tor performance problems and how to solve them
play

Tor performance problems ...and how to solve them Roger Dingledine - PowerPoint PPT Presentation

Jun 10, 2023 •351 likes •856 views

Tor performance problems ...and how to solve them Roger Dingledine The Tor Project https://www.torproject.org/ 1 Tor: Big Picture Freely available (Open Source), unencumbered. Comes with a spec and full documentation: Dresden and

  1. Tor performance problems ...and how to solve them Roger Dingledine The Tor Project https://www.torproject.org/ 1

  2. Tor: Big Picture ● Freely available (Open Source), unencumbered. ● Comes with a spec and full documentation: Dresden and Aachen implemented compatible Java Tor clients; researchers use it to study anonymity. ● 1500 active relays, 200000+ active users, >1Gbit/s. ● Official US 501(c)(3) nonprofit. Eight+ funded developers, dozens more dedicated volunteers. ● Funding from US DoD, Electronic Frontier Foundation, Voice of America, Human Rights Watch, Google, NLnet, ...you? 2

  3. Anonymity serves different interests for different user groups. Anonymity Private citizens “It's privacy!” 3

  4. Anonymity serves different interests for different user groups. Businesses Anonymity “It's network security!” Private citizens “It's privacy!” 4

  5. Anonymity serves different interests for different user groups. “It's traffic-analysis resistance!” Businesses Governments Anonymity “It's network security!” Private citizens “It's privacy!” 5

  6. Anonymity serves different interests for different user groups. “It's reachability! Blocked users “It's traffic-analysis resistance!” Businesses Governments Anonymity “It's network security!” Private citizens “It's privacy!” 6

  7. The simplest designs use a single relay to hide connections. Bob1 Alice1 E(Bob3,“X”) “Y” Relay Alice2 “Z” Bob2 E(Bob1, “Y”) ) “X” ” Z “ , 2 b o B ( E Bob3 Alice3 (example: some commercial proxy providers) 7

  8. But a single relay (or eavesdropper!) is a single point of failure. Bob1 Alice1 E(Bob3,“X”) “Y” Evil Alice2 Relay “Z” Bob2 E(Bob1, “Y”) ) “X” ” Z “ , 2 b o B ( E Bob3 Alice3 8

  9. So, add multiple relays so that no single one can betray Alice. Bob Alice R1 R3 R5 R4 R2 9

  10. A corrupt first hop can tell that Alice is talking, but not to whom. Bob Alice R1 R3 R5 R4 R2 10

  11. A corrupt final hop can tell that somebody is talking to Bob, but not who. Bob Alice R1 R3 R5 R4 R2 11

  12. Alice makes a session key with R1 ...And then tunnels to R2...and to R3 Bob Alice R1 R3 Bob2 R5 R4 R2 12

  13. 13

  14. 14

  15. Six performance problems ● Tor's congestion/flow control is not good ● Some users bulk-transfer over Tor ● Not enough capacity (run a relay!) ● Load balancing isn't right ● Not just high latency, but high variability ● High directory downloading overhead 15

  16. Six performance problems ● Tor's congestion/flow control is not good ● Some users bulk-transfer over Tor ● Not enough capacity (run a relay!) ● Load balancing isn't right ● Not just high latency, but high variability ● High directory downloading overhead 16

  17. TCP backoff slows down every circuit at once (1) ● Tor multiplexes many circuits over a given TCP connection ● The only trick TCP has to slow one down is to slow them all down ● Especially bad on asymmetric bandwidth links (cablemodem, DSL, ...) 17

  18. TCP backoff slows down every circuit at once (2) ● The solution: switch to a datagram protocol (e.g. UDP) and layer end-to-end flow control on top of it. ● Needs a secure maintained free-software portable user-space TCP stack? Yuck. ● Maybe other datagram protocols have better congestion control. Delay-based backoff rather than drop-based? 18

  19. Circuit window sizes too big? ● Tor does flow control with end-to-end “circ window” plus “sendme” ack cells ● Fixed-size window of 1000 cells (512KB) ● Cutting the window size to 100 reduces buffer sizes (and queues), but increases roundtrips 19

  20. Six performance problems ● Tor's congestion/flow control is not good ● Some users bulk-transfer over Tor ● Not enough capacity (run a relay!) ● Load balancing isn't right ● Not just high latency, but high variability ● High directory downloading overhead 20

  21. Lessons from economics ● Increase in supply (network capacity) means increase in demand (users) ● We used to think there would be an equilibrium ● But file-sharing users have a different tolerance for latency than web browsing users 21

  22. Squeeze over-active circuits (1) ● Right now we round-robin among all “active” circuits when choosing next cell ● Most relays rate-limit: they'll only deliver a certain number of cells per second ● So circuits that are always active end up sending more cells. 22

  23. 23

  24. 24

  25. Squeeze over-active circuits (2) ● So we should pick from the really loud circuits less often. ● But using what algorithm? ● And how do we know whether we'll actually make it better? 25

  26. Throttle bandwidth in client ● Not really a stable solution, since users could “fix” their client ● But can't do it at the relay, since the relays would need to coordinate what they see ● Throttling bandwidth at the client can actually make you more secure, too! Cf. the paper that Columbia is working on 26

  27. Six performance problems ● Tor's congestion/flow control is not good ● Some users bulk-transfer over Tor ● Not enough capacity (run a relay!) ● Load balancing isn't right ● Not just high latency, but high variability ● High directory downloading overhead 27

  28. Why is capacity only #3? ● If congestion control continues to be poor, getting more relays won't solve that ● Won't bulk-transfer users expand to fill our new capacity? ● Remember our economic argument 28

  29. 29

  30. 30

  31. 31

  32. Relay advocacy ● Jake and I keep doing talks and trainings all over the world ● Need better support for relay operators – Mailing list just for them? – “Tor weather” cgi to mail them when their relay goes down 32

  33. 33

  34. Incentive mechanisms ● Gold-star reputation design: be a relay, get rewarded with better performance. ● Micropayment approaches ● But: intersection attacks on lists of running relays 34

  35. Everybody-a-relay ● Need to support fast Tor windows relays (Nick has spent the past months hacking libevent / openssl) ● Automatically configure rate limiting? ● Need a directory design that scales ● Anonymity risks from letting the attacker relay traffic through you 35

  36. Six performance problems ● Tor's congestion/flow control is not good ● Some users bulk-transfer over Tor ● Not enough capacity (run a relay!) ● Load balancing isn't right ● Not just high latency, but high variability ● High directory downloading overhead 36

  37. 37

  38. Torflow: better bandwidth weights via measuring ● Bandwidth self-measuring not so good ● And we had to cap it at 10MB/s to resist cheaters ● Now we actively measure, and put the results in the consensus for clients ● Still a tradeoff between optimal network use vs anonymity 38

  39. Old entry guards are overloaded ● The longer you're an entry guard, the more clients you accumulate ● Now clients expire each guard after a month ● (This issue also means that brand new entry guards have no users, so aren't used efficiently) 39

  40. What about one-hop paths? ● It used to be a bad idea because it would screw up load balancing. Not so bad now. ● They're clearly way worse for anonymity. ● If exits are scarce, would it actually help? ● The main stumbling block is exit relay exposure: they'd become juicy targets, since no more guaranteed distributed trust 40

  41. Six performance problems ● Tor's congestion/flow control is not good ● Some users bulk-transfer over Tor ● Not enough capacity (run a relay!) ● Load balancing isn't right ● Not just high latency, but high variability ● High directory downloading overhead 41

  42. Per-second rate limiting ● Tor uses a token bucket for its rate limiting. It refills the bucket each second. ● Now that relays are overloaded, that means a burst of traffic at the beginning of each second, and then silence. 42

  43. 43

  44. Adaptive circuit build timeouts ● Some circuits finish building in a few seconds. Some take 15-20 seconds. ● Circuits that build slowly also have bad performance. We should discard them. ● We can't just lower the timeouts: folks in Zimbabwe would never finish a circuit ● Need to measure build times at the client and dynamically adapt the timeouts 44

  45. Same thing for stream timeouts? ● Right now our stream timeouts are hard- coded at 10sec for the first two attempts, 15sec for later attempts. ● This is way too low for people on modems in Iran. ● So even if the user is really patient, their Tor client isn't. 45

  46. Six performance problems ● Tor's congestion/flow control is not good ● Some users bulk-transfer over Tor ● Not enough capacity (run a relay!) ● Load balancing isn't right ● Not just high latency, but high variability ● High directory downloading overhead 46

  47. Clients need to learn about available relays ● The quicker the client learns, the more use we get from short-term relays ● Clients need to share the same view of the network to prevent partitioning attacks ● We want it to scale to many thousands of relays 47

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Together we can solve problems that are too big for any one organization to solve alone Eastern

Together we can solve problems that are too big for any one organization to solve alone Eastern

Together we can solve problems that are too big for any one organization to solve alone Eastern Mojave LCD Coordinating Team Desert LCC Team: Genevieve Johnson Bureau of Reclamation Matt Grabau US Fish and Wildlife Service

416 views • 19 slides
Using AI to solve performance problems Salesforce Performance Engineering Jasmin Nakic | Jackie

Using AI to solve performance problems Salesforce Performance Engineering Jasmin Nakic | Jackie

Using AI to solve performance problems Salesforce Performance Engineering Jasmin Nakic | Jackie Chu June, 2018 Salesforce Performance Engineering Jasmin Nakic Jackie Chu Lead Performance Engineer Lead Performance Engineer Forward-Looking

