{"id":9277,"date":"2016-07-12T05:52:01","date_gmt":"2016-07-12T05:52:01","guid":{"rendered":"http:\/\/revoscience.com\/en\/?p=9277"},"modified":"2016-07-12T06:00:24","modified_gmt":"2016-07-12T06:00:24","slug":"how-to-stay-anonymous-online","status":"publish","type":"post","link":"https:\/\/www.revoscience.com\/en\/how-to-stay-anonymous-online\/","title":{"rendered":"How to stay anonymous online"},"content":{"rendered":"<p style=\"text-align: justify;\"><em><strong style=\"color: #222222;\">Network can protect users\u2019 anonymity if all but one of its servers are compromised.<\/strong><\/em><\/p>\n<figure id=\"attachment_9278\" aria-describedby=\"caption-attachment-9278\" style=\"width: 639px\" class=\"wp-caption alignnone\"><a href=\"http:\/\/revoscience.com\/en\/wp-content\/uploads\/2016\/07\/MIT-Anonymous-System_0.jpg\" target=\"_blank\" rel=\"noopener\"><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-9278\" src=\"http:\/\/revoscience.com\/en\/wp-content\/uploads\/2016\/07\/MIT-Anonymous-System_0.jpg\" alt=\"Researchers at MIT and the \u00c9cole Polytechnique F\u00e9d\u00e9rale de Lausanne have developed a new anonymity scheme that provides strong security guarantees but uses bandwidth much more efficiently than its predecessors. Image: MIT News\" width=\"639\" height=\"426\" title=\"\" srcset=\"https:\/\/www.revoscience.com\/en\/wp-content\/uploads\/2016\/07\/MIT-Anonymous-System_0.jpg 639w, https:\/\/www.revoscience.com\/en\/wp-content\/uploads\/2016\/07\/MIT-Anonymous-System_0-300x200.jpg 300w\" sizes=\"auto, (max-width: 639px) 100vw, 639px\" \/><\/a><figcaption id=\"caption-attachment-9278\" class=\"wp-caption-text\">Researchers at MIT and the \u00c9cole Polytechnique F\u00e9d\u00e9rale de Lausanne have developed a new anonymity scheme that provides strong security guarantees but uses bandwidth much more efficiently than its predecessors.<br \/>Image: MIT News<\/figcaption><\/figure>\n<p style=\"color: #222222; text-align: justify;\"><strong>CAMBRIDGE, Mass.<\/strong> &#8212;\u00a0Anonymity networks protect people living under repressive regimes from surveillance of their Internet use. But the\u00a0<a style=\"color: #1155cc;\" href=\"http:\/\/mit.pr-optout.com\/Tracking.aspx?Data=HHL%3d8044%3c6-%3eLCE9%3b4%3b8%3f%26SDG%3c90%3a.&amp;RE=MC&amp;RI=4334046&amp;Preview=False&amp;DistributionActionID=30265&amp;Action=Follow+Link\" target=\"_blank\" data-saferedirecturl=\"https:\/\/www.google.com\/url?hl=en&amp;q=http:\/\/mit.pr-optout.com\/Tracking.aspx?Data%3DHHL%253d8044%253c6-%253eLCE9%253b4%253b8%253f%2526SDG%253c90%253a.%26RE%3DMC%26RI%3D4334046%26Preview%3DFalse%26DistributionActionID%3D30265%26Action%3DFollow%2BLink&amp;source=gmail&amp;ust=1468384617954000&amp;usg=AFQjCNGppRp5NctoO6kWucnUtHvBI0Cnrg\" rel=\"noopener\">recent discovery<\/a>\u00a0of vulnerabilities in the most popular of these networks \u2014 Tor \u2014 has prompted computer scientists to try to come up with more secure anonymity schemes.<\/p>\n<p style=\"color: #222222; text-align: justify;\">At the Privacy Enhancing Technologies Symposium in July, researchers at MIT\u2019s Computer Science and Artificial Intelligence Laboratory and the \u00c9cole Polytechnique F\u00e9d\u00e9rale de Lausanne will present a new anonymity scheme that provides strong security guarantees but uses bandwidth much more efficiently than its predecessors. In experiments, the researchers\u2019 system required only one-tenth as much time as existing systems to transfer a large file between anonymous users.<\/p>\n<p style=\"color: #222222; text-align: justify;\">\u201cThe initial use case that we thought of was to do anonymous file-sharing, where the receiving end and sending end don\u2019t know each other,\u201d says Albert Kwon, a graduate student in electrical engineering and computer science and first author on the new paper. \u201cThe reason is that things like honeypotting\u201d \u2014 in which spies offer services through an anonymity network in order to entrap its users \u2014 \u201care a real issue. But we also studied applications in microblogging, something like Twitter, where you want to anonymously broadcast your messages to everyone.\u201d<\/p>\n<p style=\"color: #222222; text-align: justify;\">[pullquote]If, for instance, an adversary that has commandeered a mixnet router wants to determine the destination of a particular message, it could simply replace all the other messages it receives with its own, bound for a single destination.