HORNET is an encrypted, anonymous web browsing system that destroys Tor's performance
With the current concerns about surveillance and privacy, more and more people are turning to anonymizing tools. The existence of unknown numbers of spying tools means that increasing numbers of people are turning to the likes of Tor to keep their online activities private.
But encryption systems such as those used by The Onion Relay have a horrible tendency to slow things down. A new encryption system called HORNET could be a solution. Its creators say that data transfer speeds of up to 93GBps are possible, with much of the acceleration coming from a reduction in the number of hops data has to make around the network.
It might be some time before HORNET is rolled out on any sort of large scale, but things are already looking promising. The academics behind the technology (which is short for High-speed Onion Routing at the Network Layer) published a paper this week outlining the advantages of their system which they say continues to offer robust protection against surveillance. Unlike Tor, HORNET has great potential for scaling up without suffering from the slowdown that blights its better-known counterpart.
The paper concludes by saying:
Our experiments show that small trade-offs in packet header size greatly benefit security, while retaining high performance.
That said, it is worth remembering that things are still in very early stages, and HORNET is yet to be peer-reviewed.
Writing on the Daily Dot, Patrick Howell O'Neill gives a neat summary of how the system works:
The basic architecture of Tor and HORNET are very similar: A group of global relay nodes are used to mix and encrypt Internet traffic in multiple layers—hence the 'onion routing' names— so that by the end of the process, no one is supposed to know where the traffic originated.
HORNET aims for more scalability and efficiency as it pushes the traffic through its network by having the intermediate relay nodes avoid keeping the per-session state (for instance, encryption keys and routing information) and pushing that task to the nodes on either end of the connection. Without that task, nodes can theoretically forward traffic more quickly to a larger number of clients.
Check out the paper in full on the Cornell University Library website.