MIT created an anonymous network that is supposedly safer than Tor

Researchers at the Massachusetts Institute of Technology have announced the creation of an anonymous network, which they say is safer than Tor. The corresponding announcement was posted on the MIT news portal .



The work began after a number of vulnerabilities were discovered in the popular anonymous Tor network. Last year, it became known that the FBI exploited the Tor vulnerability for Firefox in order to obtain data on the pages and sites viewed. The goal was to search for darknet users interested in or distributing, in the first place, child pornography.

')

After this incident, researchers from MIT set a goal to create a network devoid of such flaws.



A novelty entitled “Riffle” is scheduled to be presented at the Privacy Enhancing Technologies Symposium , which is being held in Darmstadt, Germany. The developers did not reinvent the wheel and recognize that Riffle uses existing encryption algorithms in its work, but their network differs from the existing developments in this area by a different approach to their algorithms and use.



As in Tor, Riffle uses so-called onion encryption (which is why the onion is on the Tor logo). This method wraps the message in several layers of encryption, which are gradually removed on each hop server for sending further down the chain. Thus, the final destination is known only to the last server in the forwarding chain, while only neighboring hops are known as intermediate points.



At the core of the anonymous Riffle network is the use of the mixnet network. The principle of sending messages is quite simple, but at the same time effective.



If several people send messages in a predetermined order of 1-2-3, then the first server that receives them will change this order and they will go to the next node as 3-1-2. Each server in the chain will change the sending order in order to make it harder to track a particular package.





Mixnet working principle



Such an approach can significantly save on resources and shorten the time for sending messages, compared to other anonymous networks, by several times. This is critically important, as in anonymous networks, computers of other users often act as transit servers. Plus, the developers abandoned the not-too-effective practice of using public keys.



Also, according to the developers, the distinctive feature of “Riffle” will be that even a compromised server will not be able to “shuffle” the messages correctly.



At the same time, there is one big BUT. If one of the servers in the chain between the sender and the recipient is compromised and its “shuffle” packet algorithm is violated, the message may not reach the target. In the context of classical encryption, resource-intensive methods are used for both encrypting and decrypting a message, however, other factors have little effect on the transfer. With the “shuffling” system of packages, something more is needed than just encryption — a stable network to ensure that the information reaches its destination.