3/1/2023 0 Comments Mit riffle![]() ![]() Each server in the mixnet removes only one layer of encryption, so that only the last server knows a message's ultimate destination.Ī mixnet with onion encryption is effective against a passive adversary, which can only observe network traffic. Like many anonymity systems, Riffle also uses a technique known as onion encryption "Tor," for instance, is an acronym for "the onion router." With onion encryption, the sending computer wraps each message in several layers of encryption, using a public-key encryption system like those that safeguard most financial transactions online. It's this reshuffling of the messages that gives the new system its name: Riffle. The second server would permute them before sending them to the third, and so on.Īn adversary that had tracked the messages' points of origin would have no idea which was which by the time they exited the last server. If, for instance, messages from senders Alice, Bob, and Carol reach the first server in the order A, B, C, that server would send them to the second server in a different order-say, C, B, A. Each server permutes the order in which it receives messages before passing them on to the next. The heart of the system is a series of servers called a mixnet. ![]() ![]() The system devised by Kwon and his coauthors-his advisor, Srini Devadas, the Edwin Sibley Webster Professor of Electrical Engineering and Computer Science at MIT David Lazar, also a graduate student in electrical engineering and computer science and Bryan Ford SM '02 PhD '08, an associate professor of computer and communication sciences at the École Polytechnique Fédérale de Lausanne-employs several existing cryptographic techniques but combines them in a novel manner. But we also studied applications in microblogging, something like Twitter, where you want to anonymously broadcast your messages to everyone." "The reason is that things like honeypotting"-in which spies offer services through an anonymity network in order to entrap its users-"are a real issue. "The initial use case that we thought of was to do anonymous file-sharing, where the receiving end and sending end don't know each other," says Albert Kwon, a graduate student in electrical engineering and computer science and first author on the new paper. In experiments, the researchers' system required only one-tenth as much time as existing systems to transfer a large file between anonymous users. Riffle is a long way from becoming practical, but its mix of tougher security and minimal overhead could make it a communication method of choice for anyone worried that they might be watched.At the Privacy Enhancing Technologies Symposium in July, researchers at MIT's Computer Science and Artificial Intelligence Laboratory and the École Polytechnique Fédérale de Lausanne will present a new anonymity scheme that provides strong security guarantees but uses bandwidth much more efficiently than its predecessors. You'd rather not bog down your computer while it checks other users' traffic, after all. That's particularly important when the nodes on these networks are frequently users' computers. In essence, even compromised servers can't mess things up - they have to shuffle messages correctly for the good servers to accept the incoming data.Īnd importantly, the technique is extremely efficient, to the point where transferring takes a tenth of the time that it would on a conventional anonymity network. Instead, Riffle relies on a verifiable shuffle (where you shake up a message's encryption but can verify the changes) across all servers for the initial connection, and authentication encryption (where you prove the validity of the encrypted message itself) for the rest. The secret is the use of a mixnet, where servers switch the order of messages as they're received, but without using relatively inefficient public keys. They've developed an anonymity network, Riffle, that promises to maintain privacy so long as at least one server is safe. Researchers from MIT and EPFL might have a better way. As crucial as Tor's anonymity network can be for keeping your online activity private, it's not flawless - a motivated hacker can compromise legions of users, whether they're crooks or privacy-minded innocents. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |