November 30, 2010 - November 30, 2014
Tor Project will assist the team by positioning Tor to better circumvent censorship and to provide anonymous network access to more users, focusing on five major topics: performance and scalability, modularity and reusability, client-side automation, user security, and metrics. Tor Project will support specific project tasks as follows:
Task 1: Tor will invent new algorithms for collecting Tor network load and usage data safely. Tor will maintain and grow its database of aggregated data about the live Tor network and its usage over time; to that end, Tor will design and deploy new tools to manipulate and understand this data. Tor will identify which measurements are necessary to support the wider performance and anonymity research questions, perform the measurements, and feed the results into ongoing research projects of both the anonymity community and the circumvention community. Tor Project will assist in the development of the system development plan (SDP), system documentation, and evaluation planning; participate in at least one PI meeting per year; and provide input for project reports.
Task 2: Tor will develop and deploy design changes to better use current capacity in the Tor network. Tor will work on approaches to attract new relays and bridges, to grow the capacity of the Tor network. Tor will develop and deploy design changes to Tor’s directory infrastructure that can scale to 10,000 relays and 10,000 bridges. Tor will research and design approaches to handling 100,000 relays and bridges, and examine the anonymity challenges.
Task 3: Tor will clean up and extend “bridgedb”, its service that distributes bridge addresses in a rate-limited way. Tor will add a mechanism inside the Tor protocol whereby a bridge user automatically supplements her bridge list with other bridges.
Task 4: Tor will modularize the Tor transport mechanism so that it can handle pluggable protocol camouflaging on the wire.
Task 5: Tor will improve the design and implementation around use of bridges by Tor clients. Tor will continue to adapt and improve Torbutton, its Firefox browser extension, as new browser versions are released. Tor will work with Mozilla to fix bugs in their browsers. Tor will also work with Google to redesign the Chrome API to make it possible to build a maintainable and safe Torbutton for Chrome. Tor will investigate and design approaches for letting websites and other Internet services better handle connections from anonymous users.
Task 6: Tor will continue research into anonymity-breaking attacks against infrastructures like Tor.
Task 7: Tor will begin separating the relaying component of the Tor software from the discovery component, with the eventual goal of making the Tor software reusable as a building block for other related projects that may perform bridge distribution in other ways.
Task 8 (OPTION): Tor will enhance application-level web security for users. Tor will develop a realistic Tor network simulator and load balancing capability. Tor will develop a user interface that better approximates what is happening with the user’s Tor client and view of the network, and allow the user to graphically select country of entry or exit for circuits and select trusted routing paths through the network. Tor will develop ease of use enhancements, including a network-card software shim that transparently redirects all IP traffic from a user’s machine through the Tor network. Tor will develop a portal for user education. Tor will develop defenses against the long-circuit attack and perform additional research on reduced-hop Tor and the use of layered guard nodes to handle bridges.
Task 9 (OPTION): Tor will design and deploy Tor bundles that include Thandy, its prototype secure updating protocol. Tor will improve its ability to recognize, track, and eventually predict large-scale blocking events, like those that happen every few months in China. Tor will continue separating the relaying component of the Tor software from the discovery component, with the goal of making the Tor software reusable as a building block for other projects that may perform bridge distribution in other ways.