel, P., Steiner, M., Rimac, I., Hilt, V., Ross, K.W.: Waiting for anonymity: Understanding delays in the Tor overlay. In: Peer-to-Peer Computin. IEEE, Los Alamitos (2010)

    Google Scholar 

  6. Dingledine, R.: Prop 168: Reduce default circuit window (August 2009), https://gitweb.torproject.org/torspec.git/blob_plain/HEAD:/proposals/168-reduce-circwindow.txt

  7. Dingledine, R.: Research problem: adaptive throttling of Tor clients by entry guards (September 2010), https://blog.torproject.org/blog/research-problem-adaptive-hrottling-tor-clients-entry-guards

  8. Dingledine, R., Mathewson, N.: Anonymity loves company: Usability and the network effect. In: Workshop on the Economics of Information Security (June 2006)

    Google Scholar 

  9. Dingledine, R., Mathewson, N.: Tor Protocol Specificiation (2010), https://gitweb.torproject.org/tor.git/blob_plain/HEAD:/doc/spec/tor-spec.txt

  10. Dingledine, R., Mathewson, N., Syverson, P.: Tor: The second-generation onion router. In: Proceedings of the 13th USENIX Security Symposium (August 2004)

    Google Scholar 

  11. Dingledine, R., Murdoch, S.: Performance improvements on Tor or, why Tor is slow and what we’re going to do about it (March 2009), http://www.torproject.org/press/presskit/2009-03-11-performance.pdf

  12. Evans, N., Dingledine, R., Grothoff, C.: A practical congestion attack on Tor using long paths. In: Proceedings of the 18th USENIX Security Symposium (2009)

    Google Scholar 

  13. Goldberg, I.: Prop 174: Optimistic data for Tor: Server side, https://trac.torproject.org/projects/tor/ticket/1795

  14. Goldschlag, D.M., Reed, M.G., Syverson, P.F.: Hiding routing information. In: Proceedings of Information Hiding: First International Workshop (May 1996)

    Google Scholar 

  15. Hopper, N., Vasserman, E.Y., Chan-Tin, E.: How much anonymity does network latency leak? In: Proceedings of ACM CCS (October 2007)

    Google Scholar 

  16. Jain, R.: Congestion control and traffic management in ATM networks: Recent advances and a survey. Computer Networks and ISDN Systems (1995)

    Google Scholar 

  17. Jansen, R., Hopper, N., Kim, Y.: Recruiting new Tor relays with BRAIDS. In: Proceedings of the ACM CCS (2010)

    Google Scholar 

  18. Kiraly, C., Bianchi, G., Cigno, R.L.: Solving performance issues in anonymiziation overlays with a L3 approach. University of Trento Information Engineering and Computer Science Department Technical Report DISI-08-041 (September 2008)

    Google Scholar 

  19. Kung, H.T., Blackwell, T., Chapman, A.: Credit-based flow control for ATM networks: credit update protocol, adaptive credit allocation and statistical multiplexing. SIGCOMM Comput. Commun. Rev. 24, 101–114 (1994)

    Article  Google Scholar 

  20. Loesing, K.: Measuring the Tor network: Evaluation of client requests to the directories. Tor Project Technical Report (June 2009)

    Google Scholar 

  21. McCoy, D., Bauer, K., Grunwald, D., Kohno, T., Sicker, D.: Shining light in dark places: Understanding the Tor network. In: Proceedings of the 8th Privacy Enhancing Technologies Symposium (July 2008)

    Google Scholar 

  22. Murdoch, S.J., Danezis, G.: Low-cost traffic analysis of Tor. In: Proceedings of the 2005 IEEE Symposium on Security and Privacy. IEEE CS, Los Alamitos (2005)

    Google Scholar 

  23. Murdoch, S.J., Zieliński, P.: Sampled traffic analysis by Internet-exchange-level adversaries. In: Privacy Enhancing Technologies Workshop (June 2007)

    Google Scholar 

  24. Ngan, T.W.J., Dingledine, R., Wallach, D.S.: Building Incentives into Tor. In: Proceedings of Financial Cryptography (January 2010)

