Throwing Your Weight Around: Fixing Tor's Positional Weighting
Authors: Aaron Johnson (U.S. Naval Research Laboratory), Aaron D. Jaggard (U.S. Naval Research Laboratory), Paul Syverson (U.S. Naval Research Laboratory)
Volume: 2023
Issue: 4
Pages: 593–612
DOI: https://doi.org/10.56553/popets-2023-0127
Abstract: We analyze deficiencies in Tor's positional weighting system, identifying cases in which the system either fails to produce valid weights or fails to properly load balance across positions. We describe how an attacker can take advantage of these failures to reduce Tor's performance, thereby also easing censorship and surveillance through a denial-of-service attack. Our attacks exploit incorrectly determined positional-weight equations by adding new capacity to the network or, for even more covertness, by just minor changes in the status of existing malicious relays. Our analysis of past Tor consensuses shows that these attacks could have reduced the throughput of the network by as much as 45% due only to their triggering of Tor's flawed position weights. Rather than a mere patch to Tor's currently ad hoc scheme, we then propose a new, systematic method for deriving positional weights and propose two goal sets generated using that method. We derive new sets of weights, prove that they satisfy these goal sets, and give examples of how they would change the weights from the current system. Tor could use our results to quickly fix the main deficiencies of its positional weights as well as adopt a better approach long-term.
Keywords: Tor, onion routing, denial-of-service attack
Copyright in PoPETs articles are held by their authors. This article is published under a Creative Commons Attribution 4.0 license.
