never been kist: tor’s congestion management blossoms with kernel-informed socket transport
DESCRIPTION
Never Been KIST: Tor’s Congestion Management Blossoms with Kernel-Informed Socket Transport. 23 rd USENIX Security Symposium August 20 th 2014. Rob Jansen US Naval Research Laboratory John GeddesUniversity of Minnesota Chris Wacek Georgetown University - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: Never Been KIST: Tor’s Congestion Management Blossoms with Kernel-Informed Socket Transport](https://reader036.vdocument.in/reader036/viewer/2022062519/568153e2550346895dc1ddf9/html5/thumbnails/1.jpg)
Never Been KIST: Tor’s Congestion Management Blossoms with Kernel-Informed Socket Transport
23rd USENIX Security Symposium
August 20th 2014
Rob Jansen US Naval Research LaboratoryJohn Geddes University of MinnesotaChris Wacek Georgetown UniversityMicah Sherr Georgetown UniversityPaul Syverson US Naval Research Laboratory
![Page 2: Never Been KIST: Tor’s Congestion Management Blossoms with Kernel-Informed Socket Transport](https://reader036.vdocument.in/reader036/viewer/2022062519/568153e2550346895dc1ddf9/html5/thumbnails/2.jpg)
Anonymous Communication: Tor
![Page 3: Never Been KIST: Tor’s Congestion Management Blossoms with Kernel-Informed Socket Transport](https://reader036.vdocument.in/reader036/viewer/2022062519/568153e2550346895dc1ddf9/html5/thumbnails/3.jpg)
Tor is Slow!!! Research*
● PCTCP: Per-Circuit TCP-over-IPsec Transport for Anonymous Communication Overlay Networks (CCS ‘13)
● Reducing Latency in Tor Circuits with Unordered Delivery (FOCI ‘13)
● How Low Can You Go: Balancing Performance with Anonymity in Tor (PETS ‘13)
● The Path Less Travelled: Overcoming Tor's Bottlenecks with Traffic Splitting (PETS ’13)
● An Empirical Evaluation of Relay Selection in Tor (NDSS ‘13)
● LIRA: Lightweight Incentivized Routing for Anonymity (NDSS ‘13)
● Improving Performance and Anonymity in the Tor Network (IPCCC ‘12)
● Enhancing Tor's Performance using Real-time Traffic Classification (CCS ’12)
● Torchestra: Reducing interactive traffic delays over Tor (WPES ‘12)
● Throttling Tor Bandwidth Parasites (USENIX Sec ‘12)
● LASTor: A Low-Latency AS-Aware Tor Client (Oakland ‘12)
● Congestion-aware Path Selection for Tor (FC ‘12)
*Not a comprehensive list
![Page 4: Never Been KIST: Tor’s Congestion Management Blossoms with Kernel-Informed Socket Transport](https://reader036.vdocument.in/reader036/viewer/2022062519/568153e2550346895dc1ddf9/html5/thumbnails/4.jpg)
Tor is Slow!!! Research*
● PCTCP: Per-Circuit TCP-over-IPsec Transport for Anonymous Communication Overlay Networks (CCS ‘13)
● Reducing Latency in Tor Circuits with Unordered Delivery (FOCI ‘13)
● How Low Can You Go: Balancing Performance with Anonymity in Tor (PETS ‘13)
● The Path Less Travelled: Overcoming Tor's Bottlenecks with Traffic Splitting (PETS ’13)
● An Empirical Evaluation of Relay Selection in Tor (NDSS ‘13)
● LIRA: Lightweight Incentivized Routing for Anonymity (NDSS ‘13)
● Improving Performance and Anonymity in the Tor Network (IPCCC ‘12)
● Enhancing Tor's Performance using Real-time Traffic Classification (CCS ’12)
● Torchestra: Reducing interactive traffic delays over Tor (WPES ‘12)
● Throttling Tor Bandwidth Parasites (USENIX Sec ‘12)
● LASTor: A Low-Latency AS-Aware Tor Client (Oakland ‘12)
● Congestion-aware Path Selection for Tor (FC ‘12)
*Not a comprehensive list
Where?
