ABSTRACT
Tor is a peer-to-peer overlay routing network that achieves unlinkable communication between source and destination.Unlike traditional mix-nets, Tor seeks to balance anonymity and performance, particularly with respect to providing low-latency communication. As a result, understanding the latencies between peers in the Tor network could be an extremely powerful tool in understanding and improving Tor's performance and anonymity properties. Unfortunately, there are no practical techniques for inferring accurate latencies between two arbitrary hosts on the Internet, and Tor clients are not instrumented to collect and report on these measurements. In this paper, we present Ting, a technique for measuring latencies between arbitrary Tor nodes from a single vantage point. Through a ground-truth validation, we show that Ting is accurate, even with few samples, and does not require modifications to existing clients. We also apply Ting to the live Tor network, and show that its measurements are stable over time. We demonstrate that the all-pairs latency datasets that Ting permits can be applied in disparate ways, including faster methods of deanonymizing Tor circuits and efficiently finding long circuits with low end-to-end latency.
- S. Agarwal and J. R. Lorch. Matchmaking for online games and other latency-sensitive P2P systems. In ACM SIGCOMM, 2009. Google ScholarDigital Library
- M. Akhoondi, C. Yu, and H. V. Madhyastha. LASTor: A low-latency AS-aware Tor client. In IEEE Symposium on Security and Privacy, 2013. Google ScholarDigital Library
- E. Androulaki, M. Raykova, S. Srivatsan, A. Stavrou, and S. M. Bellovin. PAR: Payment for anonymous routing. In Symposium on Privacy Enhancing Technologies (PETS), 2008. Google ScholarDigital Library
- D. Chaum. Untraceable electronic mail, return addresses, and digital pseudonyms. Communications of the ACM, 24(2):84--88, Nov. 1981. Google ScholarDigital Library
- Y. Chen, R. Sion, and B. Carbunar. XPay: Practical anonymous payments for Tor routing and other networked services. In Workshop on Privacy in the Electronic Society (WPES), 2009. Google ScholarDigital Library
- R. Cox, F. Dabek, F. Kaashoek, J. Li, and R. Morris. Practical, distributed network coordinates. In Workshop on Hot Topics in Networks (HotNets), 2003.Google Scholar
- R. Dingledine, N. Mathewson, and P. Syverson. Tor: The second-generation onion router. In USENIX Security Symposium, 2004. Google ScholarDigital Library
- R. Dingledine and S. J. Murdoch. Performance improvements on Tor or, why Tor is slow and what we're going to do about it. Online: https://www.torproject.org/press/presskit/2009-03--11-performance.pdf, 2009.Google Scholar
- N. S. Evans, R. Dingledine, and C. Grothoff. A practical congestion attack on Tor using long paths. In USENIX Security Symposium, 2009. Google ScholarDigital Library
- Y. Gilad and A. Herzberg. Spying in the dark: TCP and Tor traffic analysis. In Privacy Enhancing Technologies, pages 100--119. Springer, 2012. Google ScholarDigital Library
- K. P. Gummadi, S. Saroiu, and S. D. Gribble. King: Estimating latency between arbitrary Internet end hosts. In ACM Internet Measurement Workshop (IMW), 2002. Google ScholarDigital Library
- N. Hopper, E. Y. Vasserman, and E. Chan-Tin. How much anonymity does network latency leak? ACM Transactions on Information and System Security (TISSEC), 13(2):13, 2010. Google ScholarDigital Library
- R. Jansen, J. Geddes, C. Wacek, M. Sherr, and P. Syverson. Never been KIST: Tor's congestion management blossoms with kernel-informed socket transport. In USENIX Security Symposium, 2014. Google ScholarDigital Library
- A. Johnson, C. Wacek, R. Jansen, M. Sherr, and P. Syverson. Users get routed: Traffic correlation on Tor by realistic adversaries. 2013.Google Scholar
- C. Lumezanu, R. Baden, D. Levin, N. Spring, and B. Bhattacharjee. Symbiotic relationships in Internet routing overlays. In Symposium on Networked Systems Design and Implementation (NSDI), 2009. Google ScholarDigital Library
- S. J. Murdoch and G. Danezis. Low-cost traffic analysis of Tor. In USENIX Security Symposium, 2005. Google ScholarDigital Library
- Neustar IP Geolocation.hrefhttps://www.neustar.biz/services/ip-intelligence https://www.neustar.biz/services/ip-intelligence.Google Scholar
- T. E. Ng and H. Zhang. Towards global network positioning. In ACM Internet Measurement Workshop (IMW), 2001. Google ScholarDigital Library
- T.-W. Ngan, R. Dingledine, and D. S. Wallach. Building incentives into Tor. In Financial Cryptography (FC), 2010.Google ScholarCross Ref
- A. Panchenko and J. Renner. Path selection metrics for performance-improved onion routing. In Symposium on Applications and the Internet (SAINT), 2009. Google ScholarDigital Library
- L. Peterson, T. Anderson, D. Culler, and T. Roscoe. A blueprint for introducing disruptive technology into the Internet. In Workshop on Hot Topics in Networks (HotNets), 2002.Google Scholar
- M. K. Reiter and A. D. Rubin. Crowds: Anonymity for web transactions. ACM TISSEC, 1(1):66--92, Nov. 1998. Google ScholarDigital Library
- Reporters Without Borders. Enemies of the Internet 2013 Report. https://surveillance.rsf.org/en/wp-content/uploads/sites/2/2013/03/enemies-of-the-internet_2013.pdf, Mar. 2013.Google Scholar
- RIPE NCC. RIPE Atlas. https://atlas.ripe.net.Google Scholar
- SamKnows. https://www.samknows.com.Google Scholar
- S. Savage, A. Collins, E. Hoffman, J. Snell, and T. Anderson. The end-to-end effects of Internet path selection. In ACM SIGCOMM, 1999. Google ScholarDigital Library
- A. Schulman and N. Spring. Pingin' in the rain. In ACM Internet Measurement Conference (IMC), 2011. Google ScholarDigital Library
- M. Sherr, M. Blaze, and B. T. Loo. Scalable link-based relay selection for anonymous routing. In Privacy Enhancing Technologies Symposium (PETS), 2009. Google ScholarDigital Library
- R. Sherwood, B. Bhattacharjee, and A. Srinivasan. P5: A protocol for scalable anonymous communication. Journal of Computer Security, 13(6):839--876, 2005. Google ScholarCross Ref
- Stem Controller Library. https://stem.torproject.org.Google Scholar
- S. Sundaresan, S. Burnett, N. Feamster, and W. De Donato. BISmark: A testbed for deploying measurements and applications in broadband access networks. In USENIX Annual Technical Conference, 2014. Google ScholarDigital Library
- Tor Metrics. https://metrics.torproject.org.Google Scholar
- B. Wong, I. Stoyanov, and E. G. Sirer. Octant: A comprehensive framework for the geolocalization of Internet hosts. In Symposium on Networked Systems Design and Implementation (NSDI), 2007. Google ScholarDigital Library
Index Terms
- Ting: Measuring and Exploiting Latencies Between All Tor Nodes
Recommendations
Safely Measuring Tor
CCS '16: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications SecurityTor is a popular network for anonymous communication. The usage and operation of Tor is not well-understood, however, because its privacy goals make common measurement approaches ineffective or risky. We present PrivCount, a system for measuring the Tor ...
Shedding Light on the Dark Corners of the Internet: A Survey of Tor Research
AbstractAnonymity services have seen high growth rates with increased usage in the past few years. Among various services, Tor is one of the most popular peer-to-peer anonymizing service. In this survey paper, we summarize, analyze, classify ...
Critical traffic analysis on the tor network
ARES '20: Proceedings of the 15th International Conference on Availability, Reliability and SecurityTor is a widely-used anonymity network with more than two million daily users. A special feature of Tor is the hidden service architecture. Hidden services are a popular method for anonymous communication or sharing web contents anonymously. A specialty ...
Comments