Researchers at Cornell University have developed a mechanism for preserving anonymity in encrypted messaging – which conceals message content but might not cloak the sender’s identity – while simultaneously blocking unwanted or abusive messages.

Figure 1: New mechanism for preserving anonymity in encrypted messaging.

Figure 1 shows thatSignal, WhatsApp and Facebook Messenger rely on end-to-end encrypted (E2EE) messaging to preserve the confidentiality of the message, but user anonymity is not guaranteed. Signal recently introduced an anonymity-preserving feature, but it has been found to be susceptible to attack. [1]

While E2EE messaging provides strong confidentiality of the messages being sent, the platform can learn the identities of both the sender and recipient of every message sent over the network. Signal, a messaging app released in 2014 which now boasts more than 40 million users, has recently introduced a “sealed sender” protocol that ensures the sender’s identity is never revealed to the platform.

This highlights a key tension in sender-anonymous systems: sender anonymity, while mitigating potentially abusive messages. E2E encryption by itself makes certain types of abuse mitigation more challenging, and sender anonymity only complicates those efforts. One example of abuse mitigation that is complicated by sender anonymity is block listing. [2]

With Orca, message recipients would register an anonymized blocklist with the platform. Senders construct messages that can be verified by the platform as being attributable to someone not on the blocklist.

Verification is achieved through group signatures, which allow users to sign messages anonymously on behalf of a group. The platform registers individual users, and the group's opening authority—the recipient—can trace the identity of each individual user.

If the sender is on the blocklist, or if the message is malformed, the platform rejects the message. But if the message is delivered, the recipient is guaranteed to be able to identify the sender.

Orca takes this efficiency one step further: Instead of creating and verifying a group signature for every message sent, the group signature will only be used periodically to mint new batches of one-time-use sender tokens from the platform.

Messages can be sent by including a valid token for a recipient; these tokens, or access keys, are much more efficient for the platform to verify and require only a check against a list of used or blocked tokens.Tyagi said this type of safeguard could be useful in a number of scenarios. [3]

References:

1. https://www.newswise.com/articles/new-mechanism-protects-privacy-safety-in-encrypted-messaging?ta=home
2. https://news.cornell.edu/stories/2022/09/protecting-privacy-and-safety-encrypted-messaging
3. https://techxplore.com/news/2022-09-method-privacy-safety-encrypted-messaging.html

Cite this article:

Sri Vasagi K (2022), New Mechanism for Preserving Anonymity in Encrypted Messaging, Anatechmaz, pp.175