Aditya MadanapalleJul 12, 2016 14:09:28 IST
Tor is one of the world's most used anonymity networks, and offers a safe haven for internet users in oppressive regimes as well as criminals operating in cyberspace. The development of Tor was partly founded by the US government to help dissidents in countries with extreme internet censorship. The FBI however allegedly harassed a Tor developer after it started being used for criminal activities. Tor is one of the most used ways for users to hide their identity online.
However, the Tor network can be compromised because of vulnerabilities in the network. The NSA and US Intelligence agencies could compromise the network by monitoring some key computers that acted as an address book for Tor users. Security researchers were aware of theoretical ways in which the network could be compromised, exposing over 2.5 million Tor users to various kinds of risk. A paper was supposed to be presented at the Black Hat Conference, but was cancelled.
The paper was titled "You don’t have to be the NSA to Break Tor: De-Anonymizing Users on a Budget." One of the ways the Tor network can be compromised is to track the flow of data and analyse the traffic between nodes. Machine learning algorithms deployed to study the movement of traffic can predict with high accuracy, the nature of the activity without having to crack any encryption.
Artificial intelligences can first train on analysing traffic between nodes for known internet usage, and then find similar patterns on the network. This can be used to guess which web sites an anonymous user is accessing. Tor works by sending requests for access to urls through multiple machines, or nodes in the network, wrapped in many layers of encryption. This technique is known as onion encryption.
There are three types of nodes, guards, relay nodes, and exit nodes. The network of nodes is known as a mixnet. No single entity on any of the nodes receives the complete information of who or where a user is from, and what is it that they wanted. Compromising the guard nodes would break the anonymity on the network. This is where MIT's Riffle has improved over Tor.
Riffle shuffles the messages sent and received by each node in the mixnet. The shuffling of message order is why the network is called Riffle. This throws off machine learning algorithms that can analyse traffic movement. Riffle can work in situations where nodes of guards are spies. In fact, the information on Riffle networks are cryptographically secure even if only one server is not compromised. Riffle sends the messages for authentication not just to the next machine in the network, but to all the systems in the Mixnet.
Find latest and upcoming tech gadgets online on Tech2 Gadgets. Get technology news, gadgets reviews & ratings. Popular gadgets including laptop, tablet and mobile specifications, features, prices, comparison.