CSDL Home IEEE Transactions on Dependable and Secure Computing 2011 vol.8 Issue No.05 - September/October
Issue No.05 - September/October (2011 vol.8)
Robin Snader , University of Illinois at Urbana-Champaign, Urbana
Nikita Borisov , University of Illinois at Urbana-Chamapign, Urbana
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/TDSC.2010.40
The Tor anonymous communication network uses self-reported bandwidth values to select routers for building tunnels. Since tunnels are allocated in proportion to this bandwidth, this allows a malicious router operator to attract tunnels for compromise. Although Tor limits the self-reported bandwidth, it uses a high maximum value, effectively choosing performance over high anonymity for all users. We propose a router selection algorithm that allows users to control the trade-off between performance and anonymity. We also propose an opportunistic bandwidth measurement algorithm to replace self-reported values that is more sensitive to load and more responsive to changing network conditions. Our mechanism effectively blends the traffic from users of different preferences, making partitioning attacks difficult. We implemented the opportunistic measurement and tunable performance extensions and examined their performance both through simulation and in the real Tor network. Our results show that users can get dramatic increases in either performance or anonymity with little to no sacrifice in the other metric, or a more modest improvement in both. Our mechanisms are also invulnerable to the previously published low-resource attacks on Tor.
Anonymous communication, bandwidth estimation, path selection.
Robin Snader, Nikita Borisov, "Improving Security and Performance in the Tor Network through Tunable Path Selection", IEEE Transactions on Dependable and Secure Computing, vol.8, no. 5, pp. 728-741, September/October 2011, doi:10.1109/TDSC.2010.40