Paper 2017/191
CoverUp: Privacy Through "Forced" Participation in Anonymous Communication Networks
David Sommer, Aritra Dhar, Luka Malisa, Esfandiar Mohammadi, Daniel Ronzani, and Srdjan Capkun
Abstract
The privacy guarantees of anonymous communication networks (ACNs) are bounded by the number of participants. As a consequence, an ACN can only achieve strong privacy guarantees if it succeeds in attracting a large number of active users. Vice versa, weak privacy guarantees renders an ACN unattractive, leading to a low number of users. In this work, we show how to break this vicious circle. We develop CoverUp, a system that "forces" visitors of highly accessed websites to become involuntary participants of an ACN. CoverUp leverages basic browser functionality to execute server-served JavaScript code and to open remote connections to connect all website visitors to an ACN (which we instantiate by a mix server). We build two applications on top of CoverUp: an anonymous feed and a chat. We show that both achieve practical performance and strong privacy guarantees. Towards a network-level attacker, CoverUp makes voluntary and involuntary participants indistinguishable, thereby providing an anonymity set that includes all voluntary and involuntary participants (i.e., all website visitors). Given this, CoverUp provides even more than mere anonymity: the voluntary participants can hide the very intention to use the ACN. As the concept of forced participation raises ethical and legal concerns, we discuss these concerns and describe how these can be addressed.
Metadata
- Available format(s)
- Publication info
- Preprint. MINOR revision.
- Keywords
- anonymous communicationprivacy enhancing technologies
- Contact author(s)
- mohammadi @ inf ethz ch
- History
- 2017-02-28: received
- Short URL
- https://ia.cr/2017/191
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2017/191, author = {David Sommer and Aritra Dhar and Luka Malisa and Esfandiar Mohammadi and Daniel Ronzani and Srdjan Capkun}, title = {{CoverUp}: Privacy Through "Forced" Participation in Anonymous Communication Networks}, howpublished = {Cryptology {ePrint} Archive, Paper 2017/191}, year = {2017}, url = {https://eprint.iacr.org/2017/191} }