807 views • 37 slides
Performance Evaluation of Bat Algorithm to Solve Deterministic and Stochastic Optimization

Performance Evaluation of Bat Algorithm to Solve Deterministic and Stochastic Optimization

Introduction Implementation Details Results and Discussion Performance Evaluation of Bat Algorithm to Solve Deterministic and Stochastic Optimization Problems Ratnaji Vanga, Manu K. Gupta and J. Venkateswaran Industrial Engineering and

578 views • 21 slides
Can we solve it efficiently? We have seen that there is a distinction between problems that

Can we solve it efficiently? We have seen that there is a distinction between problems that

Can we solve it efficiently? We have seen that there is a distinction between problems that can be solved by a computer CS 3813: Introduction to Formal algorithm and those that cannot Languages and Automata Among the class of problems

245 views • 3 slides
!! Problems to solve ! ! ! ! There is no one size that fi ts all BFT protocol ! !

!! Problems to solve ! ! ! ! There is no one size that fi ts all BFT protocol ! !

The next 700 BFT protocols Guerraoui, Rachid, Nikola Kne evi , Vivien Quma, and Marko Vukoli ! In Proceedings of the 5th European conference on Computer systems, pp. 363-376. ACM, 2010 !! Problems to solve ! ! ! ! There is no

330 views • 4 slides
Trapdoor Problems Basing the solution on the complexity of problems, which are easy to solve for

Trapdoor Problems Basing the solution on the complexity of problems, which are easy to solve for

Trapdoor Problems Basing the solution on the complexity of problems, which are easy to solve for the legal users, but are very difficult to the eavesdroppers. Public Key Cryptography 1 Such problems are called trapdoor problems .

345 views • 3 slides
Trapdoor Problems Basing the solution on the complexity of problems, which are easy to solve for

Trapdoor Problems Basing the solution on the complexity of problems, which are easy to solve for

Trapdoor Problems Basing the solution on the complexity of problems, which are easy to solve for the legal users, but are very difficult to the eavesdroppers. Public Key Cryptography 1 Such problems are called trapdoor problems . They allow to

379 views • 5 slides
Hard Problems Some problems are hard to solve. No polynomial time algorithm is known.

Hard Problems Some problems are hard to solve. No polynomial time algorithm is known.

Hard Problems Some problems are hard to solve. No polynomial time algorithm is known. E.g., NP-hard problems such as machine scheduling, bin packing, 0/1 knapsack. Is this necessarily bad? Data encryption relies on difficult

721 views • 15 slides
Using Python to Solve Computationally Hard Problems Using Python to Solve Computationally Hard

Using Python to Solve Computationally Hard Problems Using Python to Solve Computationally Hard

Using Python to Solve Computationally Hard Problems Using Python to Solve Computationally Hard Problems Rachael Madsen Optimal Design Software LLC BS in Mathematics Software Engineer & Architect Python programmer

872 views • 46 slides
BIOE 301 Four Questions What are the problems in healthcare today? Who pays to solve

BIOE 301 Four Questions What are the problems in healthcare today? Who pays to solve

Lecture Seven BIOE 301 Four Questions What are the problems in healthcare today? Who pays to solve problems in healthcare? How can we use science and technology to solve healthcare problems? Once developed, how do new healthcare

538 views • 40 slides
BIOE 301 Who pays to solve problems in healthcare? How can we use science and technology to

BIOE 301 Who pays to solve problems in healthcare? How can we use science and technology to

Four Questions What are the problems in healthcare today? BIOE 301 Who pays to solve problems in healthcare? How can we use science and technology to Lecture Seven solve healthcare problems? Once developed, how do new healthcare

367 views • 7 slides
Mood. Aim 7.4: How do we solve Regents style rational equation problems? HW: DeltaMath DoNow

Mood. Aim 7.4: How do we solve Regents style rational equation problems? HW: DeltaMath DoNow

AIM (7.4) : How do we solve Regents style rational equation problems? Alert! Take two minutes to get your Notebooks, Calculators, & Student Orgzniers before we begin today's lesson. Alert! Mood. Aim 7.4: How do we solve Regents style

304 views • 17 slides
Experiences using Grid Computing Technologies to Solve Optimization Problems Departamento de

Experiences using Grid Computing Technologies to Solve Optimization Problems Departamento de

The 2007 High Performance Computing & Simulation (HPCS'07) Conference PANEL Parallel Processing Systems: Present and Future Trends Prague, Czech Republic, June 4-6, 2007 Experiences using Grid Computing Technologies to Solve

707 views • 12 slides
Direct Encodings of NP- Complete Problems into Horn Sequents of Multiplicative Linear Logic

Direct Encodings of NP- Complete Problems into Horn Sequents of Multiplicative Linear Logic

Direct Encodings of NP- Complete Problems into Horn Sequents of Multiplicative Linear Logic AIST Satoshi Matsuoka Motivation To solve NP-complete problems Success of SAT solvers to solve NP- complete problems at a practical level

428 views • 25 slides
Learning to Automatically Solve Algebra Word Problems Nate Kushman Yoav Artzi, Luke Zettlemoyer,

Learning to Automatically Solve Algebra Word Problems Nate Kushman Yoav Artzi, Luke Zettlemoyer,

Learning to Automatically Solve Algebra Word Problems Nate Kushman Yoav Artzi, Luke Zettlemoyer, Regina Barzilay 1 Task Automatically Solve Algebra Word Problems An amusement park sells 2 kinds of tickets. Tickets for children cost $1.50.

791 views • 41 slides
Welcome! We cannot solve our problems with the same thinking we used when we created them. ~

Welcome! We cannot solve our problems with the same thinking we used when we created them. ~

4/1/2016 2016 Program Evaluator Candidate Face-to-Face Training Spring, 2016 Welcome! We cannot solve our problems with the same thinking we used when we created them. ~ Albert Einstein Facilitator Introductions List of

1.15k views • 75 slides
BitML Stefano Lande Nicola Atzei Roberto Zunino Massimo Bartoletti University of Cagliari

BitML Stefano Lande Nicola Atzei Roberto Zunino Massimo Bartoletti University of Cagliari

Design and verification of Bitcoin smart contracts with BitML Stefano Lande Nicola Atzei Roberto Zunino Massimo Bartoletti University of Cagliari University of Trento Why smart contracts on Bitcoin? well-understood security of the

626 views • 34 slides
no m ore m i tm on th e w eb! USE CERTI FI CATE PATROL add-on for fi refox about:

no m ore m i tm on th e w eb! USE CERTI FI CATE PATROL add-on for fi refox about:

past w ork no m ore m i tm on th e w eb! USE CERTI FI CATE PATROL add-on for fi refox about: SECRECY OF CORRESPONDENCE + freedom of Assem bly for Humankind by default m atters w h y th e soci al graph about:

711 views • 32 slides
What Should We Learn From Nakamoto's Blockchain? Roger Wattenhofer ETH Zurich Distributed

What Should We Learn From Nakamoto's Blockchain? Roger Wattenhofer ETH Zurich Distributed

What Should We Learn From Nakamoto's Blockchain? Roger Wattenhofer ETH Zurich Distributed Computing Group Not Me! Blockchain: The Biggest Story in Distributed Systems Since the Internet?!? Cryptocurrencies Blockchain So What

1.3k views • 87 slides
Cryptocurrencies bitcoin, blockchain & beyond Roger Wattenhofer ETH Zurich Distributed

Cryptocurrencies bitcoin, blockchain & beyond Roger Wattenhofer ETH Zurich Distributed

Cryptocurrencies bitcoin, blockchain & beyond Roger Wattenhofer ETH Zurich Distributed Computing Group Cryptocurrencies What is Bitcoin? = + + Technology The Bank of Bitcoin The Bank of Bitcoin User Balance A 2 B 5 C 8

1.25k views • 104 slides
A Theory of Pricing Private Data Dan Suciu U. of Washington Joint work with: Chao Li,

A Theory of Pricing Private Data Dan Suciu U. of Washington Joint work with: Chao Li,

A Theory of Pricing Private Data Dan Suciu U. of Washington Joint work with: Chao Li, Daniel Yang Li, Gerome Miklau DIMACS - 10/2012 1 Motivation Private data has value A unique user: $4 at FB, $24 at Google [JPMorgan]

350 views • 24 slides
3-509

3-509

3-509 liuzhen@sjtu.edu.cn 1 Introduction to Bitcoin SSL and IPSec 2 2. Transaction in Bitcoin A Transaction 2. Transaction in Bitcoin A

727 views • 25 slides
Security and digital rights management Kati Tuomainen khtuomai@cc.hut.fi Agenda

Security and digital rights management Kati Tuomainen khtuomai@cc.hut.fi Agenda

Security and digital rights management Kati Tuomainen khtuomai@cc.hut.fi Agenda Introduction Content based media security What is DRM? How do DRM systems work? DRM models Mobile DRM Concluding remarks Introduction

1.39k views • 13 slides
Chained and Delegable Authorization Tokens G. Navarro J. Garca J. A. Ortega-Ruiz Dept. of

Chained and Delegable Authorization Tokens G. Navarro J. Garca J. A. Ortega-Ruiz Dept. of

Chained and Delegable Authorization Tokens G. Navarro J. Garca J. A. Ortega-Ruiz Dept. of Computer Science Universitat Autnoma de Barcelona NordSec 2004 G. Navarro et al. (UAB) CADAT NordSec 2004 1 / 15 Outline Introduction 1

488 views • 38 slides

More recommend