A Tune-up for Tor: Improving Security and Performance in the Tor - - PowerPoint PPT Presentation

a tune up for tor
SMART_READER_LITE
LIVE PREVIEW

A Tune-up for Tor: Improving Security and Performance in the Tor - - PowerPoint PPT Presentation

Mar 22, 2024 241 likes •494 views

A Tune-up for Tor: Improving Security and Performance in the Tor Network Robin Snader Nikita Borisov Department of Computer Science Dept. of Electrical & Computer Engineering rsnader2@cs.uiuc.edu nikita@uiuc.edu University of Illinois

slide-1
SLIDE 1

A Tune-up for Tor:

Improving Security and Performance in the Tor Network

Robin Snader Department of Computer Science rsnader2@cs.uiuc.edu Nikita Borisov

  • Dept. of Electrical & Computer Engineering

nikita@uiuc.edu University of Illinois at Urbana-Champaign

slide-2
SLIDE 2

The Tor Network

slide-3
SLIDE 3

Tor as an Overlay Network

slide-4
SLIDE 4

Overlay Network Considerations

  • Overlay Networks

– Link Evaluation – Efficient Route Selection

  • High Flow Bandwidth
  • High Aggregate Network Throughput
  • Tor as an Overlay Network

– Secure Link Evaluation – Secure, Anonymous and Efficient Route Selection

slide-5
SLIDE 5

Anonymous vs. Efficient Route Selection

  • Efficient Routes: prefer well-connected routers
  • Anonymous Routes: choose routers uniformly at random

High Anonymity High Performance

  • Spies
  • Dissidents
  • Whistle blowers
  • Casual Users
  • Privacy Advocates
  • P2P Users
  • Cover Traffic Providers
  • New Users
slide-6
SLIDE 6

Evaluating Link Bandwidth (Current)

  • Current Implementation

– Each node estimates available bandwidth and

reports it to directory server

– Susceptible to manipulation by malicious nodes

  • Bauer, et al. “Low-resource routing attacks against

anonymous systems” in WPES'07

– Not sensitive to relative load

  • Static router popularity
slide-7
SLIDE 7

Evaluating Link Bandwidth (Proposed)

  • Proposed Method

– Each node tracks the bandwidth to each of its peers – To estimate bandwidth, a node queries 5 of its

peers and calculates the median values received

  • Nodes already query peers for lists of available nodes

– Adjusts to relative load

slide-8
SLIDE 8

Evaluation of Bandwidth Estimation

  • Proposed Method Performance: r=0.48
  • Balanced prediction
  • Current Method Performance: r=0.57
  • Systematic overestimation
  • No malicious nodes
slide-9
SLIDE 9

Router Selection (Current)

  • Selection weighted by bandwidth

10 kB/s 20 kB/s 30 kB/s

  • Single Anonymity Level
  • Bandwidth weight limited to 10 MB/s (was 1.5 MB/s)

– Static tradeoff between underutilization and spoofing

5 kB/s, advertising 90kB/s 10 kB/s 20 kB/s 30 kB/s

slide-10
SLIDE 10

Route Selection (Proposed)

  • Order routers by available bandwidth

10 kB/s 20 kB/s 30 kB/s

  • Use non-uniform random variable to weight faster

routers more heavily

  • Parameterized RV => Parameterized Anonymity
slide-11
SLIDE 11

Route Selection (Proposed)

  • Selection level 0 gives

uniform selection

  • Higher selection levels

weight faster routers more heavily

  • Weighted coin flip to

choose known vs. unknown routers

– Unknown routers always

chosen uniformly at random

slide-12
SLIDE 12

Evaluation of Router Selection

  • Concern: how traceable is your selection level?

– Attacker can focus on users more concerned with privacy

High Anonymity High Performance

  • Spies
  • Dissidents
  • Whistle blowers
  • Casual Users
  • Privacy Advocates
  • P2P Users
  • Cover Traffic Providers
  • New Users
slide-13
SLIDE 13

Evaluation of Router Selection

slide-14
SLIDE 14

Evaluation of Router Selection

slide-15
SLIDE 15

Tunable Tor: Combining both algorithms

  • Evaluation setup:

– Transfer 1 MB file – 40,000 trials for vanilla Tor over 4 weeks, various times of day – 20,000 trials for Tunable Tor over 6 weeks, various times of day

  • Selection level chosen uniformly at random
  • Evaluate performance

– Transfer time statistics

  • Evaluate anonymity

– Router selection equality – Effects of router compromise

slide-16
SLIDE 16

Whole System Evaluation (Performance)

At the 80th percentile, Tunable Tor set to maximum anonymity

  • utperforms Vanilla Tor

At the 60th percentile, Tunable Tor set to selection level 5

  • utperforms Vanilla Tor
slide-17
SLIDE 17

Whole System Evaluation (Performance)

slide-18
SLIDE 18

Whole System Evaluation (Performance)

slide-19
SLIDE 19

Whole System Evaluation (Anonymity)

slide-20
SLIDE 20

Whole System Evaluation (Anonymity)

slide-21
SLIDE 21

Conclusions

  • Tunable Tor provides:

– Significantly more security

  • No reliance on self-reported information
  • Multiple, randomly selected, opportunistic router

evaluations prevent targeted attacks

– Tunability

  • 3x throughput improvement for the same anonymity
  • Dramatically more anonymity for the same performance

– Much shorter “long tail” – But...

slide-22
SLIDE 22

Current Work: Whole Network Simulation

  • What happens when all nodes in the network are using

these algorithms?

  • Plan

– Simulate 1000 nodes, 10,000 flows – Choose routes according to

  • Current Tor algorithm
  • All users using new algorithm

– Everybody at a single selection level (for all levels) – Plausible mixes (20% level 0, 30% level 15, 5% each for the rest)

  • Transitional phase (some old, some new)
slide-23
SLIDE 23

Current Work: Bandwidth Estimation Testing

  • Can peer bandwidth measurements from low-

bandwidth hosts be used?

  • Plan:

– Patch to monitor peer bandwidth periodically being

distributed

– Compare

  • Measured bandwidth
  • Measured bandwidth ranking

from hosts with different available bandwidth