![Page 5: Never Been KIST: Tor’s Congestion Management Blossoms with Kernel-Informed Socket Transport](https://reader036.vdocument.in/reader036/viewer/2022062519/568153e2550346895dc1ddf9/html5/thumbnails/5.jpg)
This Talk
● Where is Tor slow?– Measure public Tor and private Shadow-Tor networks– Identify circuit scheduling and socket flushing problems
● Design KIST: Kernel-Informed Socket Transport– Use TCP snd_cwnd to limit socket writes
● Evaluate KIST Performance and Security– Reduces kernel and end-to-end circuit congestion– Throughput attacks unaffected, speeds up latency attacks
![Page 6: Never Been KIST: Tor’s Congestion Management Blossoms with Kernel-Informed Socket Transport](https://reader036.vdocument.in/reader036/viewer/2022062519/568153e2550346895dc1ddf9/html5/thumbnails/6.jpg)
Outline
● Background
● Instrument Tor, measure congestion
● Analyze causes of congestion
● Design and evaluate KIST– Performance– Security
![Page 7: Never Been KIST: Tor’s Congestion Management Blossoms with Kernel-Informed Socket Transport](https://reader036.vdocument.in/reader036/viewer/2022062519/568153e2550346895dc1ddf9/html5/thumbnails/7.jpg)
Relay Overview
![Page 8: Never Been KIST: Tor’s Congestion Management Blossoms with Kernel-Informed Socket Transport](https://reader036.vdocument.in/reader036/viewer/2022062519/568153e2550346895dc1ddf9/html5/thumbnails/8.jpg)
Relay Overview
TCP
TCP
TCP
TCP
TCP
TCP
TCP
Tor circuits are multiplexed over a
TCP transport
![Page 9: Never Been KIST: Tor’s Congestion Management Blossoms with Kernel-Informed Socket Transport](https://reader036.vdocument.in/reader036/viewer/2022062519/568153e2550346895dc1ddf9/html5/thumbnails/9.jpg)
Relay Overview
TCP
TCP
TCP
TCP
TCP
TCPTCP
![Page 10: Never Been KIST: Tor’s Congestion Management Blossoms with Kernel-Informed Socket Transport](https://reader036.vdocument.in/reader036/viewer/2022062519/568153e2550346895dc1ddf9/html5/thumbnails/10.jpg)
Relay InternalsKernel Input Kernel OutputTor Input Tor Output
Tor Circuits
Opportunities for traffic
management
![Page 11: Never Been KIST: Tor’s Congestion Management Blossoms with Kernel-Informed Socket Transport](https://reader036.vdocument.in/reader036/viewer/2022062519/568153e2550346895dc1ddf9/html5/thumbnails/11.jpg)
Outline
● Background
● Instrument Tor, measure congestion
● Analyze causes of congestion
● Design and evaluate KIST– Performance– Security
![Page 12: Never Been KIST: Tor’s Congestion Management Blossoms with Kernel-Informed Socket Transport](https://reader036.vdocument.in/reader036/viewer/2022062519/568153e2550346895dc1ddf9/html5/thumbnails/12.jpg)
Live Tor Congestion - libkqtimeKernel Input Kernel OutputTor Input Tor Output
Tor Circuits
![Page 13: Never Been KIST: Tor’s Congestion Management Blossoms with Kernel-Informed Socket Transport](https://reader036.vdocument.in/reader036/viewer/2022062519/568153e2550346895dc1ddf9/html5/thumbnails/13.jpg)
Live Tor Congestion - libkqtimeKernel Input Kernel OutputTor Input Tor Output
Tor Circuits
tag match tag match
![Page 14: Never Been KIST: Tor’s Congestion Management Blossoms with Kernel-Informed Socket Transport](https://reader036.vdocument.in/reader036/viewer/2022062519/568153e2550346895dc1ddf9/html5/thumbnails/14.jpg)
Live Tor Congestion - libkqtimeKernel Input Kernel OutputTor Input Tor Output
Tor Circuits
tag match tag matchtrack cells
![Page 15: Never Been KIST: Tor’s Congestion Management Blossoms with Kernel-Informed Socket Transport](https://reader036.vdocument.in/reader036/viewer/2022062519/568153e2550346895dc1ddf9/html5/thumbnails/15.jpg)