[\/pullquote]<\/p>\n<p style=\"color: #222222; text-align: justify;\">The system devised by Kwon and his coauthors \u2014 his advisor, Srini Devadas, the Edwin Sibley Webster Professor of Electrical Engineering and Computer Science at MIT; David Lazar, also a graduate student in electrical engineering and computer science; and Bryan Ford SM \u201902 PhD \u201908, an associate professor of computer and communication sciences at the \u00c9cole Polytechnique F\u00e9d\u00e9rale de Lausanne \u2014 employs several existing cryptographic techniques but combines them in a novel manner.<\/p>\n<p style=\"color: #222222; text-align: justify;\"><strong>Shell game<\/strong><\/p>\n<p style=\"color: #222222; text-align: justify;\">The heart of the system is a series of servers called a mixnet. Each server permutes the order in which it receives messages before passing them on to the next. If, for instance, messages from senders Alice, Bob, and Carol reach the first server in the order A, B, C, that server would send them to the second server in a different order \u2014 say, C, B, A. The second server would permute them before sending them to the third, and so on.<\/p>\n<p style=\"color: #222222; text-align: justify;\">An adversary that had tracked the messages\u2019 points of origin would have no idea which was which by the time they exited the last server. It\u2019s this reshuffling of the messages that gives the new system its name: Riffle.<\/p>\n<p style=\"color: #222222; text-align: justify;\">Like many anonymity systems, Riffle also uses a technique known as onion encryption; \u201cTor,\u201d for instance, is an acronym for \u201cthe onion router.\u201d With onion encryption, the sending computer wraps each message in several layers of encryption, using a public-key encryption system like those that safeguard most financial transactions online. Each server in the mixnet removes only one layer of encryption, so that only the last server knows a message\u2019s ultimate destination.<\/p>\n<p style=\"color: #222222; text-align: justify;\">A mixnet with onion encryption is effective against a passive adversary, which can only observe network traffic. But it\u2019s vulnerable to active adversaries, which can infiltrate servers with their own code. This is not improbable in anonymity networks, where frequently the servers are simply volunteers\u2019 Internet-connected computers, loaded with special software.<\/p>\n<p style=\"color: #222222; text-align: justify;\">If, for instance, an adversary that has commandeered a mixnet router wants to determine the destination of a particular message, it could simply replace all the other messages it receives with its own, bound for a single destination. Then it would passively track the one message that doesn\u2019t follow its own prespecified route.<\/p>\n<p style=\"color: #222222; text-align: justify;\"><strong>Public proof<\/strong><\/p>\n<p style=\"color: #222222; text-align: justify;\">To thwart message tampering, Riffle uses a technique called a verifiable shuffle. Because of the onion encryption, the messages that each server forwards look nothing like the ones it receives; it has peeled off a layer of encryption. But the encryption can be done in such a way that the server can generate a mathematical proof that the messages it sends are valid manipulations of the ones it receives.<\/p>\n<p style=\"color: #222222; text-align: justify;\">Verifying the proof does require checking it against copies of the messages the server received. So with Riffle, users send their initial messages to not just the first server in the mixnet but all of them, simultaneously. Servers can then independently check for tampering.<\/p>\n<p style=\"color: #222222; text-align: justify;\">Generating and checking proofs is a computationally intensive process, however, which would significantly slow down the network if it had to be repeated with every message. So Riffle uses yet another technique called authentication encryption, which can verify the authenticity of an encrypted message.<\/p>\n<p style=\"color: #222222; text-align: justify;\">Authentication encryption is much more efficient to execute than the verifiable shuffle, but it requires the sender and the receiver to share a private cryptographic key. So Riffle uses the verifiable shuffle only to establish secure connections that let each user and each mixnet server agree upon a key. Then it uses authentication encryption for the remainder of the communication session.