Menu
Use Tor? Riffle promises to protect your privacy even better

Use Tor? Riffle promises to protect your privacy even better

The network combines three cryptographic techniques and boasts much faster performance

Privacy-minded people have long relied on Tor for anonymity online, but a new system from MIT promises better protection and faster performance.

Dubbed Riffle, the new system taps the same onion encryption technique after which Tor is named, but it adds two others as well. First is what's called a mixnet, a series of servers that each permute the order in which messages are received before passing them on to the next server.

If messages arrive at the first server in the order A, B, C, for example, that server would send them to the second server in a different order, such as C, B, A. The second server would them reshuffle things again when sending the messages on. The advantage there is that a would-be attacker who had tracked the messages’ points of origin would have no idea which was which by the time they exited the last server.

A mixnet used with onion encryption is protected against passive adversaries, which can only observe network traffic. But active adversaries, which can infiltrate servers with their own code, are another matter. If one has commandeered a mixnet router and wants to determine the destination of a particular message, for instance, it could simply replace all the other messages it receives with its own, bound for a single destination. Then it could passively track the one message that doesn’t follow its own prespecified route.

That's where Riffle's third protective measure comes in. Essentially, it takes a two-pronged approach to validating the authenticity of messages using techniques called verifiable shuffle and authentication encryption. Verifiable shuffle keeps things secure while each user and each mixnet server agree upon a cryptographic key; authentication encryption, which is much more efficient, then takes over for the remainder of the communication session.

The overall result is that Riffle remains cryptographically secure as long as one server in the mixnet remains uncompromised, according to MIT. Meanwhile, Riffle also uses bandwidth much more efficiently than competing systems, its creators say. In experiments, it required only one-tenth as much time as similarly secure experimental systems to transfer a large file between anonymous users.

Riffle was developed by researchers at MIT’s Computer Science and Artificial Intelligence Laboratory and the École Polytechnique Fédérale de Lausanne. The system isn't yet available for public use, but the researchers will present a paper describing their work at the Privacy Enhancing Technologies Symposium in Germany next week.

“The idea of mixnets has been around for a long time, but unfortunately, it’s always relied on public-key cryptography and on public-key techniques, and that’s been expensive,” says Jonathan Katz, director of the Maryland Cybersecurity Center and a professor of computer science at the University of Maryland. “One of the contributions of this paper is that they showed how to use more efficient symmetric-key techniques to accomplish the same thing. They do one expensive shuffle using known protocols, but then they bootstrap off of that to enable many subsequent shufflings.”


Follow Us

Join the New Zealand Reseller News newsletter!

Error: Please check your email address.

Featured

Slideshows

Tight lines as Hooked on Lenovo catches up at Great Barrier Island

Tight lines as Hooked on Lenovo catches up at Great Barrier Island

​Ingram Micro’s Hooked on Lenovo incentive programme recently rewarded 28 of New Zealand's top performing resellers with a full-on fishing trip at Great Barrier Island for the third year​ in a row.

Tight lines as Hooked on Lenovo catches up at Great Barrier Island
Inside the AWS Summit in Sydney

Inside the AWS Summit in Sydney

As the dust settles on the 2017 AWS Summit in Sydney, ARN looks back an action packed two-day event, covering global keynote presentations, 80 breakout sessions on the latest technology solutions, and channel focused tracks involving local cloud stories and insights.

Inside the AWS Summit in Sydney
Channel tees off on the North Shore as Ingram Micro hosts annual Cure Kids Charity golf day

Channel tees off on the North Shore as Ingram Micro hosts annual Cure Kids Charity golf day

Ingram Micro hosted its third annual Cure Kids Charity Golf Tournament at the North Shore Golf Club in Auckland. In total, 131 resellers, vendors and Ingram Micro suppliers enjoyed a round of golf consisting of challenges on each of the 18 sponsored holes, with Team Philips taking out the top honours.

Channel tees off on the North Shore as Ingram Micro hosts annual Cure Kids Charity golf day
Show Comments