[tor-relays-universities] Traceroute from Tor relays

[Anupam Das]

*** START EMAIL ***
Hello university Tor relay operators,

We could use your help in a pilot project to improve Tor security. As
you may be aware, the anonymity of a connection over Tor is vulnerable
to an adversary who can observe it in enough places along its route.
For example, traffic that crosses the same country as it enters and
leaves the Tor network can potentially be deanonymized by an authority
in that country who can monitor all network communication. Researchers
have been working to figure out how Tor traffic gets routed over the
Internet [0-3], but determining routes with high confidence has been
difficult.

That's where you come in. To figure out where traffic travels from
your relay, we'd like you to run a bunch of "traceroutes" - network
measurements that show the paths traffic takes. This is a one-time
experiment for now, but, depending on what we find out, regularly
making such measurements may become a part of Tor itself. We have
already gotten some results thanks to Linus Nordberg of DFRI and
Moritz Bartl of torservers.net, and now we need help from the broader Tor
community.
We would like to start this right away.

We have written some shell scripts to automate most of the process.
The easiest way for you to get them is with git, using the following
commands:

 git clone https://bitbucket.org/anupam_das/traceroute-from-tor-relays
 git checkout bdc09b31a590968793b86f62034b0b4035bb7d77

You can also just download the files directly by visiting [4].
Detailed instructions for setting up and running the experiment are in
the README.

A description of the project and a FAQ is online [5], but
basically the experiment does traceroutes to three groups: all
"routable IP prefixes", all Tor relays, and then all /24 subnets.
These kinds of measurements are not uncommon. By default the
scripts will periodically move the results to our server [6] via SSH,
although you can keep the results around and/or not send them
automatically if you wish (see the README). The traceroute data
recorded is not sensitive or private at all. We plan to make the
code and data public, following Tor's practice of open cooperation
with the research community [7].

The measurements will work best if you have the "scamper" tool from
the Cooperative Association for Internet Data Analysis (CAIDA)
installed (see the README for installation instructions). This is a
standard and open-source tool that handles the many modern
complexities of Internet routing measurement. If you are not able to
run scamper, the script will also work with the more-common but
less-accurate and slower "traceroute" utility. We do not currently
have support for Windows relays.

The output will take up around 1MB disk space if you use scamper;
on the other hand if you use "traceroute" utility each output will be
around 4MB. The measurements will use 58.6KiBps in each direction
with scamper and 45KiBps with traceroute, although you can
adjust these rates via parameter settings (again, see the README).
Depending on whether you run scamper or traceroute
the total time required varies, but results for traceroutes to "routable
IP prefixes" and all Tor relays should finish within one week (possibly
earlier). We would like to request relay operators to upload those
results once finished.

This experiment is in collaboration with several researchers, but the
leads are Anupam Das, a Ph.D. student at the University of Illinois at
Urbana-Champaign, and his advisor Nikita Borisov. Based on a review of
the scripts of commit bdc09b31a590968793b86f62034b0b4035bb7d77, we
believe that they operate as described above. Please do read through
them yourself, and let us know if you have any questions or concerns.
And also feel free to contact us at tor-traceroutes at illinois.edu for help or
with suggestions.

Because of you, Tor is the "king" of anonymous communication.  With
your help, we will keep improving to face the new challenges to
privacy and freedom online.

Thank you,
Karsten Loesing <karsten at torproject.org>
Anupam Das <das17 at illinois.edu>
Nikita Borisov <nikita at illinois.edu>
Reach us all at <tor-traceroutes at illinois.edu>

[0] "Protecting anonymity in the presence of autonomous system and
internet exchange level adversaries" by Joshua Juen. Master's Thesis,
UIUC. 2012. <https://www.ideals.illinois.edu/handle/2142/34363>
[1] "Users Get Routed: Traffic Correlation on Tor by Realistic
Adversaries" by Aaron Johnson, Chris Wacek, Rob Jansen, Micah Sherr,
and Paul Syverson. ACM CCS 2013.
<http://freehaven.net/anonbib/cache/ccs2013-usersrouted.pdf>
[2] "AS-awareness in Tor path selection" by Matthew Edman and Paul F.
Syverson. ACM CCS 2009.
<http://freehaven.net/anonbib/cache/DBLP:conf/ccs/EdmanS09.pdf>
[3] "Sampled Traffic Analysis by Internet-Exchange-Level Adversaries"
by Steven J. Murdoch and Piotr Zieliński. PETS 2007.
<http://freehaven.net/anonbib/cache/murdoch-pet2007.pdf>
[4] https://bitbucket.org/anupam_das/traceroute-from-tor-relays/downloads
[5] http://web.engr.illinois.edu/~das17/tor-traceroute_v1.html
[6] ttat-control.iti.illinois.edu
[7] https://metrics.torproject.org/
*** END EMAIL ***
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-relays-universities/attachments/20131102/15ae7d5f/attachment.html>