Security analysis of Tor over QUIC

Hogan, Kyle(Kyle L.)

Author(s)

Hogan, Kyle(Kyle L.)

Download1220836856-MIT.pdf (9.714Mb)

Other Contributors

Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science.

Advisor

Srinivas Devadas.

Terms of use

MIT theses may be protected by copyright. Please reuse MIT thesis content according to the MIT Libraries Permissions Policy, which is available through the URL provided. http://dspace.mit.edu/handle/1721.1/7582

Metadata

Show full item record

Abstract

The performance and security of anonymous communication protocols are closely tied to their effective utilization of lower layer network primitives. Tor, the most widely deployed framework for anonymous communication over the internet, suffers from high latency and bandwidth overheads due to poor congestion control and interference between clients. Additionally, Tor's use of TCP for network transport has resulted in traffic features that are correlated to the underlying data being transmitted. This correlation can be exploited by network adversaries to compromise the anonymity of Tor users. Solutions to both the security and performance issues experienced by Tor require network layer support that is not provided by TCP. Recent proposals have turned to a new network protocol, QUIC, as an alternative. QUIC provides native support for logical multiplexing of unrelated data as well as the fairness and flow control required for Tor to carry data from multiple clients efficiently. Previous proposals have utilized QUIC to, separately, provide logical multiplexing for data from independent clients and support end-to-end congestion control. This work combines these efforts to incorporate backpropagation of congestion control information into a design that supports logical multiplexing for client data. It additionally discusses how QUIC can be used to solve Tor's inefficient, unfair resource allocation caused by ineffective queuing at Tor relays. The combination of multiplexing, congestion control, and effective scheduling provided by this proposal to run Tor over QUIC addresses all of Tor's major performance concerns in a cohesive design without introducing additional complexity into the Tor protocol itself. All design decisions are motivated by a security analysis, lacking in prior proposals, that ensures none of the performance enhancing features come at the cost of user anonymity.

Description

Thesis: S.M., Massachusetts Institute of Technology, Department of Electrical Engineering and Computer Science, February, 2020

Cataloged from PDF version of thesis.

Includes bibliographical references (pages 99-107).

Date issued

2020

URI

https://hdl.handle.net/1721.1/128590

Department

Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science

MIT Libraries homeDSpace@MIT