Sambuddho Chakravarty

Piyush Kumar Sharma, Shashwat Chaudhary, Nikhil Hassija et al.

Anonymous VoIP calls over the Internet holds great significance for privacy-conscious users, whistle-blowers and political activists alike. Prior research deems popular anonymization systems like Tor unsuitable for providing requisite performance guarantees that real-time applications like VoIP need. Their claims are backed by studies that may no longer be valid due to constant advancements in Tor. Moreover, we believe that these studies lacked the requisite diversity and comprehensiveness. Thus, conclusions from these studies led them to propose novel and tailored solutions. However, no such system is available for immediate use. Additionally, operating such new systems would incur significant costs for recruiting users and volunteered relays, to provide the necessary anonymity guarantees. It thus becomes imperative that the exact performance of VoIP over Tor be quantified and analyzed so that the potential performance bottlenecks can be amended. We thus conducted an extensive empirical study across various in-lab and real-world scenarios to shed light on VoIP performance over Tor. In over 0.5 million measurements spanning 12 months, across seven countries and covering about 6650 Tor relays, we observed that Tor supports good voice quality (Perceptual Evaluation of Speech Quality (PESQ) >3 and oneway delay <400ms) in more than 85% of cases. Further analysis indicates that in general for most Tor relays, the contentions due to cross-traffic were low enough to support VoIP calls, that are anyways transmitted at low rates (<120 Kbps). Our findings are supported by concordant measurements using iperf that show more than the adequate available bandwidth for most cases. Data published by the Tor Metrics also corroborates the same. Hence, unlike prior efforts, our research reveals that Tor is suitable for supporting anonymous VoIP calls.

Devashish Gosain, Anshika Agarwal, Sambuddho Chakravarty et al.

Decoy Routing, the use of routers (rather than end hosts) as proxies, is a new direction in anti-censorship research. Decoy Routers (DRs), placed in Autonomous Systems, proxy traffic from users; so the adversary, e.g., a censorious government, attempts to avoid them. It is quite difficult to place DRs so the adversary cannot route around them for example, we need the cooperation of 850 ASes to contain China alone. In this paper, we consider a different approach. We begin by noting that DRs need not intercept all the network paths from a country, just those leading to Overt Destinations, i.e., unfiltered websites hosted outside the country (usually popular ones, so that client traffic to the OD does not make the censor suspicious. Our first question is; How many ASes are required for installing DRs to intercept a large fraction of paths from, e.g., China to the top n websites (as per Alexa)? How does this number grow with n? Few ASes (approx. 30) intercept over 90% of paths to the top n sites, for n = 10, 20...200. Our first contribution is to demonstrate with real paths that the number of ASes required for a world-wide DR framework is small (approx. 30). Further, censor nations attempts to filter traffic along the paths transiting these 30 ASes will not only block their own citizens, but others residing in foreign ASes. Our second contribution in this paper is to consider the details of DR placement: not just in which ASes DRs should be placed to intercept traffic, but exactly where in each AS. We find that even with our small number of ASes, we still need a total of about 11,700 DRs.We conclude that, even though a DR system involves far fewer ASes than previously thought, it is still a major undertaking. For example, the current routers cost over 10.3 billion USD, so if DR at line speed requires all new hardware, the cost alone would make such a project unfeasible for most actors.