Behind Toroken, a bid to make Web anonymity faster
Tor, the most popular anonymity network ever built, can help to hide your digital tracks from anyone, even intelligence agencies and law enforcement around the globe. It’s a tool that fundamentally changes the way Internet privacy works by putting the very real power of anonymity into the hands of anyone who chooses to use it.
But for all of its utility, Tor is far from perfect.
The first thing a new Tor user will notice is that it can often be achingly slow to load any website. The lack of speed makes it difficult to convince ordinary people to use the tool on a daily basis. Now that could all change.
In March, a group of researchers won a $250,000 prize to develop a tool called Toroken that’s designed to speed up an anonymity network like Tor significantly—as long as you’re ready to pay for that speed in bitcoins, the cryptocurrency favored for its decentralized nature.
“It could be a more disruptive idea than Bitcoin itself,” Robert David, one of Toroken’s developers, said in a phone call about the “next generation” idea. “That’s why it got early interest online even though we didn’t try to garner it.”
The basics of the Toroken project foreshadow major potential changes to the Internet’s most famous anonymizer.
Right now, the Tor anonymity network basically works like this: After a quick and easy download, users surf the Web by sending encrypted data bouncing around three random nodes across the world before it finally reaches its destination—without being eavesdropped upon. All the bandwidth needed for the nodes doing Tor’s crucial heavy lifting is donated by volunteers. (The network is completely free to access and volunteers receive nothing but good karma.)
With Toroken, the anonymity network would be split into paying and nonpaying tiers. Those who pay for Tor network nodes in Bitcoin would be privy to a significant bandwidth and speed boost. Those who don’t pay will have access to the same free, relatively slow but capable network that exists today. If all goes according to plan, the financial incentives will grow the entire Tor network and make it self-sustaining.
The idea—the details of which are very much still being hashed out—already has people in cryptography talking. In March, Toroken took home second place in the Texas Bitcoin Conference hackathon, along with the $250,000 prize. That prize is designed to serve as the foundations for a Kickstarter that, if all goes according to plan, would fund the project the rest of the way.
In February, the team was in Iceland for a lunch conversation with core Tor developers to open the lines of communication. While the Toroken team has talked about working with Tor—it’s in the the company’s name, after all—so far that communication has been mostly limited to that single lunch.
Another option, if Toroken’s admittedly radical ideas can’t win over Tor’s decade-old development team and community, is to branch off from the open-source Tor to create something new.
“We’re technology agnostic,” David said. “People are open to new and good ideas in both camps. The biggest thing for me was not trying to focus on ‘Let’s do this for Tor or bitcoin’ but ‘Let’s figure out way to make the idea possible.’”
Tor’s speed and scalability problems have been on the radar of its developers for years. Most of the work aimed at solving those issues has been directed at reducing the existing load on the network and optimizing utilization of the existing resources. Growing the network’s capacity and scalability, however, has remained an unsolvable issue.
To get faster access, you’ll have two options. The first is the most obvious: Pay. The second is just as interesting. If users run their own nodes, dedicating a portion of their own bandwidth to the project, they’ll be rewarded with bitcoins that they can turn around and quickly spend to speed up their own anonymous surfing—or spend however they like.
This idea would fundamentally alter the way the Tor network works. If users have an incentive to run their own node, the overall capacity and speed of the entire network will rise, increasing its utility and appeal. That will increase its attractiveness to potential new users, some of whom will likely want to become paid nodes, with the hope being that the cycle begins anew.
“By requiring relays to provide bandwidth to a routing network in order to earn new credits, an incredibly powerful feedback loop is created where the ‘work’ performed to earn new currency is provided as a service to those using the network,” David stressed.
The project’s developers point to the Bitcoin network as evidence that financial incentives in peer-to-peer networks really can work. Users can pay fees to Bitcoin miners to speed up transactions through the network, thus incentivizing participation in exactly the same way Toroken's developers are looking to.
By no coincidence, the Bitcoin network has grown to over 200,000 nodes in five years.
In twice as much time, the all-volunteer Tor has only 5,000 nodes supporting over 3 million users. The number of nodes has doubled in the last two years, but given the ascent of Tor in that time, the network capacity simply isn’t growing at a comparable rate.
