TY - GEN
T1 - ParTEETor
T2 - 23rd Workshop on Privacy in the Electronic Society, WPES 2024
AU - King, Rachel
AU - Burke, Quinn
AU - Beugin, Yohan
AU - Hoak, Blaine
AU - Li, Kunyang
AU - Pauley, Eric
AU - Sheatsley, Ryan
AU - McDaniel, Patrick
N1 - Publisher Copyright:
© 2024 Copyright held by the owner/author(s).
PY - 2024/11/21
Y1 - 2024/11/21
N2 - The Tor anonymity network allows users such as political activists and those under repressive governments to protect their privacy when communicating over the internet. At the same time, Tor has been demonstrated to be vulnerable to several classes of deanonymizing attacks that expose user behavior and identities. Prior work has shown that these threats can be mitigated by leveraging trusted execution environments (TEEs). However, previous proposals assume that all relays in the network will be TEE-based - -which as a practical matter is unrealistic. In this work, we introduce ParTEETor, a Tor-variant system, which leverages partial deployments of TEEs to thwart extend the relay selection algorithm to address the classes of attacks by enforcing a specific TEE circuit configuration. We evaluate ParTEETor for performance and privacy. Our evaluation demonstrates that at even a small TEE penetration (e.g., 10% of relays are TEE-based), users can reach performance of Tor today while enforcing a security policy to guarantee protection from at least two classes of attacks. Overall, we find that partial deployments of TEEs can substantially improve the security of Tor, without a significant impact on performance or privacy.
AB - The Tor anonymity network allows users such as political activists and those under repressive governments to protect their privacy when communicating over the internet. At the same time, Tor has been demonstrated to be vulnerable to several classes of deanonymizing attacks that expose user behavior and identities. Prior work has shown that these threats can be mitigated by leveraging trusted execution environments (TEEs). However, previous proposals assume that all relays in the network will be TEE-based - -which as a practical matter is unrealistic. In this work, we introduce ParTEETor, a Tor-variant system, which leverages partial deployments of TEEs to thwart extend the relay selection algorithm to address the classes of attacks by enforcing a specific TEE circuit configuration. We evaluate ParTEETor for performance and privacy. Our evaluation demonstrates that at even a small TEE penetration (e.g., 10% of relays are TEE-based), users can reach performance of Tor today while enforcing a security policy to guarantee protection from at least two classes of attacks. Overall, we find that partial deployments of TEEs can substantially improve the security of Tor, without a significant impact on performance or privacy.
UR - http://www.scopus.com/inward/record.url?scp=85214228019&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85214228019&partnerID=8YFLogxK
U2 - 10.1145/3689943.3696203
DO - 10.1145/3689943.3696203
M3 - Conference contribution
AN - SCOPUS:85214228019
T3 - WPES 2024 - Proceedings of the 23rd Workshop on Privacy in the Electronic Society
SP - 40
EP - 46
BT - WPES 2024 - Proceedings of the 23rd Workshop on Privacy in the Electronic Society
PB - Association for Computing Machinery, Inc
Y2 - 14 October 2024 through 18 October 2024
ER -