Riffle Is More Secure, and Less Useful, Than Tor

An MIT grad student's tool is faster and more secure than existing anonymity services, but it's not nearly as expansive.

Getty Images / Chip Somodevilla

MIT graduate student Albert Kwon has created an anonymous file-sharing tool called Riffle that is supposed to be faster and more secure than its competitors.

Riffle uses a combination of onion encryption, independent verification, and data shuffling to ensure that data sent with it can’t be compromised. This would allow its users to download files, or post messages to a microblogging service, without having to worry that someone would be able to identify what they have shared or accessed.

“The initial use case that we thought of was to do anonymous file-sharing, where the receiving end and sending end don’t know each other,” says Albert Kwon, a graduate student in electrical engineering and computer science and first author on the new paper. “The reason is that things like honeypotting” — in which spies offer services through an anonymity network in order to entrap its users — “are a real issue. But we also studied applications in microblogging, something like Twitter, where you want to anonymously broadcast your messages to everyone.”

It would also mean Riffle isn’t vulnerable to attacks through which adversaries could figure out what files its users are downloading. The same can’t be said for the Tor anonymous browsing service — MIT researchers proved in July 2015 that the websites visited by Tor users could be easily discovered.

An illustration showing how Riffle's file-sharing protocol works.

Albert Kwon and co-authors

That sounds great! Offering more secure tools is key to aiding privacy. There’s just one catch: Riffle is currently limited to file-sharing and microblogging while Tor offers a much more expansive service that protects its users while they browse the web, download files, and send private messages to each other. Riffle can’t replace Tor — all it can do is complement the tool with its limited feature set.

“There are indeed some incompatible design goals,” Kwon told TechCrunch. “However, they could also be complementary to each other, taking advantage of both the security of Riffle and the large anonymity set size of Tor.” It’s not an elegant fix, but it is a secure one.

Riffle is also limited to a relatively small number of servers. The group’s experiments with the protocol were limited to three servers, and while those were set up to handle tens or hundreds of thousands of users, that’s still a much smaller group than the billion-plus people who use the internet at large. It could expand, but Kwon also tells TechCrunch that doing so would slow down the tool.

More people than ever care about their privacy. News outlets like ProPublica are setting up hidden sites for their journalism, and Facebook’s hidden site reached 1 million monthly Tor users in April.

Riffle could eventually become a full-fledged Tor competitor — Kwon and his co-authors write in their paper that the tool could eventually allow its users to browse the web. But for now it’s just a tool that could fill the need for more secure file-sharing and microblogging amongst relatively small communities. And that’s better than nothing at all.

Related Tags