loader gif

Introducing Riffle, MIT’s New Network Protocol To Compete Tor


Tor has long been the trusted medium for netizens to carry out anonymous online activities. But that also means that Tor is always under the magnifying lens of surveillance agencies like FBI and NSA. Researchers at MIT’s Computer Science and Artificial Intelligence Laboratory and the École Polytechnique Fédérale de Lausanne have come up with a new scheme for anonymous communications that is claimed to provide much better security measures than existing protocols.

Knock knock Tor

Anonymity networks have always been helpful for people living oppressive regimes to communicate with outside world without the fear of getting tracked and caught. But even Tor hasn’t been a silver bullet for this purpose due to the recent discovery of vulnerabilities in it. The vulnerability in Tor comes from non-trustworthy nodes in it’s network which can potentially work together to track the exchange of packets to match a user to traffic coming out an exit node. This can kill the very purpose of Tor. This in turn has motivated researchers to work hard to create more secure protocols.

The team at MIT is led by graduate student Albert Kwon and includes his coauthors – his advisor, Srini Devadas, the Edwin Sibley Webster Professor of Electrical Engineering and Computer Science at MIT; David Lazar, also a graduate student in electrical engineering and computer science; and Bryan Ford SM ’02 PhD ’08, an associate professor of computer and communication sciences at the École Polytechnique Fédérale de Lausanne. Riffle uses several existing cryptographic techniques like public key and symmetric cryptography but combines them in a novel manner.

So What’s the Secret Sauce Behind Riffle?


Riffle employs a few clever tricks to baffle any attackers. In the heart of the system, is a mixnet, a bunch of servers which permute the order in which messages are passed onto the next node preventing anyone from tracking packets by examining their metadata.
Then there is another set of measures to prevent malicious servers sending duplicate messages and tracking a single user.

Messages are sent to all servers from one user instead of sending to only one server and similarly outgoing messages are secured by an independently verifiable mathematical proof in a signature needed by the outgoing server. This way no server can tamper with the messages. This second technique is known as a dining-cryptographer network(DCN).

Though mixnets and DCNs have been around for a while, scalability and other issues have prevented their adoption. The major work of the team lies in overcoming those weaknesses. More technical details can be read in the paper itself.

“The more servers there are, the more secure it is,” wrote Kwon. “However, in terms of performance, since all messages go through all servers, the less servers there are, the more performant it is.” Small, secure networks rather than ubiquitous global ones is the idea.

There is no downloadable version of Riffle as of now. Also, there are no plans to commercialize it or use it to completely replace Tor. But it could surely complement Tor with it’s innovative capabilities to build a better network infrastructure.

loader gif