Shadow Network Simulation
● Enhanced Shadow with several missing TCP algorithms– CUBIC congestion control– Retransmission timers– Selective acknowledgements (SACK)– Forward acknowledgements (FACK)– Fast retransmit/recovery
● Designed largest known private Tor network– 3600 relays and 12000 simultaneously active clients– Internet topology graph: ~700k nodes and 1.3m links
![Page 16: Never Been KIST: Tor’s Congestion Management Blossoms with Kernel-Informed Socket Transport](https://reader036.vdocument.in/reader036/viewer/2022062519/568153e2550346895dc1ddf9/html5/thumbnails/16.jpg)
Track the UID
Shadow-Tor Congestion – UIDs
UID
UID Track the UID
![Page 17: Never Been KIST: Tor’s Congestion Management Blossoms with Kernel-Informed Socket Transport](https://reader036.vdocument.in/reader036/viewer/2022062519/568153e2550346895dc1ddf9/html5/thumbnails/17.jpg)
Track the UID
Shadow-Tor Congestion – UIDs
UID
UID Track the UID
Kernel Input Kernel OutputTor Input
Tor Output
Tor Circuits
![Page 18: Never Been KIST: Tor’s Congestion Management Blossoms with Kernel-Informed Socket Transport](https://reader036.vdocument.in/reader036/viewer/2022062519/568153e2550346895dc1ddf9/html5/thumbnails/18.jpg)
Tor and Shadow-Tor Congestion
Congestion occurs almost exclusively in outbound kernel buffers
Shadow-TorLive-Tor
![Page 19: Never Been KIST: Tor’s Congestion Management Blossoms with Kernel-Informed Socket Transport](https://reader036.vdocument.in/reader036/viewer/2022062519/568153e2550346895dc1ddf9/html5/thumbnails/19.jpg)
Outline
● Background
● Instrument Tor, measure congestion
● Analyze causes of congestion
● Design and evaluate KIST– Performance– Security
![Page 20: Never Been KIST: Tor’s Congestion Management Blossoms with Kernel-Informed Socket Transport](https://reader036.vdocument.in/reader036/viewer/2022062519/568153e2550346895dc1ddf9/html5/thumbnails/20.jpg)
Analyzing Causes of Congestion
Kernel OutputTor OutputTor Circuits
Queuing delays in kernel output buffer
![Page 21: Never Been KIST: Tor’s Congestion Management Blossoms with Kernel-Informed Socket Transport](https://reader036.vdocument.in/reader036/viewer/2022062519/568153e2550346895dc1ddf9/html5/thumbnails/21.jpg)
Analyzing Causes of Congestion
Kernel OutputTor OutputTor Circuits
Queuing delays in kernel output buffer
Problem 1:Circuit scheduling
Problem 2:Flushing to Sockets
![Page 22: Never Been KIST: Tor’s Congestion Management Blossoms with Kernel-Informed Socket Transport](https://reader036.vdocument.in/reader036/viewer/2022062519/568153e2550346895dc1ddf9/html5/thumbnails/22.jpg)
Problem 1: Circuit Scheduling
Kernel OutputTor OutputTor Circuits
Libevent schedules one connection at a time
![Page 23: Never Been KIST: Tor’s Congestion Management Blossoms with Kernel-Informed Socket Transport](https://reader036.vdocument.in/reader036/viewer/2022062519/568153e2550346895dc1ddf9/html5/thumbnails/23.jpg)
Problem 1: Circuit Scheduling
Kernel OutputTor OutputTor Circuits
Libevent schedules one connection at a time
Tor only considers a subset of writable
circuits
![Page 24: Never Been KIST: Tor’s Congestion Management Blossoms with Kernel-Informed Socket Transport](https://reader036.vdocument.in/reader036/viewer/2022062519/568153e2550346895dc1ddf9/html5/thumbnails/24.jpg)
Problem 1: Circuit Scheduling
Kernel OutputTor OutputTor Circuits
Libevent schedules one connection at a time
