HORNET: Bigger and Faster than Tor

Tor is an encrypted network that is used by people who desire to preserve their privacy intact, or so they believe. But the inherent problems with the Tor encrypted network are two-fold: slow speed and it was the US Navy that started it all.

Having understood that the much talked about Jade Helm has something to do with “mastering the human domain” through the extensive use of Artificial Intelligence [AI], and the assumption that using Tor protects privacy, we may be seeing an effective government dragnet for dissidents and activists.
It’s a no -brainer that the Tor Project is co-opted, like so:

TOR Made for USG Open Source Spying Says Maker

Date: Tue, 22 Mar 2011 16:57:39 -0400

From: Michael Reed <reed[at]inet.org>

To: tor-talk[at]lists.torproject.org

Subject: Re: [tor-talk] Iran cracks down on web dissident technology

On 03/22/2011 12:08 PM, Watson Ladd wrote:

On Tue, Mar 22, 2011 at 11:23 AM, Joe Btfsplk<joebtfsplk[at]gmx.com>  wrote:

> Why would any govt create something their enemies can easily use against them, then continue funding it once they know it helps the enemy, if a govt has absolutely no control over it?  It’s that simple.  It would seem a very bad idea.  Stop looking at it from a conspiracy standpoint&  consider it as  a common sense question.

> Because it helps the government as well. An anonymity network that only the US government uses is fairly useless. One that everyone uses  is much more useful, and if your enemies use it as well that’s very good, because then they can’t cut off access without undoing their own work.

BINGO, we have a winner!  The original *QUESTION* posed that led to the invention of Onion Routing was, “Can we build a system that allows for bi-directional communications over the Internet where the source and destination cannot be determined by a mid-point?”  The *PURPOSE* was for DoD / Intelligence usage (open source intelligence gathering, covering of forward deployed assets, whatever). 
Not helping dissidents in repressive countries.  Not assisting criminals in covering their electronic tracks.  Not helping bit-torrent users avoid MPAA/RIAA prosecution.  Not giving a 10 year old a way to bypass an anti-porn filter.  Of course, we knew those would be other unavoidable uses for the technology, but that was immaterial to the problem at hand we were trying to solve (and if those uses were going to give us more cover traffic to better hide what we wanted to use the network for, all the better…
I once told a flag officer that much to his chagrin).  I should know, I was the recipient of that question from David, and Paul was brought into the mix a few days later after I had sketched out a basic (flawed) design for the original Onion Routing.
The short answer to your question of “Why would the government do this?” is because it is in the best interests of some parts of the government to have this capability…  Now enough of the conspiracy theories…
-Michael
_______________________________________________
tor-talk mailing list
tor-talk[at]lists.torproject.org
cryptome
Interestingly, only a week ago, NSA whistleblower Edward Snowden requested the internet experts to produce an internet of the people to free them from surveillance mechanisms of the state, and it seems that prayer has been heard.

Researchers claim they’ve developed a better, faster Tor

HORNET, a high-speed onion routing network, could be deployed on routers as part of the Internet.


HORNET, a proposed anonymizing network architecture based on an “onion routing” approach similar to Tor, could be much faster and integrated directly into Internet infrastructure, say its authors.
James Niland

