HORNET says it's a faster way to browse the web anonymously. Will it work once it leaves the academic sphere?
Tor, the most popular method of anonymized browsing on the internet, is slow. In fact, using it to surf the dark web often feels like a time warp to a time before broadband. Can we do better?
A team of scientists out of Carnegie Mellon University, ETH Zurich, and University College London have proposed an alternative to Tor that promises to be much, much faster. It's called HORNET, which stands for high-speed onion routing at the network layer, and the researchers say that it's able to handle anonymous traffic at speeds of over 93 GB/s.
Here's a speed test published by the researchers comparing HORNET to Tor and standard internet protocol connections:
Like Tor, HORNET uses a system of nodes (or relays) to anonymously route traffic around the internet, hiding your true location and true IP address (this is called "onion routing"). But, unlike Tor, HORNET does not keep the "state" of the connection at each relay. Instead, decryption keys and other important information are kept in the headers of packets of information—the team says this makes everything faster.
"HORNET is designed to be highly efficient: Instead of keeping state at each relay, connection state (including, e.g., onion layer decryption keys) is carried within packet headers, allowing intermediate nodes to quickly forward traffic for large numbers of clients," the researchers wrote.
The team says the protocol can "scale as required," making it at an option to host "future internet architectures."
"No amount of internal testing compares to what happens when even a handful of real people get their hands on it"
The idea of a totally anonymized web is enticing. In fact, the researchers designed HORNET specifically to be able to block persistent mass surveillance similar to the type the FBI and NSA have used in an attempt to "pave the path for internet-scale anonymity." Instead of using the dark web to, say, buy drugs or send encrypted communication, you might be able to use it to watch videos and do whatever else it is you do on the normal internet.
This is all one huge "if," however. HORNET is a proof of concept, and while it appears to work in a laboratory, it's anyone's guess if it'll work out in the real world. And that's one of the problems with hyping academic papers like the one published by this team: No amount of internal testing compares to what happens when even a handful of real people get their hands on it. Hackers, general users, and security researchers often find flaws that even peer-review doesn't catch.
The Tor project told Motherboard that the Carnegie Mellon paper has not yet been published in a peer-reviewed journal (the proposal was published on arXiv, which is a pre-release academic server), and thus has no comment on it yet.
It's important to remember that Tor itself once started as a lowly proof of concept, way back in 2004. Sometimes these academic papers grow into something, sometimes they don't.
Nicholas Weaver, a computer scientist at Berkeley who is an expert in internet security and Bitcoin, told me that this is a start, but it's not time to get our hopes up for a faster anonymous browsing experience.
"These papers are often very important: Tor started out as an academic process, and it is the analysis in peer review that partially contributed to the system's soundness and strength," he told me in an email. "But there is still the matter of putting the system into practice."
And so we'll just have to wait and see. Really, that's all we can do at this point. The development of entirely new internet architectures, like the Tor browser itself, often moves slower than we want it to.
Update: One of our contributors, Joseph Cox, pointed out that he does normal internet things, like watching videos, using Tor all the time.
He's right, you certainly can do these things using Tor. But the experience is often much slower than if you were browsing without it. HORNET researchers appear to be trying to bring the overall speed of browsing and using onion routing closer to that of using normal internet protocol.