TOR, a favorite browser of privacy minded people is all set to get tough compete soon. Researchers from MIT have devised a new web browser which is said to offer better performance and protection than the onion browser, widely known as TOR.
Riffle, is the web browser which has been architected by a group of MIT researchers. The browser uses the same encryption protocol technique for which TOR is famous for. But it offers two better privacy solutions on an additional note.
The very first thing which Riffle offers is “Mixnet” services, where a series of servers rearrange the way messages are received before passing them on to the next server. The process goes in the following way- Suppose messages hit the server in a A, B, C sequence, then that server would send them to the second server in C,B,A. The second server will then reshuffle the messages when sending the messages on. This will continue until the users messages reach the destination server. In this method of Mixnet, hackers who often keep a track of messages point of origin, would have no idea the exact message sequence and its point of origin.
The second trait is that Mixnet is also protected against passive adversaries or sybil attacks who can only observe network traffic.
However, active adversaries can still take hold of mixnet router to determine the destination of a particular message by simply replacing all the other messages it receives with its own, bound for a single destination. Then it could passively track the one message that doesn’t have a pre-specified route. This sounds like a big trouble isn’t it?
But Riffle has a third protective measure to counter this issue. It takes a 2-pronged approach for validating the authenticity of messages using techniques called verifiable shuffle and authentication encryption. Verifiable shuffle helps in keeping things secure where each mixnet server and user agree upon a cryptographic key; authentication encryption, which is much more efficient; and then takes over for the remainder of the communication session.
As a result of these three factors which keep user communication with servers’ private, data security on Riffle remains cryptographically secure as long as one server in the mixnet remains uncompromised.
As per the researchers, Riffle is also said to use 1/10th of the time used by TOR to transfer large files.
Currently, Riffle is being jointly developed by MIT’s Computer Science and Artificial Intelligence Lab and Ecole Polytechnqiue Federale de Launsanne. In the past, more such projects to create a better anonymity network like Hornet or MIT Vuvuzela were launched. But a lot of research is still needed to open them to the world on a confident note.
The MIT researchers are planning to make their study public after they present a paper describing their work at the Privacy Enhancing Technologies Symposium (PETS) in Darmstadt, Germany, 2016 held in between July 19-22, 2016.
More details will be updated shortly!