<\/p>\n<p style=\"color: #222222; text-align: justify;\">As long as one server in the mixnet remains uncompromised by an adversary, Riffle is cryptographically secure.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>At the Privacy Enhancing Technologies Symposium in July, researchers at MIT\u2019s Computer Science and Artificial Intelligence Laboratory and the \u00c9cole Polytechnique F\u00e9d\u00e9rale de Lausanne will present a new anonymity scheme that provides strong security guarantees but uses bandwidth much more efficiently than its predecessors.<\/p>\n","protected":false},"author":6,"featured_media":9278,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[43,17],"tags":[],"class_list":["post-9277","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-computer-science","category-research"],"featured_image_urls":{"full":["https:\/\/www.revoscience.com\/en\/wp-content\/uploads\/2016\/07\/MIT-Anonymous-System_0.jpg",639,426,false],"thumbnail":["https:\/\/www.revoscience.com\/en\/wp-content\/uploads\/2016\/07\/MIT-Anonymous-System_0-150x150.jpg",150,150,true],"medium":["https:\/\/www.revoscience.com\/en\/wp-content\/uploads\/2016\/07\/MIT-Anonymous-System_0-300x200.jpg",300,200,true],"medium_large":["https:\/\/www.revoscience.com\/en\/wp-content\/uploads\/2016\/07\/MIT-Anonymous-System_0.jpg",639,426,false],"large":["https:\/\/www.revoscience.com\/en\/wp-content\/uploads\/2016\/07\/MIT-Anonymous-System_0.jpg",639,426,false],"1536x1536":["https:\/\/www.revoscience.com\/en\/wp-content\/uploads\/2016\/07\/MIT-Anonymous-System_0.jpg",639,426,false],"2048x2048":["https:\/\/www.revoscience.com\/en\/wp-content\/uploads\/2016\/07\/MIT-Anonymous-System_0.jpg",639,426,false],"ultp_layout_landscape_large":["https:\/\/www.revoscience.com\/en\/wp-content\/uploads\/2016\/07\/MIT-Anonymous-System_0.jpg",639,426,false],"ultp_layout_landscape":["https:\/\/www.revoscience.com\/en\/wp-content\/uploads\/2016\/07\/MIT-Anonymous-System_0.jpg",639,426,false],"ultp_layout_portrait":["https:\/\/www.revoscience.com\/en\/wp-content\/uploads\/2016\/07\/MIT-Anonymous-System_0.jpg",600,400,false],"ultp_layout_square":["https:\/\/www.revoscience.com\/en\/wp-content\/uploads\/2016\/07\/MIT-Anonymous-System_0.jpg",600,400,false],"newspaper-x-single-post":["https:\/\/www.revoscience.com\/en\/wp-content\/uploads\/2016\/07\/MIT-Anonymous-System_0.jpg",639,426,false],"newspaper-x-recent-post-big":["https:\/\/www.revoscience.com\/en\/wp-content\/uploads\/2016\/07\/MIT-Anonymous-System_0.jpg",540,360,false],"newspaper-x-recent-post-list-image":["https:\/\/www.revoscience.com\/en\/wp-content\/uploads\/2016\/07\/MIT-Anonymous-System_0.jpg",95,63,false],"web-stories-poster-portrait":["https:\/\/www.revoscience.com\/en\/wp-content\/uploads\/2016\/07\/MIT-Anonymous-System_0.jpg",639,426,false],"web-stories-publisher-logo":["https:\/\/www.revoscience.com\/en\/wp-content\/uploads\/2016\/07\/MIT-Anonymous-System_0.jpg",96,64,false],"web-stories-thumbnail":["https:\/\/www.revoscience.com\/en\/wp-content\/uploads\/2016\/07\/MIT-Anonymous-System_0.jpg",150,100,false]},"author_info":{"info":["Amrita Tuladhar"]},"category_info":"<a href=\"https:\/\/www.revoscience.com\/en\/category\/computer-science\/\" rel=\"category tag\">Computer Science<\/a> <a href=\"https:\/\/www.revoscience.com\/en\/category\/news\/research\/\" rel=\"category tag\">Research<\/a>","tag_info":"Research","comment_count":"0","_links":{"self":[{"href":"https:\/\/www.revoscience.com\/en\/wp-json\/wp\/v2\/posts\/9277","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.revoscience.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.revoscience.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.revoscience.com\/en\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/www.revoscience.com\/en\/wp-json\/wp\/v2\/comments?post=9277"}],"version-history":[{"count":0,"href":"https:\/\/www.revoscience.com\/en\/wp-json\/wp\/v2\/posts\/9277\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.revoscience.com\/en\/wp-json\/wp\/v2\/media\/9278"}],"wp:attachment":[{"href":"https:\/\/www.revoscience.com\/en\/wp-json\/wp\/v2\/media?parent=9277"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.revoscience.com\/en\/wp-json\/wp\/v2\/categories?post=9277"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.revoscience.com\/en\/wp-json\/wp\/v2\/tags?post=9277"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}