Menu
Use Tor? Riffle promises to protect your privacy even better

Use Tor? Riffle promises to protect your privacy even better

The network combines three cryptographic techniques and boasts much faster performance

Privacy-minded people have long relied on Tor for anonymity online, but a new system from MIT promises better protection and faster performance.

Dubbed Riffle, the new system taps the same onion encryption technique after which Tor is named, but it adds two others as well. First is what's called a mixnet, a series of servers that each permute the order in which messages are received before passing them on to the next server.

If messages arrive at the first server in the order A, B, C, for example, that server would send them to the second server in a different order, such as C, B, A. The second server would them reshuffle things again when sending the messages on. The advantage there is that a would-be attacker who had tracked the messages’ points of origin would have no idea which was which by the time they exited the last server.

A mixnet used with onion encryption is protected against passive adversaries, which can only observe network traffic. But active adversaries, which can infiltrate servers with their own code, are another matter. If one has commandeered a mixnet router and wants to determine the destination of a particular message, for instance, it could simply replace all the other messages it receives with its own, bound for a single destination. Then it could passively track the one message that doesn’t follow its own prespecified route.

That's where Riffle's third protective measure comes in. Essentially, it takes a two-pronged approach to validating the authenticity of messages using techniques called verifiable shuffle and authentication encryption. Verifiable shuffle keeps things secure while each user and each mixnet server agree upon a cryptographic key; authentication encryption, which is much more efficient, then takes over for the remainder of the communication session.

The overall result is that Riffle remains cryptographically secure as long as one server in the mixnet remains uncompromised, according to MIT. Meanwhile, Riffle also uses bandwidth much more efficiently than competing systems, its creators say. In experiments, it required only one-tenth as much time as similarly secure experimental systems to transfer a large file between anonymous users.

Riffle was developed by researchers at MIT’s Computer Science and Artificial Intelligence Laboratory and the École Polytechnique Fédérale de Lausanne. The system isn't yet available for public use, but the researchers will present a paper describing their work at the Privacy Enhancing Technologies Symposium in Germany next week.

“The idea of mixnets has been around for a long time, but unfortunately, it’s always relied on public-key cryptography and on public-key techniques, and that’s been expensive,” says Jonathan Katz, director of the Maryland Cybersecurity Center and a professor of computer science at the University of Maryland. “One of the contributions of this paper is that they showed how to use more efficient symmetric-key techniques to accomplish the same thing. They do one expensive shuffle using known protocols, but then they bootstrap off of that to enable many subsequent shufflings.”


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Events

Featured

Slideshows

Meet the Reseller News 30 Under 30 Tech Awards 2020 winners

Meet the Reseller News 30 Under 30 Tech Awards 2020 winners

This year’s Reseller News 30 Under 30 Tech Awards were held as an integral part of the first entirely virtual Emerging Leaders​ forum, an annual event dedicated to identifying, educating and showcasing the New Zealand technology market’s rising stars. The 30 Under 30 Tech Awards 2020 recognised the outstanding achievements and business excellence of 30 talented individuals​, across both young leaders and those just starting out. In this slideshow, Reseller News honours this year's winners and captures their thoughts about how their ideas of leadership have changed over time.​

Meet the Reseller News 30 Under 30 Tech Awards 2020 winners
Reseller News Exchange Auckland: Beyond the myths — how partners can master cloud security

Reseller News Exchange Auckland: Beyond the myths — how partners can master cloud security

This exclusive Reseller News Exchange event in Auckland explored the challenges facing the partner community on the cloud security frontier, as well as market trends, customer priorities and how the channel can capitalise on the opportunities available. In association with Arrow, Bitdefender, Exclusive Networks, Fortinet and Palo Alto Networks. Photos by Gino Demeer.

Reseller News Exchange Auckland: Beyond the myths — how partners can master cloud security
Reseller News welcomes industry figures at 2020 Hall of Fame lunch

Reseller News welcomes industry figures at 2020 Hall of Fame lunch

Reseller News welcomed 2019 inductees - Leanne Buer, Ross Jenkins and Terry Dunn - to the fourth running of the Reseller News Hall of Fame lunch, held at the French Cafe in Auckland. The inductees discussed the changing face of the IT channel ecosystem in New Zealand and what it means to be a Reseller News Hall of Fame inductee. Photos by Gino Demeer.

Reseller News welcomes industry figures at 2020 Hall of Fame lunch
Show Comments