By using verifiable shuffles, the system can shuffle the inputs but still be able to verify that an attacker in the mix didn’t tamper with the message. A shuffle takes an input list of ciphertexts and outputs a permuted and re-encrypted version of the input list, according to the paper. The paper was authored by Albert Kwon, a graduate student in electrical engineering and computer science at MIT, his advisor Srini Devadas, an Edwin Sibley Webster Professor of Electrical Engineering and Computer Science at MIT’s CSAIL, or Computer Science and Artificial Intelligence Laboratory, David Lazar, a graduate student in electrical engineering and computer science, and Bryan Ford SM ’02 PhD ’08, an associate professor of computer and communication sciences at the École Polytechnique Fédérale de Lausanne, in Lausanne, Switzerland. The quartet is slated to present their research at the Privacy Enhancing Technologies Symposium (PETS) in Germany, later this month.Īt the crux of Riffle is a series of servers known as a mixnet that shuffles around the order of messages before it delivers them. The scheme is based on a trio of concepts, what its creators call a hybrid verifiable shuffle technique, private information retrieval for bandwidth, and “computation-efficient anonymous communication.” PDF) released this week, the system can guarantee anonymity among a large group of users, as long as there’s one honest server. Also, it ensures sender as well as receiver anonymity.Researchers from MIT believe a new anonymity scheme they’ve devised dubbed Riffle could contend with Tor, claiming it’s every bit as secure as Tor, and bandwidth-efficient, to boot.Īccording to a paper, “Riffle: An Efficient Communication System With Strong Anonymity,” (. Verifiable shuffle is thus used only to establish secure connections and then authentication encryption for the remainder of the communication session.Īnonymous file sharing - The efficiency of Riffle makes it suitable for bandwidth-intensive applications like file sharing. It is more efficient than the verifiable shuffle but involves the sharing of a private cryptographic key. This technique is used to verify the authenticity of an encrypted message. User messages are sent to all the servers simultaneously and the servers then verify the proof independently. Onion encryption is done in such a way that the server generates a mathematical proof for the messages being sent are valid manipulations of the ones it receives. To deal with this issue RIFFLE employs a technique called verifiable shuffle. But it is vulnerable to active attacks like someone infiltrates the servers with their own code. someone who is just observing the traffic. Mixnet with onion encryption is secure against passive adversaries i.e. Verifiable Shuffle - RIFFLE is more secure than TOR. Since these messages are sent in random order, it makes any attempts of tracing difficult. Each server permutes the order in which it receives messages before passing them on to the next. It is a setup that passes each user's traffic through a chain of proxy servers. Mixnet & Onion Encryption -How RIFFLE worksĪccording to the developers, the heart of the RIFFLE system is a series of servers called a Mixnet. According to the researchers, Riffle addresses and solves some of the TOR's flaws and offer better security, privacy, and speed. RIFFLE is a new anonymity network developed by Researchers at MIT and the École Polytechnique Fédérale de Lausanne. Some better alternatives for TOR is being developed, like the HORNET(Based on high-speed Onion Routing at the Network Layer.). There are techniques like Circuit fingerprinting and tools like Exitmap, TorTunnel, DetecTor etc to decrypt TOR traffic and unmask users and exit nodes. However, it is no more secure as there are many reports of TOR being hacked and even state-sponsored campaigns running for unmasking TOR users. It is free of cost and easy to set up and use. TOR is known to be a good option to protect online privacy and browse anonymously.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |