Faculty Recruiting Support CICS

Stormy: Statistics in Tor by Measuring Securely

08 Nov
Friday, 11/08/2019 1:30pm to 2:30pm

Tor is a tool for Internet privacy with millions of daily users. The Tor system benefits in many ways from information gathered about the operation of its network. However, data collection and reporting can degrade user privacy, contradicting Tor's goals. We present Stormy, a general-purpose, privacy-preserving measurement system. Stormy uses secure multiparty computation (MPC) to compute any function of the observations made by Tor relays, while keeping those observations secret. Stormy makes use of existing efficient MPC protocols that are secure in the malicious model, and in addition it includes a novel input-sharing protocol that is secure, efficient, and fault tolerant. The protocol is non-interactive, which is consistent with how relays currently submit measurements, and it allows the relays to go offline after input submission. We demonstrate how to use the system to compute two broadly-applicable statistics: the median of relay inputs and the cardinality of set-union across relays. We implement Stormy and experimentally evaluate its performance. Our experiments show that in can be used to securely compute non-trivial analytics in the Tor network. This is work with Ryan Wails (NRL), Daniel Starin (Perspecta Labs), Arkady Yerukhimovich (George Washington University), and Dov Gordon (George Mason University).

Dr. Aaron Johnson is a computer scientist at the U.S. Naval Research Laboratory. His research interests include private communication and privacy-preserving data analysis. He has performed foundational mathematical research in the area of anonymous communication by modeling and analyzing the security of onion routing. He has also applied mathematically-rigorous privacy-preserving methods to publishing sensitive genetic and network data. Much of his work has been focused on the Tor network, which is an onion-routing network used by millions of users daily to secure their communications. He designed several improvements to Tor, including denial-of-service defenses, faster onion services, privacy-preserving network monitoring, and improvements to Tor's path selection. Many of these results have been incorporated into the Tor network and provide enhanced security, performance, and utility to its many users. Dr. Johnson received his Ph.D. in 2009 from the computer science department at Yale University and completed postdoctoral training at the University of Texas at Austin.

Faculty Host