Introducing SOR: SSH-based Onion Routing

Traditional low-latency anonymization techniques apply non-standardized, complex, and often even proprietary protocols. Apart from poor performance, the high development effort leads to the existence of at most one single implementation. This in turn increases the risk of creating so-called software monocultures, where failures in the single implementation can compromise the overall security. In this paper we introduce SOR -- a novel approach for anonymization that is completely based on standardized, well tested, and performance-tuned protocols. It utilizes out-of-the-box nested SSH connections to achieve an exhaustive state-of-the-art anonymization system based on onion routing. Our approach supports both sender and receiver anonymity. Besides of many audited implementations, the SSH protocol itself is mature and has been thoroughly analyzed with respect to security issues. The results of our evaluation show that our approach outperforms existing alternatives by a factor of up to nine without sacrificing the degree of anonymity. Moreover, SOR can be easily implemented which increases the chances of having many alternative clients available.