    Google Scholar 

  25. Øverlier, L., Syverson, P.: Locating hidden servers. In: Proceedings of the 2006 IEEE Symposium on Security and Privacy. IEEE CS, Los Alamitos (2006)

    Google Scholar 

  26. Pries, R., Yu, W., Graham, S., Fu, X.: On performance bottleneck of anonymous communication networks. In: Parallel and Distributed Processing (2008)

    Google Scholar 

  27. Ramachandran, S.: Web metrics: Size and number of resources, https://code.google.com/speed/articles/web-metrics.html

  28. Rapier, C., Bennett, B.: High speed bulk data transfer using the SSH protocol. In: 15th Mardi Gras Conference on Distributed Applications. ACM, New York (2008)

    Google Scholar 

  29. Reardon, J., Goldberg, I.: Improving Tor using a TCP-over-DTLS tunnel. In: Proceedings of the 18th USENIX Security Symposium (August 2009)

    Google Scholar 

  30. Savage, S., Cardwell, N., Wetherall, D., Anderson, T.: TCP congestion control with a misbehaving receiver. SIGCOMM Comput. Commun. Rev. 29, 71–78 (1999)

    Article  Google Scholar 

  31. Serjantov, A., Sewell, P.: Passive attack analysis for connection-based anonymity systems. In: Snekkenes, E., Gollmann, D. (eds.) ESORICS 2003. LNCS, vol. 2808, pp. 116–131. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  32. Sherwood, R., Bhattacharjee, B., Braud, R.: Misbehaving TCP receivers can cause Internet-wide congestion collapse. In: Proceedings of the 12th ACM Conference on Computer and Communications Security (2005)

    Google Scholar 

  33. Shmatikov, V., Wang, M.H.: Timing analysis in low-latency mix networks: Attacks and defenses. In: Gollmann, D., Meier, J., Sabelfeld, A. (eds.) ESORICS 2006. LNCS, vol. 4189, pp. 18–33. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  34. Tang, C., Goldberg, I.: An improved algorithm for Tor circuit scheduling. In: Proceedings of the 2010 ACM Conference on Computer and Communications Security. ACM, New York (2010)

    Google Scholar 

  35. Vahdat, A., Yocum, K., Walsh, K., Mahadevan, P., Kostić, D., Chase, J., Becker, D.: Scalability and accuracy in a large-scale network emulator. SIGOPS Oper. Syst. Rev. 36, 271–284 (2002)

    Article  Google Scholar 

  36. Viecco, C.: UDP-OR: A fair onion transport. HotPETS (July 2008)

    Google Scholar 

  37. Wang, Z., Crowcroft, J.: Eliminating periodic packet losses in the 4.3-Tahoe BSD TCP congestion control algorithm. SIGCOMM Comput. Commun. Rev. 22, 9–16 (1992)

    Article  Google Scholar 

  38. Wright, M.K., Adler, M., Levine, B.N., Shields, C.: The predecessor attack: An analysis of a threat to anonymous communications systems. ACM Trans. Inf. Syst. Secur. 7(4), 489–522 (2004)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. University of Waterloo, Canada

    Mashael AlSabah, Kevin Bauer & Ian Goldberg

  2. University of Colorado, USA

    Dirk Grunwald

  3. University of California, San Diego

    Damon McCoy, Stefan Savage & Geoffrey M. Voelker

Authors
  1. Mashael AlSabah
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Kevin Bauer
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Ian Goldberg
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Dirk Grunwald
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Damon McCoy
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Stefan Savage
    View author publications

    You can also search for this author in PubMed Google Scholar

  7. Geoffrey M. Voelker
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Karlstad University, Sweden

    Simone Fischer-Hübner

  2. Department of Computer Science and Engineering, 200 Union Street SE, University of Minnesota, 55455, Minneapolis, MN, USA

    Nicholas Hopper

Rights and permissions

Reprints and permissions

Copyright information

© 2011 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

AlSabah, M. et al. (2011). DefenestraTor: Throwing Out Windows in Tor. In: Fischer-Hübner, S., Hopper, N. (eds) Privacy Enhancing Technologies. PETS 2011. Lecture Notes in Computer Science, vol 6794. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-22263-4_8

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-22263-4_8

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-22262-7

  • Online ISBN: 978-3-642-22263-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation