Privacy and Performance Trade-offs in Anonymous Communication Networks

Geddes, John
2017-02

View/Download File

Geddes_umn_0130E_17632.pdf (3.82 MB)

Persistent link to this item

http://hdl.handle.net/11299/185611
Statistics
View Statistics

Journal Title

Journal ISSN

Volume Title

Title

Privacy and Performance Trade-offs in Anonymous Communication Networks

Authors

Published Date

2017-02

Publisher

Type

Thesis or Dissertation

Abstract

Anonymous communication systems attempt to prevent adversarial eavesdroppers from learning the identities of any two parties communicating with each other. In order to protect from global adversaries, such as nation states and large internet service providers, systems need to induce large amounts of latency in order to sufficiently protect users identities. Other systems sacrifice protection against global adversaries in order to provide low latency service to their clients. This makes the system usable for latency sensitive applications like web browsing. In turn, more users participate in the low latency system, increasing the anonymity set for everybody. These trade-offs on performance and anonymity provided are inherent in anonymous communication systems. In this dissertation we examine these types of trade-offs in Tor, the most popular low latency anonymous communication system in use today. First we look at how user anonymity is affected by mechanisms built into Tor for the purpose of increasing client performance. To this end we introduce an induced throttling attack against flow control and traffic admission control algorithms which allow an adversarial relay to reduce the anonymity set of a client using the adversary as an exit. Second we examine how connections are managed for inter-relay communication and look at some recent proposals for more efficient relay communication. We show how some of these can be abused to anonymously launch a low resource denial of service attack against target relays. With this we then explore two potential solutions which provide more efficient relay communication along with preventing certain denial of service attacks. Finally, we introduce a circuit selection algorithm that can be used by a centralized authority to dramatically increase network utilization. This algorithm is then adapted to work in a decentralized manner allowing clients to make smarter decisions locally, increasing performance while having a small impact on client anonymity.

Keywords

Description

University of Minnesota Ph.D. dissertation. February 2017. Major: Computer Science. Advisor: Nicholas Hopper. 1 computer file (PDF); ix, 133 pages.

Related to

Replaces

License

Collections

Dissertations

Series/Report Number

Funding information

Isbn identifier

Doi identifier

Previously Published Citation

Suggested citation

Content distributed via the University Digital Conservancy may be subject to additional license and use restrictions applied by the depositor. By using these files, users agree to the Terms of Use. Materials in the UDC may contain content that is disturbing and/or harmful. For more information, please see our statement on harmful content in digital repositories.