First, we show that Tor is vulnerable to attacks launched by resource-constrained adversaries who inflate their perceived bandwidth capacities to attract traffic. We develop a novel low-cost traffic analysis technique that utilizes only limited information from circuit establishment messages to link senders and receivers, thereby compromising the system's anonymity. We highlight partial solutions to this attack, but argue that Tor still remains vulnerable today.

Next, we present the findings of a measurement study aimed at better understanding how Tor is used (and mis-used) and who uses Tor. We find that interactive web traffic comprises the majority of Tor's traffic by number of TCP connections and aggregate volume, but non-interactive peer-to-peer file sharing traffic consumes a disproportionate and unfair amount of the network's scarce bandwidth. We also present evidence that Tor is used throughout the world, yet volunteer routers are generally hosted in only a few countries.

Lastly, we highlight our efforts to understand the sources of Tor's slow performance. To facilitate large-scale experimentation with Tor, we developed a network emulation-based testbed that replicates the salient features of the live Tor network such as Tor's overlay topology and the clients' traffic characteristics in isolation. Using this testbed, we observe that Tor's end-to-end flow control mechanism allows significant congestion which degrades the network's performance, particularly for delay-sensitive interactive web users. To control this congestion and offer a better quality of service to interactive users, we design and evaluate improved congestion control and flow control algorithms inspired by techniques from ATM networks.

Host: Mike Fisk