Tor only considers a subset of writable
circuits
Circuits from different connections are not prioritized correctly
![Page 25: Never Been KIST: Tor’s Congestion Management Blossoms with Kernel-Informed Socket Transport](https://reader036.vdocument.in/reader036/viewer/2022062519/568153e2550346895dc1ddf9/html5/thumbnails/25.jpg)
Problem 1: Circuit Scheduling
![Page 26: Never Been KIST: Tor’s Congestion Management Blossoms with Kernel-Informed Socket Transport](https://reader036.vdocument.in/reader036/viewer/2022062519/568153e2550346895dc1ddf9/html5/thumbnails/26.jpg)
Problem 1: Circuit Scheduling
Correctly differentiated No differentiation
![Page 27: Never Been KIST: Tor’s Congestion Management Blossoms with Kernel-Informed Socket Transport](https://reader036.vdocument.in/reader036/viewer/2022062519/568153e2550346895dc1ddf9/html5/thumbnails/27.jpg)
Problem 1: Circuit Scheduling
Correctly differentiated No differentiation
99.775% of any two circuits are unshared
![Page 28: Never Been KIST: Tor’s Congestion Management Blossoms with Kernel-Informed Socket Transport](https://reader036.vdocument.in/reader036/viewer/2022062519/568153e2550346895dc1ddf9/html5/thumbnails/28.jpg)
Problem 2: Flushing to Sockets
Kernel OutputTor OutputTor Circuits
Queuing delays in kernel output buffer
FIFO
![Page 29: Never Been KIST: Tor’s Congestion Management Blossoms with Kernel-Informed Socket Transport](https://reader036.vdocument.in/reader036/viewer/2022062519/568153e2550346895dc1ddf9/html5/thumbnails/29.jpg)
Problem 2: Flushing to Sockets
Kernel OutputTor OutputTor Circuits
Worse priority traffic (high throughput flows) FIFO
![Page 30: Never Been KIST: Tor’s Congestion Management Blossoms with Kernel-Informed Socket Transport](https://reader036.vdocument.in/reader036/viewer/2022062519/568153e2550346895dc1ddf9/html5/thumbnails/30.jpg)
Problem 2: Flushing to Sockets
Kernel OutputTor OutputTor Circuits
Better priority traffic(low throughput flows)
Worse priority traffic (high throughput flows) FIFO
![Page 31: Never Been KIST: Tor’s Congestion Management Blossoms with Kernel-Informed Socket Transport](https://reader036.vdocument.in/reader036/viewer/2022062519/568153e2550346895dc1ddf9/html5/thumbnails/31.jpg)
Problem 2: Flushing to Sockets
Kernel OutputTor OutputTor Circuits
Better priority traffic(low throughput flows)
Must wait for kernel to flush socket to network (blocked
on TCP cwnd)
Worse priority traffic (high throughput flows) FIFO
![Page 32: Never Been KIST: Tor’s Congestion Management Blossoms with Kernel-Informed Socket Transport](https://reader036.vdocument.in/reader036/viewer/2022062519/568153e2550346895dc1ddf9/html5/thumbnails/32.jpg)
Problem 2: Flushing to Sockets
Kernel OutputTor OutputTor Circuits
Better priority traffic(low throughput flows)
Reduces effectiveness of circuit priority
Worse priority traffic (high throughput flows) FIFO
![Page 33: Never Been KIST: Tor’s Congestion Management Blossoms with Kernel-Informed Socket Transport](https://reader036.vdocument.in/reader036/viewer/2022062519/568153e2550346895dc1ddf9/html5/thumbnails/33.jpg)
Outline
● Background
● Instrument Tor, measure congestion
● Analyze causes of congestion
● Design and evaluate KIST– Performance– Security
![Page 34: Never Been KIST: Tor’s Congestion Management Blossoms with Kernel-Informed Socket Transport](https://reader036.vdocument.in/reader036/viewer/2022062519/568153e2550346895dc1ddf9/html5/thumbnails/34.jpg)
Ask the kernel, stupid!
