Waterfilling: Balancing the Tor network with maximum diversity

Authors: Florentin Rochet (Université catholique de Louvain - ICTEAM - Crypto Group), Olivier Pereira (Université catholique de Louvain - ICTEAM - Crypto Group)

Volume: 2017
Issue: 2
Pages: 4–22
DOI: https://doi.org/10.1515/popets-2017-0013

Download PDF

Abstract: We present the Waterfilling circuit selection method, which we designed in order to mitigate the risks of a successful end-to-end traffic correlation attack. Waterfilling proceeds by balancing the Tor network load as evenly as possible on endpoints of user paths. We simulate the use of Waterfilling thanks to the TorPS and Shadow tools. Applying several security metrics, we show that the adoption of Waterfilling considerably increases the number of nodes that an adversary needs to control in order to be able to mount a successful attack, while somewhat decreasing the minimum amount of bandwidth required to do so. Moreover, we evaluate Waterfilling in Shadow and show that it does not impact significantly the performance of the network. Furthermore, Waterfilling reduces the benefits that an attacker could obtain by hacking into a top bandwidth Tor relay, hence limiting the risks raised by such relays. Waterfilling does not require any major change in Tor, and can co-exist with the current circuit selection algorithm.

Keywords: Tor, Path selection algorithm, anonymity, traffic correlation

Copyright in PoPETs articles are held by their authors. This article is published under a Creative Commons Attribution-NonCommercial-NoDerivs license.