SoylentNews

Arthur T Knackerbracket [soylentnews.org] writes:

Story automatically generated by StoryBot Version 0.0.1f (Development).

Note: This is the complete story and will need further editing. It may also be covered by Copyright and thus should be acknowledged and quoted rather than printed in its entirety.

FeedSource: [TheRegister] collected from rss-bot logs

Time: 2016-07-13 07:58:02 UTC

Original URL: http://www.theregister.co.uk/2016/07/13/riffle_next_gen_anonymity/ [theregister.co.uk]

Title: Meet Riffle, the next-gen anonymity network that hopes to trounce Tor

Suggested Topics by Probability (Experimental) : 38.9 digiliberty 16.7 security 11.1 hardware 5.6 technomics 5.6 science 5.6 careers 5.6 business 5.6 breaking 5.6 OS

--- --- --- --- --- --- --- Entire Story Below --- --- --- --- --- --- ---

Meet Riffle, the next-gen anonymity network that hopes to trounce Tor

Next week, top eggheads will unveil a new anonymizing internet tool that they claim is snoop-proof and faster and more reliable against attack than Tor.

Dubbed Riffle, the system was developed by MIT and the École Polytechnique Fédérale de Lausanne in Switzerland. It uses the same onion-encryption system [onion-router.net] as Tor, which wraps messages in layers of encryption as they travel through the anonymizing network to disguise the route they've taken.

Riffle [paper PDF [mit.edu]], like Tor, runs connections through a mix network of nodes, bouncing packets from system to system to obscure the origin. What separates Riffle from Tor is that the former has extra defenses to prevent spies from unmasking its users.

Protecting anonymized users from being identified is a major concern all round because these networks are used by whistleblowers, journalists, government workers and folks trying to evade censorship blocks, where unmasking them could lead to imprisonment or death.

Last year researchers at Carnegie Mellon University apparently found a way to deanonymize sections of the Tor network by using a series of infected nodes that ratted out the network's users. The research team got a reported [theregister.co.uk] $1m bounty from the Feds for that effort.

Riffle, however, is hardened against that level of infiltration. First, you have to understand that networks like Riffle and Tor are supposed to thwart passive surveillance: simply watching packets move from node to node within the mesh shouldn't be enough to work out who ultimately sent them, ideally.

However, active surveillance is a real problem: malicious or hacked nodes in the network can tamper with the traffic they receive to eventually deduce where a connection originated. Riffle tackles this by adding anti-tamper mechanisms to its design.

Each node can mathematically prove data passing through it hasn't been meddled with. To do this, Riffle clients send their initial messages to all nodes in the mesh simultaneously – which sounds impractical but we're assured it works. It also uses a technique dubbed authentication encryption to minimize the computational requirements.

Ultimately, if just one of the computers routing a connection remains uncompromised, it should be possible to detect attempts to tamper with the traffic and thus stop efforts to unmask a Riffle user, we're told.

"Riffle uses a technique called a verifiable shuffle. Because of the onion encryption, the messages that each server forwards look nothing like the ones it receives," MIT's Larry Hardesty explained [mit.edu].

"The encryption can be done in such a way that the server can generate a mathematical proof that the messages it sends are valid manipulations of the ones it receives. Verifying the proof does require checking it against copies of the messages the server received. So with Riffle, users send their initial messages to not just the first server in the mixnet but all of them, simultaneously. Servers can then independently check for tampering."

Jonathan Katz, director of the Maryland Cybersecurity Center and a professor of computer science at the University of Maryland, added: "The idea of mixnets has been around for a long time, but unfortunately it's always relied on public-key cryptography and on public-key techniques, and that's been expensive.

"One of the contributions of this paper is that they showed how to use more efficient symmetric-key techniques to accomplish the same thing. They do one expensive shuffle using known protocols, but then they bootstrap off of that to enable many subsequent shufflings."

As a result, the system is both strong and efficient, in theory. The development team says it takes a tenth of the resources to send large files as other anonymizing services and provides much better protection against active and passive monitoring.

Riffle will be revealed at next week's Privacy Enhancing Technologies Symposium [petsymposium.org] in Germany. ®

Original Submission