research-article

Dissent: accountable anonymous group messaging

Authors:

Henry Corrigan-Gibbs,

Bryan FordAuthors Info & Claims

CCS '10: Proceedings of the 17th ACM conference on Computer and communications security

Pages 340 - 350

https://doi.org/10.1145/1866307.1866346

Published: 04 October 2010 Publication History

Abstract

Users often wish to participate in online groups anonymously, but misbehaving users may abuse this anonymity to disrupt the group's communication. Existing messaging protocols such as DC-nets leave groups vulnerable to denial-of-service and Sybil attacks, Mix-nets are difficult to protect against traffic analysis, and accountable voting protocols are unsuited to general anonymous messaging.

We present the first general messaging protocol that offers provable anonymity with accountability for moderate-size groups, and efficiently handles unbalanced loads where few members wish to transmit in a given round. The N group members first cooperatively shuffle an N x N matrix of pseudorandom seeds, then use these seeds in N "pre-planned" DC-nets protocol runs. Each DC-nets run transmits the variable-length bulk data comprising one member's message, using the minimum number of bits required for anonymity under our attack model. The protocol preserves message integrity and one-to-one correspondence between members and messages, makes denial-of-service attacks by members traceable to the culprit, and efficiently handles large, unbalanced message loads. A working prototype demonstrates the protocol's practicality for anonymous messaging in groups of 40+ members.

References

[1]

}}Ben Adida. Advances in cryptographic voting systems. PhD thesis, Cambridge, MA, USA, 2006.

Digital Library

[2]

}}Mihir Bellare, Anand Desai, David Pointcheval, and Phillip Rogaway. Relations among notions of security for public-key encryption schemes. Advances in Cryptology CRYPTO '98, pages 549--570, 1998.

Digital Library

[3]

}}Oliver Berthold, Andreas Pfitzmann, and Ronny Standtke. The disadvantages of free MIX routes and how to overcome them. In Workshop on Design Issues in Anonymity and Unobservability, July 2000.

Digital Library

[4]

}}Dan Boneh, Xavier Boyen, and Hovav Shacham. Short group signatures. In CRYPTO, August 2004.

[5]

}}Nikita Borisov, George Danezis, Prateek Mittal, and Parisa Tabriz. Denial of service or denial of security? How attacks on reliability can compromise anonymity. In 14th ACM CCS, October 2007.

Digital Library

[6]

}}Nikita Borisov, Ian Goldberg, and Eric Brewer. Off-the-record communication, or, why not to use PGP. In WPES, pages 77--84, October 2004.

Digital Library

[7]

}}Justin Brickell and Vitaly Shmatikov. Efficient anonymity-preserving data collection. In Tina Eliassi-Rad, Lyle H. Ungar, Mark Craven, and Dimitrios Gunopulos, editors, KDD, pages 76--85. ACM, 2006.

Digital Library

[8]

}}Miguel Castro and Barbara Liskov. Practical byzantine fault tolerance. In 3rd OSDI, pages 173--186, February 1999.

Digital Library

[9]

}}David Chaum. Untraceable electronic mail, return addresses, and digital pseudonyms. Communications of the ACM, 24(2), February 1981.

Digital Library

[10]

}}David Chaum. The dining cryptographers problem: Unconditional sender and recipient untraceability. Journal of Cryptology, 1(1):65--75, January 1988.

[11]

}}David Chaum and Eug ène Van Heyst. Group signatures. In Eurocrypt, April 1991.

Digital Library

[12]

}}Ian Clarke, Oskar Sandberg, Brandon Wiley, and Theodore W. Hong. Freenet: A distributed anonymous information storage and retrieval system. In Workshop on Design Issues in Anonymity and Unobservability, July 2000.

Digital Library

[13]

}}David Davenport. Anonymity on the Internet: why the price may be too high. Communications of the ACM, 45(4):33--35, April 2002.

Digital Library

[14]

}}Roger Dingledine, Nick Mathewson, and Paul Syverson. Tor: thesecond-generation onion router. In SSYM' 04: Proceedings of the 13th conference on USENIX Security Symposium, pages 21--21, Berkeley, CA, USA, 2004. USENIX Association.

Digital Library

[15]

}}Roger Dingledine, Vitaly Shmatikov, and Paul Syverson. Synchronous batching: From cascades to free routes. In WPET, May 2004.

Digital Library

[16]

}}Roger Dingledine and Paul Syverson. Reliable MIX cascade networks through reputation. In Financial Cryptography, March 2002.

Digital Library

[17]

}}John R. Douceur. The Sybil attack. In 1st International Workshop on Peer-to-Peer Systems, March 2002.

Digital Library

[18]

}}Emulab network emulation testbed. http://emulab.net/.

[19]

}}Eiichiro Fujisaki, Tatsuaki Okamoto, David Pointcheval, and Jacques Stern. RSA-OAEP is secure under the RSA assumption. Journal of Cryptology, 17(2):81--104, 03 2004.

Digital Library

[20]

}}Jun Furukawa and Kazue Sako. An efficient scheme for proving a shuffle. In CRYPTO, August 2001.

Digital Library

[21]

}}David Goldschlag, Michael Reed, and Paul Syverson. Onion routing for anonymous and private internet connections. Communications of the ACM, 42(2):39--41, February 1999.

Digital Library

[22]

}}Philippe Golle and Ari Juels. Dining cryptographers revisited. Eurocrypt, May 2004.

[23]

}}Andreas Haeberlen, Petr Kouznetsov, and Peter Druschel. PeerReview: Practical accountability for distributed systems. In 21st SOSP, October 2007.

Digital Library

[24]

}}Jan Iwanik, Marek Klonowski, and Miroslaw Kutylowski. DUO-Onions and Hydra-Onions - failure and adversary resistant onion protocols. In IFIP CMS, September 2004.

[25]

}}Leslie Lamport. The part-time parliament. TOCS, 16(2):133--169, 1998.

Digital Library

[26]

}}C. Andrew Neff. A verifiable secret shuffle and its application to e-voting. In 8th CCS, pages 116--125, November 2001.

Digital Library

[27]

}}G. Perng, M.K. Reiter, and Chenxi Wang. M2: Multicasting mixes for efficient and anonymous communication. In 26th ICDCS, pages 59--59, 2006.

Digital Library

[28]

}}Mario Di Raimondo, Rosario Gennaro, and Hugo Krawczyk. Secure off-the-record messaging. In WPES, November 2005.

Digital Library

[29]

}}Michael K. Reiter and Aviel D. Rubin. Anonymous web transactions with crowds. Communications of the ACM, 42(2):32--48, 1999.

Digital Library

[30]

}}Ronald Rivest, Adi Shamir, and Yael Tauman. How to leak a secret. In ASIACRYPT, December 2001.

Digital Library

[31]

}}Andrei Serjantov, Roger Dingledine, and Paul Syverson. From a trickle to a flood: Active attacks on several mix types. Information Hiding, pages 36--52, 2003.

[32]

}}Emin G ün Sirer et al. Eluding carnivores: File sharing with strong anonymity. In 11th SIGOPS European Workshop, September 2004.

Digital Library

[33]

}}Frank Stajano and Ross Anderson. The cocaine auction protocol: On the power of anonymous broadcast. In 3rd Information Hiding Workshop, September 1999.

Digital Library

[34]

}}Edward Stein. Queers anonymous: Lesbians, gay men, free speech, and cyberspace. Harvard Civil Rights-Civil Liberties Law Review, 38(1), 2003.

[35]

}}Douglas R. Stinson. Cryptography: Theory and Practice, Third Edition (Discrete Mathematics and Its Applications). Chapman & Hall/CRC, November 2005.

Digital Library

[36]

}}Brad Stone and Matt Richtel. The hand that controls the sock puppet could get slapped. New York Times, July 2007.

[37]

}}Al Teich, Mark S. Frankel, Rob Kling, and Ya-ching Lee. Anonymous communication policies for the Internet: Results and recommendations of the AAAS conference. Information Society, May 1999.

[38]

}}Eugene Vasserman, Rob Jansen, James Tyra, Nicholas Hopper, and Yongdae Kim. Membership-concealing overlay networks. In 16th ACM CCS, November 2009.

Digital Library

[39]

}}Luis von Ahn, Andrew Bortz, and Nicholas J. Hopper. k-anonymous message transmission. In 10th CCS, pages 122--130, New York, NY, USA, 2003. ACM.

Digital Library

[40]

}}Michael Waidner and Birgit Pfitzmann. The dining cryptographers in the disco: Unconditional sender and recipient untraceability with computationally secure serviceability. In Eurocrypt, page 690, April 1989.

Digital Library

[41]

}}Jonathan D. Wallace. Nameless in cyberspace: Anonymity on the internet, December 1999. Cato Briefing Paper No. 54.

[42]

}}Wikileaks. http://wikileaks.org/.

[43]

}}The constitutional right to anonymity: Free speech, disclosure and the devil. Yale Law Journal, 70(7):1084--1128, June 1961.

Cited By

López-García DPérez Torreglosa JVera DSánchez-Raya M(2024)Binary-Tree-Fed Mixnet: An Efficient Symmetric Encryption SolutionApplied Sciences10.3390/app1403096614:3(966)Online publication date: 23-Jan-2024
https://doi.org/10.3390/app14030966
Zhu DTu JCai DJiang TXiahou JChen YLiu C(2024)SRFACS: A secure and robust framework for anonymous communication systemsPLOS ONE10.1371/journal.pone.031281719:12(e0312817)Online publication date: 2-Dec-2024
https://doi.org/10.1371/journal.pone.0312817
Tovey EWeiss JGilad YLuo BLiao XXu JKirda ELie D(2024)Distributed PIR: Scaling Private Messaging via the Users' MachinesProceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security10.1145/3658644.3670350(1967-1981)Online publication date: 2-Dec-2024
https://dl.acm.org/doi/10.1145/3658644.3670350
Show More Cited By

Index Terms

Dissent: accountable anonymous group messaging
1. Networks
  1. Network protocols
    1. Application layer protocols

Recommendations

Dual-Path Peer-to-Peer Anonymous Approach
ICPADS '10: Proceedings of the 2010 IEEE 16th International Conference on Parallel and Distributed Systems

there are many approaches proposed to provide anonymous peer-to-peer communications. Data sent via peer-to-peer communications is vulnerable to traffic analysis. Traffic analysis is the process of intercepting and analysing messages in order to ...
GlobaliD - Privacy Concerns on a Federated Identity Provider Associated with the Users' National Citizen's Card
CENTRIC '10: Proceedings of the 2010 Third International Conference on Advances in Human-Oriented and Personalized Mechanisms, Technologies and Services

Personal information sharing is one of the most common online activities. Most of the times we feel forced to give up about some privacy in order to share a piece of information with others. This paper reflects on the anonymity, integrity, privacy of ...
Accountable Anonymity: A Proxy Re-Encryption Based Anonymous Communication System
ICPADS '12: Proceedings of the 2012 IEEE 18th International Conference on Parallel and Distributed Systems

While several well-developed anonymous services have been made available on-line to protect Internet user's privacy, we have seen that due to the lack of accountability, they have often been exploited by criminals to conduct various illegal activities (...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

CCS '10: Proceedings of the 17th ACM conference on Computer and communications security

October 2010

782 pages

ISBN:9781450302456

DOI:10.1145/1866307

General Chair:
Ehab Al-Shaer
University of North Carolina, Charlotte, USA
,
Program Chairs:
Angelos D. Keromytis
Columbia University, USA
,
Vitaly Shmatikov
University of Texas at Austin, USA

