Academics have developed a Tor network alternative for users which allows for high-speed anonymous web surfing.
This week, researchers presented Hornet, a high-speed onion routing network which leverages next-generation architecture to make user tracking more difficult.
Developed by Chen Chen of Carnegie Mellon University together with Daniele Enrico Asoni, David Barrera, George Danezis and Adrian Perrig -- hailing from Zurich's Federal Institute of Technology and University College London -- the low-latency onion routing system enables end-to-end anonymous channels and has been designed as a quicker and more secure alternative to Tor.
The Tor network operates through servers and creates virtual tunnels which make IP tracking an arduous process. The network is used by those wishing to access the Deep Web, as well as by journalists, activists and law enforcement.
The average user can access the network through downloading the software or via browser extensions to mask their IP and web activity from spying eyes.
While the non-profit's network can slow down browsing speeds for the sake of avoiding surveilance, Hornet is capable of processing anonymous traffic at over 93 GB/s.
In a paper titled HORNET: High-speed Onion Routing at the Network Layer (.PDF), the team describe how Hornet's router logic was implemented within an Intel software router alongside a Hornet client developed for Python. The team says that unlike other onion routers, Hornet does not keep per-flow states or "perform computationally expensive operations for data forwarding," which allows the system to scale as required without limits -- and the use of symmetric cryptography enables traffic to be processed at such high speeds.
According to the academics, each Hornet node can "process traffic for a practically unlimited number of sources."
In addition, the team claims their system "provides stronger security guarantees than existing network-level anonymity systems" as the system does not store per-session states.
Instead, Hornet offloads session states to end hosts by default, encrypting each packet to reduce the risk of data leaks.
The paper states:
"It is designed to be highly efficient: instead of keeping state at each relay, connection state (such as onion layer decryption keys) is carried within packet headers, allowing intermediate nodes to quickly forward traffic for large numbers of clients.
For all data packets within the session, Hornet nodes use only symmetric cryptography to retrieve their state, process the AHDR and onion-decrypt (or encrypt) the payload."
If a user is targeted and at more than one node is compromised, users can still be pursued through confirmation attacks -- attacks based on monitoring traffic streams and packet flows to track a user. However, the security bar is raised as an attacker must control "a significant percentage of ISPs" in multiple geopolitical areas -- while keeping such surveillance quiet -- in order to spy on the alternative Tor network's users effectively.
In May, the Tor Cloud Project closed its doors. The add-on to the Tor Project gave users access to the network in exchange for donated bandwidth, however, a lack of developers to keep the system free of bugs and vulnerabilities -- thereby placing users at risk of exposure -- prompted the organization to close down the scheme altogether.
Top 5 security practices in staying safe online: From the experts