Over the past fifteen years, the Tor project has become a strong security stronghold in the global network. And who just did not try to crack the encryption of this system: NSA, FBI, FSB, BND, the list can continue indefinitely. And although no one has succeeded to this day, it is possible to compute the IP address of the end user receiving the traffic in only 20 minutes in a purely theoretical way. Scientists from the Massachusetts Institute of Technology havedeveloped a completely new protocol Riffle, which should bypass Tor on the level of security.
Weak place Tor – it’s its nodes. Having access to at least two nodes of the network, an attacker or a security officer, armed with the right tools, can easily track the data packet from the sender to the recipient. Of course, he can not find out exactly what is in this package, but the person of the person on the other side of the monitor can be fully calculated. And this, you will agree, is no longer anonymity. Although, as I already mentioned above, all this is just a theory and similar experiments were conducted exclusively in “laboratory conditions”.
A team of MIT researchers led by Albert Kwon, with the support of specialists from the Federal Polytechnic School of Lausanne, created the Riffle protocol, which should eliminate the security breaches inherent in the Tor network. The system completely excludes the possibility of analyzing traffic, which makes it much safer. Tor subjects information to multi-layer encryption, and Riffle adds two additional degrees of protection to this encryption. First, the servers constantly rebuild the queue, according to which data fragments are sent to the next node on the network, preventing the ability to monitor traffic. Secondly, a system is implemented that prevents the possibility of replacing real data packets with “dummies”, which can then be tracked. The user sends the data packet to more than one server, but to all at once. At the same time, the data is signed with the most complicated mathematical signature. In case the server suspects the received data in something, they are immediately blocked.
Not to say that MIT employees invented the wheel, because all these technologies have existed for many years. However, to put them together and force them to work for the benefit of the safety of private life is indeed a serious achievement. It is logical to assume that such a network will require huge computing power and wide bandwidth. But Albert Kwon and his team managed to overcome these obvious obstacles in their path. More information about Riffle technologies you can readin the official document, published by the researchers. At the moment, developers are “combing” the code of their project, after which it will be available to all comers for free.