COSIC Seminar – Safely Measuring Tor – Rob Jansen (Naval Research Lab)

Tor is a popular network for anonymous communication. The usage and operation of Tor is not well-understood, however, because its privacy goals make common measurement approaches ineffective or risky. We present PrivCount, a system for measuring the Tor network designed with user privacy as a primary goal. PrivCount securely aggregates measurements across Tor relays and over time to produce differentially private outputs. PrivCount improves on prior approaches by enabling flexible exploration of many diverse kinds of Tor measurements while maintaining accuracy and privacy for each. We use PrivCount to perform a measurement study of Tor of sufficient breadth and depth to inform accurate models of Tor users and traffic. Our results indicate that Tor has 710,000 users connected but only 550,000 active at a given time, that Web traffic now constitutes 91% of data bytes on Tor, and that the strictness of relays’ connection policies significantly affects the type of application data they forward.

Bio:
Dr. Rob Jansen is a computer scientist in the Center for High Assurance Computer Systems at the U.S. Naval Research Laboratory. He is a self-proclaimed experimentalist because he considers himself as “one who prefers to ascertain by finding out.”

Rob’s research interests include:
+ Distributed Systems;
+ Security and Privacy;
+ Anonymous Communication; and
+ Parallel and Distributed Simulation.

Rob focuses on designing and building practical and useful systems and software, and therefore exploring tradeoffs between performance and security is often central to his work. Rob’s research often results in re-usable prototypes that help further research and development, and often leads to protocol or algorithmic modifications in popular deployed systems.

Rob developed a tool called Shadow that is used by research institutions around the world to simulate and analyze the popular Tor Anonymity and Bitcoin Crypto-currency Networks. Shadow has revolutionized the research and development of these systems by making it possible to easily explore not only performance enhancements and speed improvements, but also to understand how adversarial threats affect these systems; all of this can be done safely inside of the Shadow application running on a standard computer. Due to his work, Shadow has already been used to find and fix security vulnerabilities in Tor, and has aided in making Tor faster for its users–who include journalists, human rights activists, diplomats, and millions of ordinary people.

Rob’s work has been highlighted on blogs at the M.I.T. Tech Review, Ars Technica, Info Security Magazine, and the Tor Project, and has been presented at numerous, high-level research conferences. When he’s not designing and simulating new computer systems or hacking on code, Rob jogs laps around the National Mall and through the streets of DC.