Interactive communication on Tor incurs latencies more than 5x greater than direct Internet paths; onion services compound this by creating a 6-hop circuit (3 client-side plus 3 server-side). Shadow simulations at 100% Tor network scale (752,338 active clients, 6,666 nodes) showed that deploying 3,500 and 6,000 Bento servers caused only 4.4% and 9.6% client-side performance degradation respectively, demonstrating that programmable middlebox overlays are feasible at Tor scale.

A Tor relay serving as a Bento server and hosting a CenTor instance for 10,000 simultaneous clients experienced only approximately 0.4% performance degradation compared to a vanilla relay; running 20 concurrent CenTor instances on a single relay caused roughly 1% degradation. Shadow-aware routing in a low-relay-density region (US, 933 of 6,666 relays in shadow) produced 0.7% relay degradation while delivering 3.6% client performance improvement.

§5.2 evaluation

CenTor, a CDN for Tor onion services deployed as a Bento network function, achieved approximately 56.4% reduction in download time compared to standard Tor under a geographically-aware shadow configuration, while location-unaware CenTor (reducing hops without shadow restriction) achieved a 34.5% reduction. The key mechanism is eliminating the server-side 3-hop circuit by deploying replicas in non-anonymous mode, cutting the default 6-hop onion service path to 3 hops.

§5.1 evaluation

CenTor protects origin onion service operators from DoS and deanonymization by routing all client traffic through geographically distributed Bento replicas running inside SGX-based Trusted Execution Environments (TEEs). The original operator can go fully offline after deploying static content; replicas enforce confidentiality and integrity of hosted content with ephemeral per-enclave encryption keys, preventing malicious Bento node operators from inspecting or modifying content even if they control the underlying hardware.

§3.1, §5.3 defense

CenTor's anonymity scoring function quantifies the privacy cost of geographic shadow selection using six parameters (client density, AS-level and country-level entropy, relay density, exit density, guard density). Prior work establishes that reducing the client anonymity set by 20x—retaining at least 5% of total Tor users—still provides strong anonymity; accordingly, CenTor recommends minimum thresholds of CD, EL, EC ≥ 0.05 and RD, ED ≥ 0.2 for safe shadow operation.

§4.1, §4.2, Table 2 defense