HORNET – Faster and Secure Anonymity Network Than Tor

Most of you must have heard about Tor, which is one of the renowned network based on onion router, delivers a good amount of anonymity and has become one of the popular software for everyday Internet users, activists and journalists who struggle to avoid restriction imposed by the corporate and government sectors.

But what’s missing in this well-known onion routing is the slow Internet connection speed. Due to the multifarious encryption technique, the Web browsing experience gets affected very badly. It means this tool becomes impractical for those users who are trying to move large amounts data.

Now meet HORNET, an anticipated high-speed onion routing based anonymizing network architecture which promises that it could be significantly faster, can be integrated on routers and will work as a part of the Internet.

“Our system uses only symmetric cryptography for data forwarding yet requires no per-flow state on intermediate nodes. This design enables HORNET nodes to process anonymous traffic at over 93GB/s.”

At the beginning of this week, a set of document has been released by a group of five computer and security researchers – specifically Chen Chen, Daniele Enrico Asoni, David Barrera, George Danezis, and Adrian Perrig – who have found an equilibrium between the Internet performance and user privacy.

Block diagrams of HORNET’s two packet types.
Chen et al

In the documents, they have described all the details of an anonymizing network known as HORNET – high-speed onion routing at the network layer. The details include design and implementation as well as a performance and security evaluation.

If you compare this next generation of anonymity tool with the existing onion routing tool like Tor, the infrastructure build in HORNET is capable of delivering faster node speeds and is more resistant to the eavesdropping attempts.

“We design and implement HORNET, an anonymity system that uses source-selected paths and shared keys between endpoints and routers to support onion routing,” the HORNET document said. “Unlike other onion routing implementations, HORNET routers do not keep per-flow state or perform computationally expensive operations for data forwarding, allowing the system to scale as new clients are added.”

The researchers claim that HORNET is capable of moving anonymized Internet traffic data at the speeds of up to 93 gigabits per second. And since this tool is based on the network routing management system used by Tor, it has the capability to sever a large number of users with nominal overhead.

HORNET encrypts compressed network requests in onions in a similar way it is done by Tor. The encryption process is very simple, each layer is first decrypted by each node that passes the traffic and save instructions about where it should send the upcoming traffic data.

But HORNET is slightly different and better than Tor because it uses two divergent onion protocols, first one is used for protecting the anonymity of requests to the Internet and the second one is the modified version of Tor rendezvous point intervention to communicate with a site concealed within the network of HORNET.

During the evaluation phases of HORNET, the researchers said:

“We implemented the HORNET router logic in an Intel software router using the Data Plane Development Kit (DPDK). To our knowledge, no other anonymity protocols have been implemented in a router SDK.”

“We also implemented the HORNET client in Python. Furthermore, we assembled a custom crypto library based on the Intel AESNI crypto library, the curve25519-donna library, and the PolarSSL libraries.”

HORNET claims it’s faster than TOR

In the conclusion, what we found out in the document is that HORNET, just like Tor, is not protected from anonymity and confirmation attacks. So let’s say, if an attacker, i.e. law enforcement agency, would be able to control more than one of the nodes being used by HORNET then they would be able to execute the confirmation attacks. This could happen by “leveraging flow dynamics analysis, timing, and packet tagging.”

The researchers also found out that the small trade-offs in the size of a packet has impressively improved the overall security while at the same time retaining the speedy performance.

PS: Don’t get confused with The Gay Social Network for Chat and Dating app Hornet.

Tell us what do you think about HORNET? Report typos and corrections to [email protected]


Related Posts