Security analysis of Tor over QUIC
Author(s)
Hogan, Kyle(Kyle L.)
Download1220836856-MIT.pdf (9.714Mb)
Other Contributors
Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science.
Advisor
Srinivas Devadas.
Terms of use
Metadata
Show full item recordAbstract
The performance and security of anonymous communication protocols are closely tied to their effective utilization of lower layer network primitives. Tor, the most widely deployed framework for anonymous communication over the internet, suffers from high latency and bandwidth overheads due to poor congestion control and interference between clients. Additionally, Tor's use of TCP for network transport has resulted in traffic features that are correlated to the underlying data being transmitted. This correlation can be exploited by network adversaries to compromise the anonymity of Tor users. Solutions to both the security and performance issues experienced by Tor require network layer support that is not provided by TCP. Recent proposals have turned to a new network protocol, QUIC, as an alternative. QUIC provides native support for logical multiplexing of unrelated data as well as the fairness and flow control required for Tor to carry data from multiple clients efficiently. Previous proposals have utilized QUIC to, separately, provide logical multiplexing for data from independent clients and support end-to-end congestion control. This work combines these efforts to incorporate backpropagation of congestion control information into a design that supports logical multiplexing for client data. It additionally discusses how QUIC can be used to solve Tor's inefficient, unfair resource allocation caused by ineffective queuing at Tor relays. The combination of multiplexing, congestion control, and effective scheduling provided by this proposal to run Tor over QUIC addresses all of Tor's major performance concerns in a cohesive design without introducing additional complexity into the Tor protocol itself. All design decisions are motivated by a security analysis, lacking in prior proposals, that ensures none of the performance enhancing features come at the cost of user anonymity.
Description
Thesis: S.M., Massachusetts Institute of Technology, Department of Electrical Engineering and Computer Science, February, 2020 Cataloged from PDF version of thesis. Includes bibliographical references (pages 99-107).
Date issued
2020Department
Massachusetts Institute of Technology. Department of Electrical Engineering and Computer SciencePublisher
Massachusetts Institute of Technology
Keywords
Electrical Engineering and Computer Science.