MIT Says Their Anonymity Network Is More Secure Than Tor (pcmag.com) 81
An anonymous reader writes from a report via PC Magazine: Following the recent vulnerabilities in Tor, researchers at MIT's Computer Science and Artificial Intelligence Laboratory and the Ecole Polytechnique Federale de Lausanne have been working on a new anonymity network that they say is more secure than Tor. While the researchers are planning to present their new system, dubbed Riffle, at the Privacy Enhancing Technologies Symposium later this month, they did say the system uses existing cryptographic techniques, but in new ways. A series of servers are what make up Riffle, each of which "permutes the order in which it receives messages before passing them on to the next," according to a news release. "For instance, messages from senders Alice, Bob, and Carol reach the first server in the order A, B, C, that server would send them to the second server in a different order -- say C, B, A. The second server would permute them before sending them to the third, and so on." Nobody would know which was which by the time they exited the last server. Both Tor and MIT's anonymity network use onion encryption. Riffle uses a technique called verifiable shuffle in addition to onion encryption to thwart tampering and prevent adversaries from infiltrating servers with their own code. Last but not least, it uses authentication encryption to verify the authenticity of an encrypted message. The researchers say their system provides strong security while using bandwidth much more efficiently than similar solutions.
Re: (Score:3, Insightful)
If you're not breaking the law
The problem is that spreading ideas and information isn't legal.
Re: Stop breaking the law (Score:4, Insightful)
While I might dislike ISIL propaganda and the anarchists cookbook or Mein Kampf. I don't believe it should be illegal to distribute or read. To say otherwise is starting down the slippery slope of thought crime.
I may not agree with what you say, but Ill defend to the death you're right to say it.
- Kim Jong Il
Re: (Score:3, Insightful)
If we're going to make ideas illegal to distribute I'd love to start with your idiotic ones.
Re: (Score:2, Insightful)
Re: (Score:1)
Oh, what the hell, let's just outlaw the human race in general. Into the ovens with all seven billion of them!
No worries. we, the NATO, are working on that...
Re: (Score:2, Insightful)
Spoken like a true cry-bully SJW who wants to dump the 1st, 2nd and 4th amendments into the gutter.
Go start your own fucking country, asshole. You obviously don't understand this one.
Re: (Score:1, Flamebait)
I'ts not a coincidence that ISL and Nazi Germany and North Korea and SJWs and all the goddamn petrol-dictatorships in the Middle East BAN SPEECH in JUST they way you want to.
Wake the fuck up and catch up to the 21st century. Free speech is the best known cure to abusive regimes and policies. Why do you think every time you turn around some fascist government or fascist social movement is trying to clamp their hand around somene else's mouth?
Why do you think that is? Because their ideas about How O
Re: (Score:2)
I wonder if it's the same country that MIT is in?
Re: (Score:1)
Parent post was made from a comfortable bedroom in a middle-class house in the USA.
Re: (Score:3, Insightful)
Re: (Score:1)
Isn't illegal... yet. Trump cold still get elected in November, and anybody that can think rationally really pisses him off!
Bullshit.
It shouldn't matter WHAT you THINK OR SAY.
You obviously dislike Trump and think he would outlaw some SJW-talk or Black pride or whatever. I don't know how likely that is.
But people who dislike Trump are more likely to want to outlaw talking about the stuff Trump talk about, such as immigration.
Whatever Nazist, Socialist or Islamist rule things could be outlawed and it's not good in either of the situations. People should be free - even if that includes the Nazis, the Socialists and the Islamists -
Re: (Score:1)
Do you listen to yourself? "People should be free except the ones I've decided shouldn't, because they're against freedom"
That's not what I said?
I said their opinion should be irrelevant. They are still free to have it. They should just not be granted the power to limit the freedom of others. I reject democracy for a free society.
Re: (Score:1)
Re: (Score:1)
Don't break the law or be a pervert.
Shove it up your ass, you fucking piece of shit. Things like TOR exist to promote free speech everywhere, especially in countries where attempting to express yourself will get you jailed and/or killed. Just because it's also open to be used by people with criminal intent does not mean it's a bad or wrong thing and you're completely and totally out of line to even attempt to demonize it for that reason. So how about you fuck the fuck off, asshole?
Re: (Score:3)
Latency must be bad... (Score:2, Insightful)
The communication latency must be even suckier than that of Tor then... Oh, well...
Now, is it really a great new tool for privacy, or does it have inherent back doors and the announcements are to lure us away from Tor, which authorities have found too difficult to break? Will we even ever know?
Re: (Score:3)
Re: (Score:1)
Did you maybe mean 'Phantom Protocol'?
Re: (Score:1)
First he states he wants to give a 'generic' description, but when it comes to the connection, he assumes it will be a static one.
