Overview
Explore a comprehensive analysis of Tor's network performance issues and a novel solution in this 23-minute conference talk from USENIX Security '14. Dive into the causes of congestion in Tor, focusing on egress kernel socket buffers and Tor's socket interaction problems. Learn about KIST (Kernel-Informed Socket Transport), a new socket management algorithm that utilizes real-time kernel information to dynamically manage socket writes and circuit scheduling. Discover how KIST significantly reduces circuit congestion, improves network latency, and increases throughput. Examine the security implications of KIST, including its impact on latency and throughput attacks. Gain insights into techniques for analyzing and enhancing overlay and application performance, applicable to both security applications and general network optimization.
Syllabus
Intro
Anonymous Communication: Tor
Relay Overview
Relay Internals
Analyzing Causes of Congestion
Problem 1: Circuit Scheduling
Problem 2: Flushing to Sockets
Ask the kernel, stupid! . Utilize getsockopt and ioctl syscalls
KIST Increases Tor Congestion
KIST Reduces Circuit Congestion
KIST Improves Network Latency
Traffic Correlation: Latency
Latency Attack
Traffic Correlation: Throughput
Throughput Attack Results
Conclusion . Where is Tor slow?
Taught by
USENIX