- Oct 23, 2012
- 12,527
Researchers from MIT and the École Polytechnique Fédérale de Lausanne, in Switzerland, have created a new type of anonymity network, which they claim fixes some of Tor's weak spots.
Called Riffle, their network works similarly to Tor but is hardened against situations when malicious actors introduce rogue servers on the network, a technique known as Sybil attack, to which Tor is vulnerable.
To fend off these types of attacks, researchers made some changes to how Tor's basic principles function and created a new anonymity network from scratch.
Riffle uses Tor's Onion protocol
First and foremost, Riffle uses a unique system for shuffling messages around while transiting through servers. If packet A, B, C enter a Riffle server, they will be delayed and shuffled in a random order, and then sent out in a completely different order (for example, C, A, B).
A threat actor tracking the path of the message will not be able to guess when and which packet that has entered a Riffle node is set to leave.
Riffle does not completely overhaul how Tor works because it still uses the groundbreaking Onion protocol to encrypt its messages with different levels of encryption, which are peeled off by every server through which the message travels. So an attacker will still have to break several layers of encryption to reach Riffle content.
Called Riffle, their network works similarly to Tor but is hardened against situations when malicious actors introduce rogue servers on the network, a technique known as Sybil attack, to which Tor is vulnerable.
To fend off these types of attacks, researchers made some changes to how Tor's basic principles function and created a new anonymity network from scratch.
Riffle uses Tor's Onion protocol
First and foremost, Riffle uses a unique system for shuffling messages around while transiting through servers. If packet A, B, C enter a Riffle server, they will be delayed and shuffled in a random order, and then sent out in a completely different order (for example, C, A, B).
A threat actor tracking the path of the message will not be able to guess when and which packet that has entered a Riffle node is set to leave.
Riffle does not completely overhaul how Tor works because it still uses the groundbreaking Onion protocol to encrypt its messages with different levels of encryption, which are peeled off by every server through which the message travels. So an attacker will still have to break several layers of encryption to reach Riffle content.
Riffle uses a two-phase authentication system
For Sybil attacks, Riffle uses a technique called "verifiable shuffle," which works on top of the Onion protocol.
"[T]he encryption can be done in such a way that the server can generate a mathematical proof that the messages it sends are valid manipulations of the ones it receives," MIT explains.
This is done by sending the first message of a communication channel to all servers on the Riffle network. This message is used to establish secure connections to all servers along a message's path.
After the first message, the rest of the communication channel uses a less CPU-intensive authentication and encryption system that is still secure enough and also provides better speeds for data transfers, when compared to Tor.
New Riffle network is faster than Tor
Researchers say that file transfers required one-tenth of the time as compared to other anonymity networks.
Previous efforts to create a better anonymity network included projects such as HORNET or MIT's Vuvuzela. While HORNET was ready for testing and its creators were bragging about being faster and more secure than Tor as well, Vuvuzela was nowhere near a production-ready state.
More details about Riffle will be presented at the Privacy Enhancing Technologies Symposium in July, in Darmstadt, Germany.