[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: one less onion skin

Nick Mathewson wrote:
On Wed, Mar 07, 2007 at 09:29:43AM -0500, Paul Syverson wrote:
My kneejerk response is
that (a) the overhead from this vs. everything else in Tor is very

This was one of the major reasons for not doing it at the same time as CREATE_FAST. Assuming that TLS conns are mostly longer-lived than circuits, then circuit PK should strongly dominate link PK. The same amount of data, however, goes over TLS as over circuits.

Given those (fuzzy, inaccurate) assumptions, it follows using
CREATE_FAST should have been sufficient to get rid of 33% of the
server-side PK.  Dumping the first circuit hop's AES, however, would
only get rid (at best) of 12.5% of server-side AES, so it wasn't as
immediately clear of a win.  (There are 8 server-side AES operations
on all the data now: the first two servers in the circuit need to a
TLS decrypt, a circuit decrypt, and a TLS encrypt; the third server
does a TLS decrypt and a circuit decrypt.)

AES was between 8 and 20% of server CPU time the last time I looked;
this change would save at most 2.5% of server CPU, which doesn't
really make it seem like low-hanging fruit to me.

Is the 8 to 20% AES CPU time true even for Entry Guards?

When I checked a couple of weeks ago, the network-status documents listed only 279 Entry Guards (out of 1301 total nodes). My thought was that it makes sense to make their burden lighter since they handle more circuits. Can't we eliminate 33% of the Entry Guards AES operations by dropping the outer onion skin?