This post first appeared on my old blog in August 2016. It is preserved, but maybe not updated, here. I'm """actively""" working on a better front page / About Me post.


I work for the Naval Research Lab. From 2016-2020 I worked among world experts on privacy and security performing research and development on Tor, and sometimes the Internet in general. You will find this reflected in my publications below.

As of 2021 I still work for NRL but not to work with Tor. I want to keep doing privacy/security things in my free time, but I'm currently looking for monetize-able hobbies, and in my experience, privacy/security stuff isn't easily monetize-able. Contact me if you have an idea, and ideally funding go with it.

As for running relays: I have managed 10s of relays over the years, many of which are exits. At times my fleet would push 1 Gbps all day every day (not capacity, but usage). Please contact me if you would like to support the operation of high-quality up-to-date relays and/or relays running new experimental versions of Tor. I will also run exits with your support. The relays I run can be found here (link likely to stop working without me noticing).

Publications

Peer-Reviewed Journals and Conferences

Self-Authenticating Traditional Domain Names [pdf] [code]
IEEE Secure Development Conference (SecDev 2019)
Paul Syverson and Matthew Traudt

KIST: Kernel-Informed Socket Transport for Tor [pdf] [acm]
ACM Transactions on Privacy and Security (TOPS 2018)
Rob Jansen, Matthew Traudt, John Geddes, Chris Wacek, Micah Sherr, and Paul Syverson

Privacy-preserving Dynamic Learning of Tor Network Traffic [pdf] [data]
25th ACM Conference on Computer and Communication Security (CCS 2018)
Rob Jansen, Matthew Traudt, and Nick Hopper

Peer-Reviewed Workshops

Does Pushing Security on Clients Make Them Safer? [slides] [pdf]
12th Workshop on Hot Topics in Privacy Enhancing Technologies (HotPETs 2019)
Matthew Traudt and Paul Syverson

HSTS Supports Targeted Surveillance [pdf] [foci]
8th USENIX Workshop on Free and Open Communications on the Internet (FOCI 2018)
Paul Syverson and Matthew Traudt

Tor Proposals

FlashFlow: A Secure Speed Test for Tor (Parent Proposal) prop#316, 2020
Matthew Traudt, Rob Jansen, Aaron Johnson, and Mike Perry
Discussion

Other

FlashFlow: A Secure Speed Test for Tor [arxiv]
Technical Report arXiv:2004.09583 [cs.CR] (arXiv 2020)
Matthew Traudt, Rob Jansen, and Aaron Johnson

Tor’s Been KIST: A Case Study of Transitioning Tor Research to Practice [pdf] [arxiv]
Technical Report arXiv:1709.01044 [cs.CR] (arXiv 2017)
Rob Jansen and Matthew Traudt

Contact

Personal: sirmatt |at| ksu d0t edu
Tor: pastly |at| torproject d0t org
Work: matthew d0t traudt |at| nrl d0t navy d0t mil
GPG 0x83BCA95294FBBB0A
Reddit: /u/system33- and /u/pastlytor. Any other username claiming to be me is lying.
IRC: pastly on irc.oftc.net
Matrix: @pastly:matrix.org

Projects

In general, you can find code I write in public on GitHub and Tor's GitLab.

Simple Bandwidth Scanner

Project link

Some of the Tor directory authorities run bandwidth scanners to measure the bandwidth of relays and include their measurements in their network status votes. Clients use the consensus of these weights to inform their path selection process with the hope that every circuit they build will have roughly equal performance, regardless of the relays chosen. This achieves a form of load balancing.

Historically, the directory authorities that ran bandwidth scanners (bandwidth authorities), ran torflow. Time passed, it slowly become less maintained, and the collective knowledge of how it worked slipped away.

Simple Bandwidth Scanner (sbws) aims to be a quick to implement, easy to maintain replacement for torflow.

KIST

KIST is a new scheduler for Tor. It is merged into Tor code as of 0.3.2.9. It prioritizes low-bandwidth, bursty traffic (web traffic) over high-bandwidth, continuous traffic. See my relevant publications for more information.

BM - Blog Maker

Project link

BM is barely maintained.

BM is a set of scripts that use common GNU utilities to dynamically create a static blog. See the README at the project page linked above for more information.