Copyright © 2010 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 04 October 2010

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

CCS '10

Sponsor:

SIGSAC

CCS '10: 17th ACM Conference on Computer and Communications Security 2010

October 4 - 8, 2010

Illinois, Chicago, USA

Acceptance Rates

CCS '10 Paper Acceptance Rate 55 of 325 submissions, 17%;

Overall Acceptance Rate 1,261 of 6,999 submissions, 18%

Upcoming Conference

CCS '25

Sponsor:
sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 13 - 17, 2025

Taipei , Taiwan

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

116
Total Citations
View Citations
1,147
Total Downloads

Downloads (Last 12 months)86
Downloads (Last 6 weeks)7

Reflects downloads up to 03 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

López-García DPérez Torreglosa JVera DSánchez-Raya M(2024)Binary-Tree-Fed Mixnet: An Efficient Symmetric Encryption SolutionApplied Sciences10.3390/app1403096614:3(966)Online publication date: 23-Jan-2024
https://doi.org/10.3390/app14030966
Zhu DTu JCai DJiang TXiahou JChen YLiu C(2024)SRFACS: A secure and robust framework for anonymous communication systemsPLOS ONE10.1371/journal.pone.031281719:12(e0312817)Online publication date: 2-Dec-2024
https://doi.org/10.1371/journal.pone.0312817
Tovey EWeiss JGilad YLuo BLiao XXu JKirda ELie D(2024)Distributed PIR: Scaling Private Messaging via the Users' MachinesProceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security10.1145/3658644.3670350(1967-1981)Online publication date: 2-Dec-2024
https://dl.acm.org/doi/10.1145/3658644.3670350
Zhang XXu HBa ZWang ZHong YLiu JQin ZRen K(2024)PrivacyAsst: Safeguarding User Privacy in Tool-Using Large Language Model AgentsIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2024.337277721:6(5242-5258)Online publication date: Nov-2024
https://doi.org/10.1109/TDSC.2024.3372777
Schadt DCoijanovic CWeis CStrufe T(2024)PolySphinx: Extending the Sphinx Mix Format With Better Multicast Support2024 IEEE Symposium on Security and Privacy (SP)10.1109/SP54263.2024.00044(4386-4404)Online publication date: 19-May-2024
https://doi.org/10.1109/SP54263.2024.00044
Nelson BPagnin EAskarov A(2024)Metadata Privacy Beyond Tunneling for Instant Messaging2024 IEEE 9th European Symposium on Security and Privacy (EuroS&P)10.1109/EuroSP60621.2024.00044(697-723)Online publication date: 8-Jul-2024
https://doi.org/10.1109/EuroSP60621.2024.00044
Das DMeiser SMohammadi EKate A(2024)Divide and Funnel: A Scaling Technique for Mix-Networks2024 IEEE 37th Computer Security Foundations Symposium (CSF)10.1109/CSF61375.2024.00031(49-64)Online publication date: 8-Jul-2024
https://doi.org/10.1109/CSF61375.2024.00031
Chao DXu DGao FZhang CZhang WZhu L(2024)A Systematic Survey on Security in Anonymity Networks: Vulnerabilities, Attacks, Defenses, and FormalizationIEEE Communications Surveys & Tutorials10.1109/COMST.2024.335000626:3(1775-1829)Online publication date: Nov-2025
https://doi.org/10.1109/COMST.2024.3350006
Eskeland SBoudko S(2024)Efficient Non-interactive Anonymous CommunicationICT Systems Security and Privacy Protection10.1007/978-3-031-56326-3_8(102-116)Online publication date: 24-Apr-2024
https://doi.org/10.1007/978-3-031-56326-3_8
Zhang SZhou RWang LXu SShao W(2023)Cross-Chain Asset Transaction Method Based on Ring Signature for Identity Privacy ProtectionElectronics10.3390/electronics1224501012:24(5010)Online publication date: 14-Dec-2023
https://doi.org/10.3390/electronics12245010
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents