MIT: Our Anonymity Network Riffle Is Better than Tor

Exterminator

Level 85
Thread author
Verified
Top Poster
Well-known
Oct 23, 2012
12,527
Researchers from MIT and the École Polytechnique Fédérale de Lausanne, in Switzerland, have created a new type of anonymity network, which they claim fixes some of Tor's weak spots.

Called Riffle, their network works similarly to Tor but is hardened against situations when malicious actors introduce rogue servers on the network, a technique known as Sybil attack, to which Tor is vulnerable.

To fend off these types of attacks, researchers made some changes to how Tor's basic principles function and created a new anonymity network from scratch.

Riffle uses Tor's Onion protocol
First and foremost, Riffle uses a unique system for shuffling messages around while transiting through servers. If packet A, B, C enter a Riffle server, they will be delayed and shuffled in a random order, and then sent out in a completely different order (for example, C, A, B).

A threat actor tracking the path of the message will not be able to guess when and which packet that has entered a Riffle node is set to leave.

Riffle does not completely overhaul how Tor works because it still uses the groundbreaking Onion protocol to encrypt its messages with different levels of encryption, which are peeled off by every server through which the message travels. So an attacker will still have to break several layers of encryption to reach Riffle content.
Riffle uses a two-phase authentication system
For Sybil attacks, Riffle uses a technique called "verifiable shuffle," which works on top of the Onion protocol.

"[T]he encryption can be done in such a way that the server can generate a mathematical proof that the messages it sends are valid manipulations of the ones it receives," MIT explains.

This is done by sending the first message of a communication channel to all servers on the Riffle network. This message is used to establish secure connections to all servers along a message's path.

After the first message, the rest of the communication channel uses a less CPU-intensive authentication and encryption system that is still secure enough and also provides better speeds for data transfers, when compared to Tor.

New Riffle network is faster than Tor
Researchers say that file transfers required one-tenth of the time as compared to other anonymity networks.

Previous efforts to create a better anonymity network included projects such as HORNET or MIT's Vuvuzela. While HORNET was ready for testing and its creators were bragging about being faster and more secure than Tor as well, Vuvuzela was nowhere near a production-ready state.

More details about Riffle will be presented at the Privacy Enhancing Technologies Symposium in July, in Darmstadt, Germany.
 

DardiM

Level 26
Verified
Honorary Member
Top Poster
Malware Hunter
Well-known
May 14, 2016
1,597
Thanks for the share :)

I think not only malicious actors introduce rogue servers on the network. I suspect some intelligence agencies :rolleyes:
The Tor's Team is now open to crowdfunding, to depend less on direct investment from the U.S. Government.
In the future the team will certainly strengthen its network.
 

jamescv7

Level 85
Verified
Honorary Member
Mar 15, 2011
13,070
Nice alternative considering that encryption and anonymity must be stronger, since nowadays so many proof of concept that Tor can easily expose on any risks.

Make the encryption much stronger so that few only may manage to compromise because of complexity.
 
  • Like
Reactions: DardiM and LabZero

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top