Strong Anonymity for Mesh Messaging
Reviewed by Pithpith:FUJQHT4Uopen to challenge →
read the original abstract
Messaging systems built on mesh networks consisting of smartphones communicating over Bluetooth have been used by protesters around the world after governments have disrupted Internet connectivity. Unfortunately, existing systems have been shown to be insecure; most concerningly by not adequately hiding metadata. This is further complicated by the fact that wireless communication such as Bluetooth is inherently a broadcasting medium. In this paper, we present a new threat model that captures the security requirements of protesters in this setting. We then provide a solution that satisfies the required security properties, hides all relevant metadata, scales to moderately sized protests, and supports group messaging. This is achieved by broadcasting all messages in a way that limits the overhead of duplicate messages, ensuring that ciphertexts do not leak metadata, and limiting what can be learned by observing user behavior. We also build a model of our system and numerically evaluate it to support our claims and analyze how many users it supports. Finally, we discuss further extensions that remove potential bottlenecks in scaling and support substantially more users.
This paper has not been read by Pith yet.
Forward citations
Cited by 1 Pith paper
-
Cache to the Future: A Distributed Webpage Archive for Internet Blackouts
CttF is a distributed webpage archive that crowdsources static content caching via community ratings and cryptographic protections, shown in simulations to deliver content at city scale during blackouts.
discussion (0)
Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.