Internet anonymity with mobility - key challenges for the future.

Privacy, including the privacy of correspondence (communications), is a human right. Privacy Enhancing Technologies (PETs) provide a number of tools with the aim to protect this right. Anonymity networks, such as Tor, contribute to privacy by providing a degree of anonymity for an individual's Internet traffic. An increase in mobile devices connecting to the Internet is predicted to surpass static connections by 2014. The desire for privacy will provide additional challenges in the future, for anonymity networks, in supporting an increasing mobile client base. An experiment was set up, to simulate a mobile device accessing the Tor network while roaming across different wireless networks. The preliminary results show that the impact on performance for the mobile client (and potentially the overall Tor network) is significant, due to the frequency of hand-offs and subsequent break in the secured connection to the Tor network. Performance is critical in maintaining a large and diverse anonymity set, therefore the impact of an increasing mobile client base, must be fully understood

Measurement and management of the impact of mobility on low-latency anonymity networks

Privacy, including the right to privacy of correspondence, is a human right. Privacy-enhancing technologies, such as the Tor anonymity network, help maintain this right. The increasing use of Tor from mobile devices raises new challenges for the continued effectiveness of this low-latency anonymity network. Mobile Tor users may access the Internet from a range of wireless networks and service providers. Whenever a wireless network hands-off a mobile device’s connection from one access point to another, its external Internet Protocol (IP) address changes, and the connection to the Tor network is dropped. Every dropped connection requires the Tor circuit to be rebuilt. The time required to rebuild the circuit negatively impacts client performance. This research is the first to highlight this negative impact and to investigate the likely extent of the impact for typical usage scenarios and mobility models. The increased network churn caused by circuit rebuilding also negatively impacts anonymity. A novel metric (q-factor) is proposed here to measure the trade-off between anonymity and performance over the duration of a communication session. Two new solutions to the problems of managing mobility in a low-latency anonymity network are proposed in this thesis. The first solution relies on adaptive client throttling, based on a Kaplan-Meier estimator of the likelihood of a mobile network hand-off. The second solution relies on the use of a static bridge relay (mBridge) that acts as a persistent ‘home’ for a mobile Tor connection, so avoiding the need to recreate the Tor circuit whenever the mobile device is handed-off. The effectiveness of these solutions has been measured using the new q-factor metric. Both solutions provide better performance for mobile Tor clients than the standard Tor client implementation, although some performance reduction by comparison with static Tor clients remains. The bridge relay solution (mBridge) has been shown to offer better performance than client throttling, but is more vulnerable to certain types of attack. A strength of both solutions is that changes are restricted to client devices, the existing algorithms and protocols of the interior Tor network are unaffected

The novel use of Bridge Relays to provide persistent Tor connections for mobile devices

The number of wireless mobile devices connecting to the Internet, is predicted to surpass static connections by 2014. A desire for privacy will provide additional challenges in the future, for anonymity networks such as Tor, in supporting this increasing mobile user base. In this paper, we assess the potential performance impact to a mobile user accessing Tor while roaming from different Internet connections. An experiment was undertaken to simulate a mobile user at various mobility speeds (e.g. walking) alongside a range of Tor circuit build times. The results show that the impact to the mobile user (and potentially the overall Tor network) was significant when roaming between networks, and as expected, increased with higher mobility speeds and longer circuit build times. We also reviewed previous related research and, as one potential solution, considered whether Bridge Relays could additionally be used to provide a persistent connection to the Tor network, for roaming mobile users. Performance is critical for low latency anonymity networks, such as Tor, and understanding the potential impact of this increasing mobile user base, to both the mobile user and overall Tor network, is becoming critical

Please Slow Down! The Impact on Tor Performance from Mobility

The number of mobile devices connecting to the Internet is predicted to surpass desktop connections by 2014. The likely growth in their mobile client base will offer an additional challenge for anonymity networks, such as Tor, in maintaining an efficient privacy service. We have conducted a simple experiment that illustrates this challenge. We have simulated the performance achieved by a mobile Tor node as it roams at varying speeds between wireless networks. The results show that the impact on performance for the mobile user, and potentially the wider Tor network, is significant when roaming, and as expected, increases with higher mobility speeds and longer recovery times. We review a range of solutions and suggest that, although the use of a lighter transport protocol and/or adaptive client throttling may reduce the performance impact of mobility, a better strategy is to provide a persistent connection to the Tor network for roaming mobile users

A longitudinal approach to measuring the impact of mobility on low-latency anonymity networks

The increasing mobility of Internet users is becoming an emerging issue for low-latency anonymity networks such as Tor. The increase in network churn, generated by a growing mobile client base recycling connections, could impact maintaining the critical balance between anonymity and performance. New combinatorial approaches for measuring both anonymity and performance need to be developed in order to identify critical changes to the network dynamics, and trigger intervention if and when required. We present q-factor, a novel longitudinal approach to measuring anonymity and performance within highly dynamic environments. By modelling q-factor, we show that the impact of mobility, over time, on anonymity is significant. However, by using q-factor, we are able to anticipate and significantly reduce the number of these critical events occurring. In order to make more effective strategic design and/or real-time network decisions in the future, low-latency anonymity networks will be required to adopt an even more proactive approach to network management. The potential impact from increasing mobile usage needs to be considered, as what may initially be perceived as a good solution, may in fact degrade, or in the worst case could destroy the anonymity of users over time