AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |
Back to Blog
![]() For one, providers may still easily record communication metadata. And while confidentiality of communication content may easily be achieved by end-to-end encryption, metadata is far more challenging to protect. However, such services also raise privacy concerns, like a (de-)centralized provider collecting communication content and metadata on a large scale. Due to their IP-based design, they are able to support a wide variety of applications, including text-based chats, file transfer and voice calls. Instant messaging services like Signal and WhatsApp have become a ubiquitous utility for human-to-human communications. A first prototype of Hydra is published as open source. Using a dataset generated by performing latency measurements in the Tor network, we further show that Hydra is able to support anonymous voice calls with acceptable quality of service in real scenarios. Compared to other systems for text-based messaging, Hydra is able to decrease end-to-end latencies by an order of magnitude without degrading anonymity. ![]() We evaluate Hydra using an analytical model as well as call simulations. Furthermore, circuits can be upgraded to support voice calls, real-time chat sessions, and file transfers-with slightly reduced anonymity in presence of global observers. This allows to implement strong metadata security for contact discovery and text-based messages with relatively low latency. Main idea is to use latency-aware, padded, and onion-encrypted circuits even for connectionless applications. We propose Hydra, an anonymity system that is able to efficiently provide metadata security for a wide variety of applications. There are numerous proposals to implement anonymous communications, yet none provides it in a strong (but feasible) threat model in an efficient way. Protecting communications’ metadata can be as important as protecting their content, i.e., recognizing someone contacting a medical service may already allow to infer sensitive information.
0 Comments
Read More
Leave a Reply. |