Paying the guard: An entry-guard-based payment system for Tor

Loading...
Thumbnail Image
Files
Palmieri_Pouwelse_FC2015.pdf(214.57 KB)
Accepted version
Date
2015-01
Authors
Palmieri, Paolo
Pouwelse, Johan A.
Journal Title
Journal ISSN
Volume Title
Publisher
Springer Berlin Heidelberg
Research Projects
Organizational Units
Journal Issue
Abstract
When choosing the three relays that compose a circuit, Tor selects the first hop among a restricted number of relays called entry guards, pre-selected by the user himself. The reduced number of entry guards, that until recently was fixed to three, helps in mitigating the effects of several traffic analysis attacks. However, recent literature indicates that the number should be further reduced, and the time during which the user keeps the relays as guards increased. Therefore, developers of Tor recently proposed selecting only one entry guard, which is to be used by the user for all circuits and for a prolonged period of time (nine months). While this design choice was made to increase the security of the protocol, it also opens an unprecedented opportunity for a market mechanism where relays get paid for traffic by the users. In this paper, we propose to use the entry guard as the point-of-sale: users subscribe to their entry guard of choice, and deposit an amount that will be used for paying for the circuits. From the entry guard, income is then distributed to the other relays included in circuits through an inter-relay accounting system. While the user may pay the entry guard using BitCoins, or any other anonymous payment system, the relays exchange I Owe You (IOU) certificates during communication, and settle their balances only at synchronized, later points in time. This novel deferred payment approach overcomes the weaknesses of the previously proposed Tor payment mechanisms: we separate the user’s payment from the inter-relay payments, and we effectively unlink both from the chosen path, thus preserving the secrecy of the circuit.
Description
Keywords
Tor , Anonymous payments , Economy of privacy enhancing technologies
Citation
Palmieri, P. and Pouwelse, J. (2015) 'Paying the Guard: An Entry-Guard-Based Payment System for Tor', in Böhme, R. & Okamoto, T. (eds.) Financial Cryptography and Data Security: 19th International Conference, FC 2015, San Juan, Puerto Rico, January 26-30, Revised Selected Papers. Berlin, Heidelberg: Springer Berlin Heidelberg, pp. 437-444. doi:10.1007/978-3-662-47854-7_26
Copyright
© International Financial Cryptography Association 2015. The final publication is available at Springer via http://dx.doi.org/10.1007/978-3-662-47854-7_26