Tor’s growing popularity and user diversity has resulted in network performance problems that are not well understood, though performance is understood to be a significant factor in Tor’s security. A large body of work has attempted to solve performance problems without a complete understanding of where congestion occurs in Tor. In this article, we first study congestion in Tor at individual relays as well as along the entire end-to-end Tor path and find that congestion occurs almost exclusively in egress kernel socket buffers. We then analyze Tor’s socket interactions and discover two major contributors to Tor’s congestion: Tor writes sockets sequentially, and Tor writes as much as possible to each socket. To improve Tor’s performance, we design, implement, and test KIST: a new socket management algorithm that uses real-time kernel information to dynamically compute the amount to write to each socket while considering all circuits of all writable sockets when scheduling cells. We find that, in the medians, KIST reduces circuit congestion by more than 30%, reduces network latency by 18%, and increases network throughput by nearly 10%. We also find that client and relay performance with KIST improves as more relays deploy it and as network load and packet loss rates increase. We analyze the security of KIST and find an acceptable performance and security tradeoff, as it does not significantly affect the outcome of well-known latency, throughput, and traffic correlation attacks. KIST has been merged and configured as the default socket scheduling algorithm in Tor version 0.3.2.1-alpha (released September 18, 2017) and became stable in Tor version 0.3.2.9 (released January 9, 2018). While our focus is Tor, our techniques and observations should help analyze and improve overlay and application performance, both for security applications and in general.

中文翻译：

---

KIST

Tor 的日益普及和用户的多样性导致网络性能问题尚未得到很好的理解，尽管性能被认为是 Tor 安全性的一个重要因素。大量的工作试图在没有完全了解 Tor 发生拥塞的位置的情况下解决性能问题。在本文中，我们首先研究 Tor 中各个中继以及整个端到端 Tor 路径的拥塞，发现拥塞几乎只发生在出口内核套接字缓冲区中。然后我们分析 Tor 的套接字交互并发现导致 Tor 拥塞的两个主要因素：Tor 顺序写入套接字，并且 Tor 尽可能多地写入每个套接字。为了提高 Tor 的性能，我们设计、实现和测试 KIST：一种使用实时内核信息的新套接字管理算法动态计算写入量到每个插座，同时考虑所有可写套接字的所有电路调度小区时。我们发现，在中位数中，KIST 将电路拥塞减少了 30% 以上，网络延迟减少了 18%，网络吞吐量增加了近 10%。我们还发现，使用 KIST 的客户端和中继性能会随着更多中继的部署以及网络负载和丢包率的增加而提高。我们分析 KIST 的安全性并找到可接受的性能和安全性权衡，因为它不会显着影响众所周知的延迟、吞吐量和流量相关攻击的结果。KIST 已合并并配置为 Tor 版本 0.3.2.1-alpha（2017 年 9 月 18 日发布）中的默认套接字调度算法，并在 Tor 版本 0.3.2.9（2018 年 1 月 9 日发布）中变得稳定。虽然我们的重点是 Tor，