Jul 12, 2016 10:07 PM EDT
Anonymity networks offer individuals living under restraining regimes protection from surveillance of their internet use. But citing the recently divulged vulnerabilities in the most popular of these networks - Tor - has urged computer scientists to bring forth more secure anonymity schemes.
An all-new anonymity scheme that offers strong security guarantees, but utilizes bandwidth more efficiently as compared to its predecessors is in the works.
Researchers at MIT's Computer Science and Artificial Intelligence Laboratory in collaboration with the the école Polytechnique Fédérale de Lausanne will present the new scheme during the Privacy Enhancing Technologies Symposium in this month.
During experiments, the researchers' system required only one-tenth as much time as current systems to transfer a large file between anonymous users, according to a post on MIT official website.
Albert Kwon, the first author on the new paper and a graduate student in electrical engineering and computer science said as the basic use case, the team thought of doing anonymous file-sharing where both, the receiving and the sending ends didn't each other.
This was done keeping in mind that honeypotting and other similar things - in which spies offer services via an anonymity network in a bid to entice its users - are real challenges. "But we also studied applications in microblogging," Kwon said - something like Twitter where a user can opt to anonymously broadcast his/her message to everyone.
The system designed by Kwon in collaboration with his coauthors - Bryan Ford SM '02 PhD '08, an associate professor of computer and communication sciences at the école Polytechnique Fédérale de Lausanne, David Lazar, a graduate student in electrical engineering and computer science, Edwin Sibley Webster Professor of Electrical Engineering and Computer Science at MIT and his adviser Srini Devadas - makes use of an array of existing cryptographic techniques, but combines them in a peculiar manner.
The internet, for a lot of people can seem like a frightening and intimidating place and all they seek is help feeling safer on the internet, especially while performing an array of tasks such as making an online purchase, Anonhq reported.
A series of servers known as a 'mixnet,' is the core f the system. Just before passing a received message on to the next server, each server rearranges the order in which it receives messages - for instance - messages from Tom, Bob and Rob reach the first server in the order A, B, C, that server would then forward them to the second server in a completely different order, something like C, B, A. The second server would do the same before sending them to the third and so on.
Even if an attacker somehow manages to track the messages' point of origin, he/she will not be able to decipher which was which by the time they moved out of the last server. The new system is called 'Riffle' citing this reshuffling of the messages.
In a bid to curb messages tampering, Riffle makes use of a technique dubbed a verifiable shuffle.
Thanks to the onion encryption, the messages forwarded by each server does not resemble the ones it receives, it has peeled off a layer of encryption. However, the encryption can be done in a way that allows the server to generate mathematical evidence that the messages it sends are indeed credible manipulations of the ones it receives.
In order to verify the proof, it has to be checked against copies of messages received by the server. Basically, with Riffle, users send their primary messages to all the servers in the mixnet at the same time. Servers then independently check for manipulation.
As long as one server in the mixnet continues to be uncompromised by an attacker, Riffle is cryptographically secure.
© 2017 University Herald, All rights reserved. Do not reproduce without permission.