“If you had this kind of high speed, commercially viable routing network that gave people anonymity,” David said, “think of what that could do for prevention of censorship and freedom of information.”
Toroken’s developers and contributors are heavyweights in the Internet anonymity field. Rob Jansen has been writing papers about solving Tor’s speed problem through incentivization for years, including one with Paul Syverson, the inventor of Onion routing.
Virgil Griffith is something of a celebrity hacker, having co-created Tor2Web with late Internet pioneer Aaron Swartz to allow public access to the otherwise hidden Tor network. He’s also written extensively on artificial intelligence and was called the “Internet man of mystery” (and a “troublemaker, a twerp”) in a New York Times profile.
Then there’s Vancouver-based developer Robert David, CEO of the Bitcoin startup Monetsu, who handles the Bitcoin protocol and serves as the team’s “cryptocurrency expert.”
Project members are currently trying to organize and woo other programmers like Jacob Appelbaum, a core Tor developer and vocal hero to privacy advocates around the globe. Jeremy Kandah, a managing partner on the $15 million BitAngels fund aimed at investing in decentralized apps, has also been heavily involved in the project in recent months.
Although it’s new and being discussed quietly so far, Toroken already has a number of questions being asked in and outside of the team.
Closely associating an anonymous service (Tor) with a pseudonymous service (Bitcoin) leaves open the possibility of unmasking users, thus defeating the entire purpose of Tor.
“This is the biggest concern that anyone has,” Kandah said. “If you compromise anonymity, this isn’t a successful project. There are lots of proposals on how to solve this problem. I think we should avoid talking too much about that because there are lots of ways it could go—but everyone agrees that we can solve it.”
The next question being heavily debated by the team strikes at the heart of the entire project: speed. Is the Bitcoin transaction speed fast enough to enable a quicker Tor network?
The answer is no. The average Bitcoin transaction takes 10 minutes for confirmation, a time that would render the entire Toroken project useless. To get around this issue, developers hope to write an “off ledger,” a short term transaction list that will quickly record what’s happening and then transfer the records to the public Bitcoin ledger as each new block of transactions is completed.
Because the off ledger will be out of the Bitcoin network for some time, this solution means there could be a “short term trust issue,” Kandah said, but it reduces fees, pushes volume up, and speeds up the whole process to the point of real utility.
The final question is whether Toroken will create “tiered privacy,” where only people with disposable income can afford the real Internet anonymity. In other words, will paid nodes slow the freeloaders down on bandwidth, incentivizing them to pay instead of continuing to use the network for free?
The question of how financial incentives will affect nodes and clients is one of the foremost topics of discussion among the core development team, which is currently “trying to analyze what that might be like.”
However, Kandah said, “Free access to Tor will still exist. And with how Toroken scales, it will be very easy to be a node, earn bitcoins, and use it on the network themselves.
The Toroken project comes on the heels of several announcements about changes to the Tor network that will open the anonymity tool up to more users than ever before. Tor is currently building an anonymous instant messenger, an anonymous mobile phone operating system (beta testing begins this spring), and point-and-click Deep Web publishing.
That is a suite of tools that makes Tor easier to use than ever before. Toroken would be a fascinating next step, whether it’s ever officially adopted by the Tor team or if it becomes a derivative project. Ideally it would be easier to use in many respects—speed equals utility—but having to pay money is a hurdle users haven’t had to face before.
Toroken is still in the very early stages of development. But it’s a big idea that has piqued the interest of many of the right people. If it can deliver on promises of speed and scalability, Toroken has the potential to fundamentally change the way online anonymity works.
But no one is sure exactly how the new anonymity will work.
Correction: This article has been updated to clarify how Bitcoin users can pay to increase the speed of their transactions on the network.
Illustration by Jason Reed
The Obama administration just took Cuba off the terrorism list
Congress could have objected, but it didn't.5.4k
Scientists created jumping robotic cheetahs because they've never seen a sci-fi movie
Well, we had a good run.15k
Look at these photos of a tiny baby elephant being reunited with its mom
New privacy update lets Uber track your location while it runs in the background
It also wants your phone contacts, and possibly your first-born child.
The 7 most dad things ever