Add sources for circwindow report.

### Copyright 2007 Steven J. Murdoch, 2009 Karsten Loesing

### See LICENSE for licensing information

UFACTOR = 1e6

## Subtract to timevals, maintaining precision

todelta <- function(startsec, startusec, tsec, tusec) {

  tsec[tsec == 0] <- NA

  dsec <- tsec - startsec

  dusec <- tusec - startusec

  return(dsec*UFACTOR + dusec)

}

parsedata <- function(filename) {

  t = read.table(filename, header=TRUE)

  ## Make sure that the table has column names

  if (is.null(t$startsec)) {

    t <- read.table(filename, col.names=c("startsec", "startusec",

      "socketsec", "socketusec", "connectsec", "connectusec",

      "negotiatesec", "negotiateusec", "requestsec", "requestusec",

      "responsesec", "responseusec", "datarequestsec", "datarequestusec",

      "dataresponsesec", "dataresponseusec", "datacompletesec",

      "datacompleteusec", "writebytes", "readbytes"))

  }

  tStart <- t$startsec*UFACTOR + t$startusec

  dSocket <- todelta(t$startsec, t$startusec, t$socketsec, t$socketusec)

  dConnect <- todelta(t$startsec, t$startusec, t$connectsec, t$connectusec)

  dNegotiate <- todelta(t$startsec, t$startusec, t$negotiatesec, t$negotiateusec)

  dRequest <- todelta(t$startsec, t$startusec, t$requestsec, t$requestusec)

  dResponse <- todelta(t$startsec, t$startusec, t$responsesec, t$responseusec)

  dDRequest <- todelta(t$startsec, t$startusec, t$datarequestsec, t$datarequestusec)

  dDResponse <- todelta(t$startsec, t$startusec, t$dataresponsesec, t$dataresponseusec)

  dDComplete <- todelta(t$startsec, t$startusec, t$datacompletesec, t$datacompleteusec)

  cbWrite <- t$writebytes

  cbRead <- t$readbytes

  results <- data.frame(tStart, dSocket, dConnect,

                        dNegotiate, dRequest, dResponse,

                        dDRequest, dDResponse, dDComplete,

                        cbWrite, cbRead)

  invalid <- t$datacompletesec == 0

  results[invalid,] <- NA

  invalid <- t$dataresponsesec == 0

  results[invalid,] <- NA

  return(results)

}

plotboxes <- function(e1, e2, labels, title, ylim=c(NA,NA)) {

  range <- 1.5

  MinY <- ylim[1]

  MaxY <- ylim[2]

  ## Find how many points this will cause to be skipped

  skipped <- c()

  labels[1] <- paste(labels[1], " (", length(na.omit(e1)), ", ", length(e1) - length(na.omit(e1)), ", ", length(e1[e1 > MaxY]), ")", sep="")

  labels[2] <- paste(labels[2], " (", length(na.omit(e2)), ", ", length(e2) - length(na.omit(e2)), ", ", length(e2[e2 > MaxY]), ")", sep="")

  e1[e1 > MaxY] <- NA

  e2[e2 > MaxY] <- NA

  ## Plot the data

  boxplot(e1, e2, frame.plot=FALSE, axes=FALSE, ylab="Time (s)", range=range,

          ylim=c(MinY, MaxY), xlab="Configuration size (# runs, # timeouts, # points omitted)", main="",

          pars=list(show.names=TRUE, boxwex = 0.8, staplewex = 0.5, outwex = 0.5))

  axis(1, at=1:length(labels), labels=labels, lwd=0)

  axis(2, las=1)

}

e14 <- parsedata("echelon1-40kb.data")

e24 <- parsedata("echelon2-40kb.data")

e15 <- parsedata("echelon1-50kb.data")

e25 <- parsedata("echelon2-50kb.data")

e1m <- parsedata("echelon1-1mb.data")

e2m <- parsedata("echelon2-1mb.data")

plotdensity <- function(data1, data2, title, maxX, dens) {

if (dens == 1) {

  plot(density(na.omit(data1/1e6)), col="red", axes=FALSE, xlim=c(0,maxX), main=title, xlab="Time [s]")

  lines(density(na.omit(data2/1e6)), col="blue")

} else {

  plot(density(na.omit(data2/1e6)), col="blue", axes=FALSE, xlim=c(0,maxX), main=title, xlab="Time [s]")

  lines(density(na.omit(data1/1e6)), col="red")

}

median1 <- median(data1/1e6, na.rm=TRUE)

median2 <- median(data2/1e6, na.rm=TRUE)

abline(v=median1, col="red", lty=2)

abline(v=median2, col="blue", lty=2)

adj1 <- 0

adj2 <- 1

if (median1 < median2) {

  adj1 <- 1

  adj2 <- 0

}

mtext(paste("md =", format(median1, digits=3)), side=3, at=median1, col="red", adj=adj1)

mtext(paste("md =", format(median2, digits=3)), side=3, at=median2, col="blue", adj=adj2)

axis(1, lwd.ticks=1, lwd=0)

axis(1, at=c(0, maxX*65/60), labels=FALSE, lwd.ticks=0)

legend(x=maxX, xjust=1, y=par("usr")[4], fill=c("blue", "red"), ncol=1, legend=c("w/o circwindow patch", "w/ circwindow patch"), bty="n")

}

plotdensities <- function(filename, data15, data25, max5, dens5, data14, data24, max4, dens4, data1m, data2m, maxm, densm, title) {

pdf(filename, width=8, height=6)

par(mfrow=c(3, 1))

par(mar=c(4.3,0.1,3.6,0.1))

plotdensity(data14, data24, paste(title, "(40 KiB)"), max4, dens4)

plotdensity(data15, data25, paste(title, "(50 KiB)"), max5, dens5)

plotdensity(data1m, data2m, paste(title, "(1 MiB)"), maxm, densm)

dev.off()

}

plotdensities("connected.pdf", e15[,6], e25[,6], 60, 1, e14[,6], e24[,6], 60, 1, e1m[,6], e2m[,6], 60, 2, "Time to connect to website")

plotdensities("firstbyte.pdf", e15[,8], e25[,8], 60, 1, e14[,8], e24[,8], 60, 1, e1m[,8], e2m[,8], 60, 2, "Time until receiving first response byte")

plotdensities("download.pdf", e15[,9], e25[,9], 60, 1, e14[,9], e24[,9], 60, 1, e1m[,9], e2m[,9], 300, 2, "Time to complete request")

\documentclass{article}

\usepackage{url}

\usepackage[dvips]{graphicx}

\usepackage{graphics}

\usepackage{color}

\usepackage{booktabs}

\usepackage{multirow}

\begin{document}

\title{Reducing the Circuit Window Size in Tor}

\author{Karsten Loesing}

\maketitle

\section{Introduction}

As one approach to make Tor faster, the circuit window size can be reduced

from currently 1000 cells to only 101 cells.

In theory, the effect is reduced latency for client connections, because

the number of cells that are buffered in the Tor network is smaller.

This report analyzes the effect in practice.

\section{Measurement Setup}

The measurement setup consists of 1~webserver serving a 40~KiB, a 50~KiB,

and a 1~MiB file, 2~Tor exit relays, 2~Tor clients, and 2~SOCKS clients

measuring download times.

One of the exit relays is compiled with a reduced circuit window size, the

other one is built without any code changes.

In detail, the measurement setup is as follows:

\begin{itemize}

\item The \emph{webserver} that serves the 40~KiB, 50~KiB, and 1~MiB test

files is \url{www.freehaven.net}. The test files containing random data are

available under \url{http://www.freehaven.net/~karsten/perf/.40kbfile},

\url{.50kbfile},\linebreak[9] and \url{.1mbfile}.

\item The \emph{first exit relay} that is compiled with a reduced circuit

window size is \texttt{echelon1} with fingerprint \texttt{5114 61B1 8F3A

5CA0 3655 8C9A 8FDD 22B3 D0A8 1EBB}. Its Tor version is 0.2.2.0-alpha-dev.

It is configured to permit exiting using the default exit policy. It has

been running as non-exit relay for a few days before starting these

measurements.

\item The \emph{second exit relay} is using Tor version 0.2.2.0-alpha-dev,

too, but compiled without code changes. Its nickname is \texttt{echelon2},

and its fingerprint is \texttt{3EED 5706 22FC C06D EF4D 4204 2DD8 47D8 9989

3972}. It is configured to use the default exit policy and was running as

non-exit relay for a few days, too. Both exit relays are running on the

same host located in Canada.

\item The \emph{two Tor clients} are configured to use no entry guards and

to use circuits only with a maximum dirtiness of 1 minute. Both Tor clients

are running version 0.2.2.0-alpha-dev. They are located on the same host

as the two exit relays.

\item The \emph{two SOCKS clients} are the trivial SOCKS clients used for

other \texttt{torperf} measurements, too. In contrast to previous

measurements, the clients specify an exit relay using the \texttt{.exit}

notation.

\end{itemize}

\section{Results}

Results include three data points: The first measured time is the time to

connect to the website. This step requires the Tor client to create a

circuit using the specified exit and send a \texttt{CONNECT} command to the

exit relay. As soon as the exit relay replies with a \texttt{CONNECTED}

cell, the connection to the website is established.

Figure~\ref{fig:connected} shows kernel density estimates of the connection

times.

\begin{figure}

\centering

\includegraphics[width=.85\textwidth]{connected.pdf}

\caption{Kernel density estimates of times to connect to website}

\label{fig:connected}

\end{figure}

The second measured time is the time between starting a request and

receiving the first byte of the response. Figure~\ref{fig:firstbyte} shows

these times for the three requested file sizes.

\begin{figure}

\centering

\includegraphics[width=.85\textwidth]{firstbyte.pdf}

\caption{Kernel density estimates of times until receiving first response byte}

\label{fig:firstbyte}

\end{figure}

The third measured time is the overall time to complete a request. This

time include all steps from connecting to the website until having received

all bytes of the response. Figure~\ref{fig:download} shows the

distributions of these times.

\begin{figure}

\centering

\includegraphics[width=.85\textwidth]{download.pdf}

\caption{Kernel density estimates of times to complete request}

\label{fig:download}

\end{figure}

\section{Discussion}

The results, especially the time to complete requests, indicate an

improvement of the circuit window reduction to 101 cells for downloads of

40~KiB files at the cost of significant decreasing performance for 1~MiB

files.

A possible explanation is that 40 KiB downloads fit into one circuit window

of 101 cells in contrast to 50~KiB and 1~MiB downloads.

The latter two require additional round-trips for the 101 cells circuit

window.

%From these results, it seems useful to reduce the circuit window, so that

%smaller downloads benefit from smaller latencies.

However, these are only early measurements of 1000+ downloads for each

setting (or even 820 for 1~MiB downloads) that need to be confirmed in the

future.

Results might also differ as soon as a certain number of other relays in

the network have upgraded to smaller circuit windows.

As an alternative to changing the circuit window from 1000 to 101 cells in

the code, the circuit window size could be included in the network status

consensus.

That way, the optimal circuit window size could be switched easily as soon

as a certain fraction of relays has upgraded to use the included circuit

window size.

\end{document}