● Utilize getsockopt and ioctl syscalls
socket_space = sndbufcap – sndbuflen
tcp_space = (cwnd – unacked) * mss
sndbuflen
sndbufcap
unacked
cwnd
![Page 35: Never Been KIST: Tor’s Congestion Management Blossoms with Kernel-Informed Socket Transport](https://reader036.vdocument.in/reader036/viewer/2022062519/568153e2550346895dc1ddf9/html5/thumbnails/35.jpg)
Kernel-Informed Socket Transport
● Don’t write it if the kernel can’t send it;bound kernel writes by: – Socket: min(socket_space, tcp_space)– Global: upstream bandwidth capacity
Solution to Problem 2
![Page 36: Never Been KIST: Tor’s Congestion Management Blossoms with Kernel-Informed Socket Transport](https://reader036.vdocument.in/reader036/viewer/2022062519/568153e2550346895dc1ddf9/html5/thumbnails/36.jpg)
Kernel-Informed Socket Transport
● Don’t write it if the kernel can’t send it;bound kernel writes by: – Socket: min(socket_space, tcp_space)– Global: upstream bandwidth capacity
● Choose globally from all writable circuits
Solution to Problem 1
![Page 37: Never Been KIST: Tor’s Congestion Management Blossoms with Kernel-Informed Socket Transport](https://reader036.vdocument.in/reader036/viewer/2022062519/568153e2550346895dc1ddf9/html5/thumbnails/37.jpg)
Kernel-Informed Socket Transport
● Don’t write it if the kernel can’t send it;bound kernel writes by: – Socket: min(socket_space, tcp_space)– Global: upstream bandwidth capacity
● Choose globally from all writable circuits
● Try to write again before kernel starvation
![Page 38: Never Been KIST: Tor’s Congestion Management Blossoms with Kernel-Informed Socket Transport](https://reader036.vdocument.in/reader036/viewer/2022062519/568153e2550346895dc1ddf9/html5/thumbnails/38.jpg)
KIST Reduces Kernel Congestion
![Page 39: Never Been KIST: Tor’s Congestion Management Blossoms with Kernel-Informed Socket Transport](https://reader036.vdocument.in/reader036/viewer/2022062519/568153e2550346895dc1ddf9/html5/thumbnails/39.jpg)
KIST Increases Tor Congestion
![Page 40: Never Been KIST: Tor’s Congestion Management Blossoms with Kernel-Informed Socket Transport](https://reader036.vdocument.in/reader036/viewer/2022062519/568153e2550346895dc1ddf9/html5/thumbnails/40.jpg)
KIST Reduces Circuit Congestion
![Page 41: Never Been KIST: Tor’s Congestion Management Blossoms with Kernel-Informed Socket Transport](https://reader036.vdocument.in/reader036/viewer/2022062519/568153e2550346895dc1ddf9/html5/thumbnails/41.jpg)
KIST Improves Network Latency
![Page 42: Never Been KIST: Tor’s Congestion Management Blossoms with Kernel-Informed Socket Transport](https://reader036.vdocument.in/reader036/viewer/2022062519/568153e2550346895dc1ddf9/html5/thumbnails/42.jpg)
Outline
● Background
● Instrument Tor, measure congestion
● Analyze causes of congestion
● Design and evaluate KIST– Performance– Security
![Page 43: Never Been KIST: Tor’s Congestion Management Blossoms with Kernel-Informed Socket Transport](https://reader036.vdocument.in/reader036/viewer/2022062519/568153e2550346895dc1ddf9/html5/thumbnails/43.jpg)
Traffic Correlation: Latency
Hopper et.al. CCS’07
Goal: narrow down potential locations of the client on a target circuit
![Page 44: Never Been KIST: Tor’s Congestion Management Blossoms with Kernel-Informed Socket Transport](https://reader036.vdocument.in/reader036/viewer/2022062519/568153e2550346895dc1ddf9/html5/thumbnails/44.jpg)
Traffic Correlation: Latency
Hopper et.al. CCS’07
-Inject redirect or javascript
-Start timer
![Page 45: Never Been KIST: Tor’s Congestion Management Blossoms with Kernel-Informed Socket Transport](https://reader036.vdocument.in/reader036/viewer/2022062519/568153e2550346895dc1ddf9/html5/thumbnails/45.jpg)
Traffic Correlation: Latency
GET
Hopper et.al. CCS’07
Request redirected page or embedded object
![Page 46: Never Been KIST: Tor’s Congestion Management Blossoms with Kernel-Informed Socket Transport](https://reader036.vdocument.in/reader036/viewer/2022062519/568153e2550346895dc1ddf9/html5/thumbnails/46.jpg)
Traffic Correlation: Latency
GET
Hopper et.al. CCS’07
-Stop timer-Estimate latency
![Page 47: Never Been KIST: Tor’s Congestion Management Blossoms with Kernel-Informed Socket Transport](https://reader036.vdocument.in/reader036/viewer/2022062519/568153e2550346895dc1ddf9/html5/thumbnails/47.jpg)
Latency Attack| estimate – actual |
![Page 48: Never Been KIST: Tor’s Congestion Management Blossoms with Kernel-Informed Socket Transport](https://reader036.vdocument.in/reader036/viewer/2022062519/568153e2550346895dc1ddf9/html5/thumbnails/48.jpg)
Latency Attacknum pings until best estimate
![Page 49: Never Been KIST: Tor’s Congestion Management Blossoms with Kernel-Informed Socket Transport](https://reader036.vdocument.in/reader036/viewer/2022062519/568153e2550346895dc1ddf9/html5/thumbnails/49.jpg)
Traffic Correlation: Throughput
Mittal et.al. CCS’11
Goal: find guard relay of the client on a target circuit
![Page 50: Never Been KIST: Tor’s Congestion Management Blossoms with Kernel-Informed Socket Transport](https://reader036.vdocument.in/reader036/viewer/2022062519/568153e2550346895dc1ddf9/html5/thumbnails/50.jpg)
Traffic Correlation: Throughput
Mittal et.al. CCS’11
Probe throughput of all guard relays
![Page 51: Never Been KIST: Tor’s Congestion Management Blossoms with Kernel-Informed Socket Transport](https://reader036.vdocument.in/reader036/viewer/2022062519/568153e2550346895dc1ddf9/html5/thumbnails/51.jpg)
Traffic Correlation: Throughput
Mittal et.al. CCS’11
Correlate throughput between
exit and probes
![Page 52: Never Been KIST: Tor’s Congestion Management Blossoms with Kernel-Informed Socket Transport](https://reader036.vdocument.in/reader036/viewer/2022062519/568153e2550346895dc1ddf9/html5/thumbnails/52.jpg)
Throughput Attack Results
![Page 53: Never Been KIST: Tor’s Congestion Management Blossoms with Kernel-Informed Socket Transport](https://reader036.vdocument.in/reader036/viewer/2022062519/568153e2550346895dc1ddf9/html5/thumbnails/53.jpg)
Conclusion
● Where is Tor slow?
● KIST complements other performance enhancements, e.g. circuit priority
● Next steps– Currently exploring various algorithmic optimizations– Test KIST in the wild and deploy in Tor
![Page 54: Never Been KIST: Tor’s Congestion Management Blossoms with Kernel-Informed Socket Transport](https://reader036.vdocument.in/reader036/viewer/2022062519/568153e2550346895dc1ddf9/html5/thumbnails/54.jpg)
Questions?