I think that's a flaw. Think of all those mobile phones that can be used to construct a dynamic finely meshed network outside of the regular internet (as he proposes). Then you'd better design for a dynamic path that can switch on, switch off, and reconnect vari
Re: (Score:2)
THANKS OBAMA.
Seriously, why the tin foil hat? The research is being done by university researchers and uses a pretty easy to understand improvement on Tors onion routing capable of generating a mathematical proof that the message hasnt been tampered with. This is important as the current vunerabilities in Tor rely on a malicious party being able to manipulate the onion routes to de-anonymise the transmi
Re: (Score:2)
Because I do not fully understand the proposed improvements nor the mathematical proofs included with them — and so must take it on faith. Just as I was asked to take Tor on faith.
I made no such statement. Read carefully...
I know that very well. I also know, US has spent considerable efforts to break it — and they can only do that in some cases and not relia
Re: (Score:1)
to lure us away from Tor
Run it as a hidden service inside of Tor. Problem solved.
Re: (Score:1)
Tor has never been considered secure against the US government.
This does NOT fix the linked "vulnerabilities" (Score:2)
This approach does NOT fix the linked "vulnerabilities" about the TOR network, where compromised nodes as members of the network can spy on traffic, and a sufficiently large amount can even totally identify users. This vulnerability is unfixable by systems where you let everyone set up a node.
Re: (Score:2)
Sorry, MIT... (Score:5, Insightful)
...but after what you helped the U.S. government do to Aaron Swartz, i.e. drive him to the brink of suicide and then over the edge, I find any claims you make regarding your abilities to be suspect at the very least.
Sad, really, that the name in education that has been synonymous with "hackers" for decades, now serves as one of their worst enemies. Much like CMU aiding the FBI in "discovering" the locations of hidden Tor services (http://www.teaparty.org/academics-accused-helping-fbi-unmask-anonymity-web-users-129406/), MIT and their graduates have shown their true colours...by bending over and taking it from the fascists in Quantico and Washington, by using their talents and their education to take freedom _away_ from the world rather than give. All for the same sort of fat government cheques they were getting in the 80's, making bold claims about how they could implement artificial intelligence sophisticated enough to power Reagan's insane "Star Wars" missile defense system. This in _spite_ of the fact that full debugging of such software would _require_ a world-ending, nuclear war to occur.
Fuck MIT and their shitty software. Say what you want about traitors, most people accept that they aren't to be trusted.
Re: (Score:2)
Don't forget when they threw Star Simpson under the bus. [mit.edu]
On the other hand, both actions were by administration, not students or profs. Star stuck around and graduated despite what the assholes in administration did to her. A school is more than its admin staff, a good school can be good despite its admin staff.
Re: (Score:1)
Star Simpson? The utter moron who wore a fake bomb to an airport for "art"? Oh boo hoo, poor ickle her.
You're going to have to do better than that piss poor example my friend.
Re: (Score:1)
fake bomb? You are an idiot or a troll.
Re: (Score:2)
MIT and their graduates have shown their true colours...by bending over and taking it from the fascists in Quantico and Washington, by using their talents and their education to take freedom _away_ from the world rather than give.
What, every single one? They did launch the One Laptop Per Child program, and released 2,000 courses online for free in their OpenCourseWare project. What about the ones who work in the cancer research building? Do they cackle while plotting the downfall of American freedom? No
Yes, but... (Score:2)
Re: Yes, but... (Score:1)
Depends on how many cats you have I suppose.
Re: (Score:3)
So who funded this project? (Score:2)
My guess is some three letter government organization....
Let's face it folks, if privacy and security are important to you, DON'T do it on the Internet. There is no such thing as Privacy and Security on the Internet and that is NEVER going to change. Sure, you can obfuscate and encrypt and maybe buy yourself some time, but as soon as a packet hits your ISP, you had better just figure it's public knowledge because *somebody* could be listening in and you'd never know it.
Re: (Score:1)
Re: UNDERGROUND LAN BETTER (Score:1)
So, the mighty CIA, NSA can't compromise nodes outside USA or set them up?
Do you have a clue about their budget or manpower?
Very suspicious and doubtful (Score:1)
If it were truly effective, it would be "born secret" [wikipedia.org] and not released to the public unless it is crippled.
Re: (Score:2)
First, Tor would be knowingly aiding and abetting in the distribution and consumption of child pornography.
Other things that aid or abet child pornography:
Let's just focus our attention to that last one.
Re: (Score:2)
Still just talk. (Score:2)
Where's the download link?
Where's the exit nodes?
Where's the network?
I don't see a website for Riffle, only a .pdf.
There are even other projects at MIT with the same name. (Riffle water monitoring system)
https://civic.mit.edu/blog/hhcraig/open-water-project-exploring-open-source-water-quality-monitoring
This 'Riffle' is just a paper not an actual network, afaict.
I doubt it will be better than MaidSafe (Score:1)
What about EepSites? (Score:1)