Christoph Coijanovic & Daniel Schadt

Privacy is essential to society and social progress. Especially in online communication, where messages can be intercepted by other actors along the way, anonymous communication is important to protect freedom of speech and to prevent people from being profiled. Even if encryption ensures the confidentiality of the message text, the metadata — information such as “with whom is someone communicating”, “how often is someone communicating” or “when is someone communicating” — can still be used to infer private information.

Our research concerns anonymous communication networks both from a formal point of view (which privacy guarantees can we prove) and from a practical point of view (how efficient is our network).

Use Case

Enable more applications (group chats, voice calls, collaborative editing) to be run on anonymous communication networks. Such applications have strict requirements on the acceptable bandwidth usage or latency overhead before they become too inefficient, and can therefore benefit from networks that were designed specifically for these use cases.

Explore new forms of anonymous networks, such as for anycast messaging or group communication. Communication can take many forms — one-to-one direct messaging, group messaging, broadcasting, anycasting, publish/subscribe, … Tying in with the previous point, we explore different communication patterns to formalise their privacy goals, and design systems to meet these goals efficiently.

Analyse and improve existing systems and formats (e.g. Tor, Sphinx, Signal). Many anonymous communication systems already exist, both in practice (e.g. Tor, I2P, Nym) and in research (e.g. Loopix, Vuvuzela, Atom). We can try to optimise and adapt them for specific use cases, while maintaining their existing performance privacy guarantees.

Methods

Formalise privacy goals through indistinguishability games. Formal goals allow us to precisely specify the guarantees that a system gives us. We therefore use techniques from theoretical cryptography to provide formal definitions of privacy for the systems we design.

Use powerful cryptographic primitives to implement functionality privately. There are many cryptographic primitives that go beyond simply encrypting and decrypting data. For example, Identity-Based Encryption allows keys to be derived from identities, and Private Information Retrieval allows a client to retrieve data from a server without revealing the location of the data. We can use these primitives (and more) to design novel anonymous communication networks.

Implement and measure prototypes of new protocols. We evaluate our protocols for various practical aspects, such as the needed computational effort to process messages, the bandwidth overhead for clients and servers, or the latency that is added to messages. We do so by implementing prototype applications for the protocols we design and measuring their performance.

Future

Improve and extend existing anonymous communication networks. By studying the shortcomings of current systems, we can aim to improve them, thereby increasing the performance or privacy guarantees.

Efficient group communication. Group communication plays a major role in the use of messaging applications today. As such, group communication (and by extension, group voice calls) is an explicit goal of our research.

Privacy-preserving communication bootstrapping and group management. In addition to the communication itself, methods for privately organising communication systems need to be developed. This includes private methods for finding and adding new friends, exchanging key material, or managing members of a group.