David Chaum, inventor of various cryptographic protocols with more than 30 years of experience in the field, has introduced a new anonymous communications project that takes on networks such as Tor, I2P, HORNET or Vuvuzela.
Chaum’s work is already used in such networks, with the Tor project’s Onion protocol being based on the Mix Network (sometimes called Mixing Network) anonymity protocols, a concept that he published back in 1979. Current anonymous communications research is also based on his work, namely on the "Untraceable Electronic Mail, Return Addresses, and Digital Pseudonyms" paper he published in 1981.
Last week at the Real World Cryptography Conference at Stanford University, Chaum presented a new paper (PDF) called “cMix: Anonymization by High-Performance Scalable Mixing,” which describes the cMix concept—an evolved Mix Network. The paper also presents PrivaTegrity, a more secure network for anonymous communications, based on the new cMix cryptographic protocol.
For the past two years, Chaum has worked with a team of academic partners at Purdue University, Radboud University in the Netherland, Birmingham University in the UK, and the Cyber Defense Lab at the University of Maryland, Baltimore County on the cMix protocol and the PrivaTegrity network project. The idea is to provide users with encrypted communications that cannot be cracked by either hackers or governments.
The new network is expected to prove more secure compared to Tor and I2P, while also being fast enough so that users won’t spot delays in their communication. According to the paper, while the Tor network is susceptible to traffic-analysis attacks because of its non-uniform message size and timing, cMix is meant to eliminate these issues and makes it impossible to link the outputs to the inputs.
The protocol avoids real-time public-key operations by senders, mix nodes, and receivers and ensures that inputs pass through a cascade of mix nodes and end up in an output buffer. The input is encrypted using the sender’s message key, which is shared with each mix node, and the sender also sets up a long-term shared key separately with each cMix node.
Simply put, each node assigns a slot for each message it can process and, after the sender encrypts the message and sends it, each node uses precomputation to assign a random value to each slot and encrypts the received data using the pre-shared key and the random value. During the reverse path, when the node needs to send the data to the receiver, each node multiplies back in the shared keys.
Most of the computational operations are performed on the server side and not on the client, which eliminates real-time public-key operations and improves performance. The paper also claims that the protocol is capable of detecting and preventing tagging attacks, and that the cMix protocol can ensure sender anonymity if any sender in the cMix network is indistinguishable from all other potential senders.
The PrivaTegrity network is also meant to establish a trust model that offers a balance of anonymity and accountability, the paper says. According to Wired, the project is currently in its infancy, with an alpha version available on Android and working as an instant-messaging app at the moment, but expected to gain file sharing capabilities in the near future.
Additionally, the PrivaTegrity network will have a built-in controlled backdoor that should allow for the privacy and anonymity of people doing things “generally recognized as evil” to be revealed. As soon as the network is set up and running, there will be nine server administrators forming a council in control of the backdoor, who will also decide who counts as “evil.”
Basically, the network will be seeking balance between law enforcement agencies’ request for access to criminals’ encrypted data and the argument that mass spying should be blocked. The nine admins would need to be in full agreement when deciding to reveal the private data of bad actors, as decryption will be possible only if all nine servers cooperate. If only eight do so, encrypted messages won’t be reconstructed.
A prototype of the network will have its servers running in Amazon’s cloud, but PrivaTegrity will eventually have all of its servers moved abroad, thus avoiding American government surveillance. These servers will be placed in countries with democratic governments, such as Switzerland, Canada and Iceland, among others.
As of late, there has been significant controversy regarding encrypted communication services, with many governments around the world asking tech companies to include backdoors in their services, claiming that the move would help in ongoing investigations. However, many feared that these backdoors would pave the way to mass surveillance, another controversial subject ever since former US intelligence contractor Edward Snowden blew the whistle on many of the US government’s mass surveillance operations.
BlackBerry said in late November that it would exit Pakistan after a spat with the local government over requsts for backdoors in its encrypted services, but announced just before year’s end that it would continue operations in the country after the government backed down on its requests. Countries such as the Netherlands, however, said that they oppose encryption backdoors .
In November, the deadly Paris attacks reignited debate on encrypted communications, as terror cells have been found to abuse them to avoid detection. However, the technology for encryption, which is meant to keep users’ communication private, is seen as a double-edged sword that can equally be used by democracy campaigners, law enforcement or violent extremists.