A group of researchers—Chen Chen, Daniele Enrico Asoni, David Barrera, and Adrian Perrig of the Swiss Federal Institute of Technology (ETH) in Zürich and George Danezis of University College London—may have found a new balance between privacy and performance. In a paper published this week, the group described an anonymizing network called HORNET (High-speed Onion Routing at the NETwork layer), an onion-routing network that could become the next generation of Tor. According to the researchers, HORNET moves anonymized Internet traffic at speeds of up to 93 gigabits per second. And because it sheds parts of Tor’s network routing management, it can be scaled to support large numbers of users with minimal overhead, they claim.
Like Tor, HORNET encrypts encapsulated network requests in “onions”—with each layer being decrypted by each node passing the traffic along to retrieve instructions on where to next send the data. But HORNET uses two different onion protocols for protecting anonymity of requests to the open internet and a modified version of Tor’s “rendezvous point” negotiation for communication with a site concealed within the HORNET network.
When sending a request to a site that isn’t protected by HORNET, a more Tor-like “Sphinx” onion protocol is first used to set up the channel. “Each Sphinx packet allows a source node to establish a set of symmetric keys, one for each node on the path through which packets are routed,” the researchers explained. Those keys, created via a Diffie-Helman exchange, are used to encrypt the “Forwarding Segment”—the chain of session state information for the stream of data packets that follow. “The [Forwarding Segment] allows its creating node to dynamically retrieve the embedded information (i.e., next hop, shared key, session expiration time), while hiding this information from unauthorized third parties,” Chen et al wrote.
For the actual data packets, the sending system collects all of the forwarding segments from each node on the channel to the destination and combines them into what the researchers call an anonymous header (AHDR). “An AHDR grants each node on the path access to the [forwarding segment] it created, without divulging any information about the path except for a node’s previous and next nodes,” they explained. The data itself is “onioned”, encrypted with the keys for each of the nodes in the channel, until it reaches its destination. The upside of this approach, Chen et al said, is that it drastically reduces the cryptography work required for each packet, as well as the amount of session flow information the network has to manage.

Block diagrams of HORNET’s two packet types. Chen et al

For communications between two nodes that are both anonymized by HORNET—a scenario like Tor’s method of connecting users’ requests to “hidden services”—the researchers propose an approach that lets any node on the network act as a rendezvous point for communication to keep both the source and destination of traffic hidden from each other. Hidden services select a rendezvous point and set up a session using the Sphinx protocol, then publish an AHDR to a directory that has the encrypted information about how to get from the rendezvous point to the service. When a client goes to connect to a service, it finds the rendezvous point in the directory, along with the AHDR for the trip to the service, and then builds its own connection to the rendezvous point—adding the AHDR provided to get to the service to its own and a header with information for the return trip back.
The upsides of this scheme—in addition to the fact that any node can act as a rendezvous point without having to maintain state information about the connection—are that a service can advertise multiple rendezvous points in a directory, and a client can pick one that is closest in terms of network time. The two ends can also re-negotiate the route traffic takes through a better rendezvous point to improve performance as channels are expired. On the downside, the size of the headers used to communicate between the two is doubled in size,
As implemented in its testing, HORNET’s routing nodes can actually be embedded in network routers. The researchers build HORNET infrastructure code into Intel software routers using the Data Plane Development Kit (DPDK). HORNET client code, which included hidden services, was built in Python. “To our knowledge, no other anonymity protocols have been implemented in a router SDK,” the researchers wrote.
HORNET, like Tor, is not immune to targeted attacks on anonymity. If an attacker, such as a government agency or law enforcement organization, could control more than one of the nodes along a path selected for a HORNET channel, they would be able to perform “confirmation attacks”—the sort of timing analysis, flow analysis, and packet tagging that other security researchers have demonstrated could be used against Tor. “HORNET cannot prevent such confirmation attacks targeting individual users,” the researchers concluded. “However, HORNET raises the bar of deploying such attacks for secretive mass surveillance: the adversary must be capable of controlling a significant percentage of ISPs often residing in multiple geopolitical boundaries, not to mention keeping such massive activity confidential.”
arstechnica
We have come to a point where the mechanisms of the state are being used exclusively by a select few, i.e. Fiat Bankers. Clearly, the real antidote to state surveillance is the removal of the Corporate State, complete neutralization of the banking mafia, and the long overdue departure from the monetary economic system altogether.
Failure to do all of the aforementioned solutions will only kept us in an endless cycle of Hegelian dialectic script, inside an Orwellian AI-based technocratic dictatorship.

4 thoughts on “HORNET: Bigger and Faster than Tor”

    1. The researchers’ announcement is meant to inform the industry and the internet community that there is a better option other than Tor. But this option may need the full cooperation of the router manufacturers to update their firmwares, i.e. device driver software.
      However, if the open source community could provide a possible workaround, in cases where the hardware manufacturers won’t cooperate, we will let everyone know.

Leave a Reply