robgjansen.com
github.com/robgjansen/libkqtime
github.com/shadow
think like an adversary
![Page 55: Never Been KIST: Tor’s Congestion Management Blossoms with Kernel-Informed Socket Transport](https://reader036.vdocument.in/reader036/viewer/2022062519/568153e2550346895dc1ddf9/html5/thumbnails/55.jpg)
Relay InternalsKernel Input Kernel OutputTor Input Tor Output
Tor Circuits
Network Input
![Page 56: Never Been KIST: Tor’s Congestion Management Blossoms with Kernel-Informed Socket Transport](https://reader036.vdocument.in/reader036/viewer/2022062519/568153e2550346895dc1ddf9/html5/thumbnails/56.jpg)
Relay InternalsKernel Input Kernel OutputTor Input Tor Output
Tor Circuits
Split data into socket buffers
![Page 57: Never Been KIST: Tor’s Congestion Management Blossoms with Kernel-Informed Socket Transport](https://reader036.vdocument.in/reader036/viewer/2022062519/568153e2550346895dc1ddf9/html5/thumbnails/57.jpg)
Relay InternalsKernel Input Kernel OutputTor Input Tor Output
Tor Circuits
Read data from sockets into Tor
![Page 58: Never Been KIST: Tor’s Congestion Management Blossoms with Kernel-Informed Socket Transport](https://reader036.vdocument.in/reader036/viewer/2022062519/568153e2550346895dc1ddf9/html5/thumbnails/58.jpg)
Relay InternalsKernel Input Kernel OutputTor Input Tor Output
Tor Circuits
Process data (encrypt/decrypt)
![Page 59: Never Been KIST: Tor’s Congestion Management Blossoms with Kernel-Informed Socket Transport](https://reader036.vdocument.in/reader036/viewer/2022062519/568153e2550346895dc1ddf9/html5/thumbnails/59.jpg)
Relay InternalsKernel Input Kernel OutputTor Input Tor Output
Tor Circuits
Split cells into circuit queues
![Page 60: Never Been KIST: Tor’s Congestion Management Blossoms with Kernel-Informed Socket Transport](https://reader036.vdocument.in/reader036/viewer/2022062519/568153e2550346895dc1ddf9/html5/thumbnails/60.jpg)
Relay InternalsKernel Input Kernel OutputTor Input Tor Output
Tor Circuits
Circuits linked to outgoing connection
![Page 61: Never Been KIST: Tor’s Congestion Management Blossoms with Kernel-Informed Socket Transport](https://reader036.vdocument.in/reader036/viewer/2022062519/568153e2550346895dc1ddf9/html5/thumbnails/61.jpg)
Relay InternalsKernel Input Kernel OutputTor Input Tor Output
Tor Circuits
Schedule cells
![Page 62: Never Been KIST: Tor’s Congestion Management Blossoms with Kernel-Informed Socket Transport](https://reader036.vdocument.in/reader036/viewer/2022062519/568153e2550346895dc1ddf9/html5/thumbnails/62.jpg)
Relay InternalsKernel Input Kernel OutputTor Input Tor Output
Tor Circuits
Write data from Tor into sockets
![Page 63: Never Been KIST: Tor’s Congestion Management Blossoms with Kernel-Informed Socket Transport](https://reader036.vdocument.in/reader036/viewer/2022062519/568153e2550346895dc1ddf9/html5/thumbnails/63.jpg)
Relay InternalsKernel Input Kernel OutputTor Input Tor Output
Tor Circuits
Schedule data for sending
![Page 64: Never Been KIST: Tor’s Congestion Management Blossoms with Kernel-Informed Socket Transport](https://reader036.vdocument.in/reader036/viewer/2022062519/568153e2550346895dc1ddf9/html5/thumbnails/64.jpg)
Relay InternalsKernel Input Kernel OutputTor Input Tor Output
Tor Circuits
Opportunities for traffic
management
![Page 65: Never Been KIST: Tor’s Congestion Management Blossoms with Kernel-Informed Socket Transport](https://reader036.vdocument.in/reader036/viewer/2022062519/568153e2550346895dc1ddf9/html5/thumbnails/65.jpg)
KIST Improves Network Throughput