Menu
Use Tor? Riffle promises to protect your privacy even better

Use Tor? Riffle promises to protect your privacy even better

The network combines three cryptographic techniques and boasts much faster performance

Privacy-minded people have long relied on Tor for anonymity online, but a new system from MIT promises better protection and faster performance.

Dubbed Riffle, the new system taps the same onion encryption technique after which Tor is named, but it adds two others as well. First is what's called a mixnet, a series of servers that each permute the order in which messages are received before passing them on to the next server.

If messages arrive at the first server in the order A, B, C, for example, that server would send them to the second server in a different order, such as C, B, A. The second server would them reshuffle things again when sending the messages on. The advantage there is that a would-be attacker who had tracked the messages’ points of origin would have no idea which was which by the time they exited the last server.

A mixnet used with onion encryption is protected against passive adversaries, which can only observe network traffic. But active adversaries, which can infiltrate servers with their own code, are another matter. If one has commandeered a mixnet router and wants to determine the destination of a particular message, for instance, it could simply replace all the other messages it receives with its own, bound for a single destination. Then it could passively track the one message that doesn’t follow its own prespecified route.

That's where Riffle's third protective measure comes in. Essentially, it takes a two-pronged approach to validating the authenticity of messages using techniques called verifiable shuffle and authentication encryption. Verifiable shuffle keeps things secure while each user and each mixnet server agree upon a cryptographic key; authentication encryption, which is much more efficient, then takes over for the remainder of the communication session.

The overall result is that Riffle remains cryptographically secure as long as one server in the mixnet remains uncompromised, according to MIT. Meanwhile, Riffle also uses bandwidth much more efficiently than competing systems, its creators say. In experiments, it required only one-tenth as much time as similarly secure experimental systems to transfer a large file between anonymous users.

Riffle was developed by researchers at MIT’s Computer Science and Artificial Intelligence Laboratory and the École Polytechnique Fédérale de Lausanne. The system isn't yet available for public use, but the researchers will present a paper describing their work at the Privacy Enhancing Technologies Symposium in Germany next week.

“The idea of mixnets has been around for a long time, but unfortunately, it’s always relied on public-key cryptography and on public-key techniques, and that’s been expensive,” says Jonathan Katz, director of the Maryland Cybersecurity Center and a professor of computer science at the University of Maryland. “One of the contributions of this paper is that they showed how to use more efficient symmetric-key techniques to accomplish the same thing. They do one expensive shuffle using known protocols, but then they bootstrap off of that to enable many subsequent shufflings.”


Follow Us

Join the New Zealand Reseller News newsletter!

Error: Please check your email address.

Featured

Slideshows

Sizing up the NZ security spectrum - Where's the channel sweet spot?

Sizing up the NZ security spectrum - Where's the channel sweet spot?

From new extortion schemes, outside threats and rising cyber attacks, the art of securing the enterprise has seldom been so complex or challenging. With distance no longer a viable defence, Kiwi businesses are fighting to stay ahead of the security curve. In total, 28 per cent of local businesses faced a cyber attack last year, with the number in New Zealand set to rise in 2017. Yet amidst the sensationalism, media headlines and ongoing high profile breaches, confusion floods the channel, as partners seek strategic methods to combat rising sophistication from attackers. In sizing up the security spectrum, this Reseller News roundtable - in association with F5 Networks, Kaspersky Lab, Tech Data, Sophos and SonicWall - assessed where the channel sweet spot is within the New Zealand channel. Photos by Maria Stefina.

Sizing up the NZ security spectrum - Where's the channel sweet spot?
Show Comments