For the uninitiated, anonymity networks like Tor let you hide your location and Web activity, offering people living under repressive regimes, for instance, protection from prying eyes monitoring their Internet use. But following the recent discovery of vulnerabilities in Tor, researchers at MIT’s Computer Science and Artificial Intelligence Laboratory and the École Polytechnique Fédérale de Lausanne have been working on a more secure anonymity scheme. Now they say they have succeeded.
The researchers plan to present the new system, dubbed Riffle, at the Privacy Enhancing Technologies Symposium later this month in Darmstadt, Germany. They say it leverages several existing cryptographic techniques, but combines them in a new way.
Riffle relies on a series of servers (known collectively as mixnet), each of which “permutes the order in which it receives messages before passing them on to the next,” according to a news release. So, if “for instance, messages from senders Alice, Bob, and Carol reach the first server in the order A, B, C, that server would send them to the second server in a different order — say, C, B, A. The second server would permute them before sending them to the third, and so on.” As a result, someone tracking the messages would have no idea which was which by the time they exited the last server.
Like Tor, the system also uses onion encryption, wrapping each message in several layers of protection. On top of this, Riffle uses technique called verifiable shuffle to thwart tampering and prevent adversaries from infiltrating servers with their own code — a problem affecting other anonymity networks. Finally, it takes advantage of yet another technique, called authentication encryption, to verify the authenticity of an encrypted message.
The researchers say their system provides strong security while using bandwidth much more efficiently than similar solutions. In fact, in their experiments, anonymous users were able to transfer large files in one-tenth the time, compared to existing systems.
“The initial use case that we thought of was to do anonymous file-sharing, where the receiving end and sending end don’t know each other,” graduate student Albert Kwon, who helped devise the new system, said in a statement. He added that this could help combat the practice of honeypotting — in which spies offer services through a network like Tor to entrap its users.
“We also studied applications in microblogging, something like Twitter, where you want to anonymously broadcast your messages to everyone,” Kwon added.