For years, Tor has been the network of choice for Internet users who want to remain anonymous while online. But in recent times, Tor's repuation has taken a hit after reports of severe vulnerabilities in the network.
Researchers from MIT and the École Polytechnique Fédérale de Lausanne in Switzerland will soon reveal Riffle, an anonymous network they say works much faster than Tor and provides beefed-up security measures. Here are the details from MIT's news release on the project:
The heart of the system is a series of servers called a mixnet. Each server permutes the order in which it receives messages before passing them on to the next. If, for instance, messages from senders Alice, Bob, and Carol reach the first server in the order A, B, C, that server would send them to the second server in a different order — say, C, B, A. The second server would permute them before sending them to the third, and so on.
An adversary that had tracked the messages’ points of origin would have no idea which was which by the time they exited the last server. It’s this reshuffling of the messages that gives the new system its name: Riffle.
Like many anonymity systems, Riffle also uses a technique known as onion encryption; “Tor,” for instance, is an acronym for “the onion router.” With onion encryption, the sending computer wraps each message in several layers of encryption, using a public-key encryption system like those that safeguard most financial transactions online. Each server in the mixnet removes only one layer of encryption, so that only the last server knows a message’s ultimate destination.
To thwart message tampering, Riffle uses a technique called a verifiable shuffle. Because of the onion encryption, the messages that each server forwards look nothing like the ones it receives; it has peeled off a layer of encryption. But the encryption can be done in such a way that the server can generate a mathematical proof that the messages it sends are valid manipulations of the ones it receives.
MIT's announcement includes more technical details of Riffle's design as well as how it differs from Tor, and is well worth a read.
Riffle will surely come under close scrutiny from security experts when the researchers present it next week at the Privacy Enhancing Technologies Symposium in Darmstadt, Germany.
"Most 'privacy enhancing technologies' are really secrecy technologies, and they have two problems," says Constellation Research VP and principal analyst Steve Wilson. "A practical problem is that you need all ends of the network using the technology. It's like fax machines: everyone needs one or the technology is useless. So security protocols like Riffle take a long time to to penetrate."
But its technical merits are one matter. There's a vexing philosophical dilemma involving privacy to consider as well, Wilson adds.
"The other problem is really fundamental: Anonymity is not actually what we want," he says. "We want others to know us, to have personal information about us, so we can get services and buy stuff and communicate. You cannot hide behind Tor and Riffle for long. Privacy is all about protecting us when our business is not secret."
"The main privacy problems have to do with businesses and governments abusing the personal information they have about us," Wilson adds. "These point-to-point secrecy protocols are great for stopping surveillance and eavesdropping but what happens if our information is abused by the intended receiver, like a social network? Or is simply lost in a breach at e.g., a hospital?
"I salute fundamental security research like Riffle, I really do," he says. "It's great to be doing R&D in security protocols. But let's be careful how we frame privacy. Using something like Riffle to protect your PII when connecting to Facebook is like using an armored car to deliver your life savings to Bermie Madoff."
24/7 Access to Constellation Insights
If you’d like unrestricted access to Constellation Insights, consider joining the Constellation Executive Network for analyst advice and analyses that you can use.