Paper 2017/888

An asynchronous provably-secure protocol for hidden services

Philippe Camacho and Fernando Krell

Abstract

The client-server architecture is one of the most widely used in Internet for its simplicity and flexibility. In practice the server is assigned a public address so that its services can be consumed.This makes the server vulnerable to a number of attacks such as Distributed Denial of Service (DDoS), censorship from authoritarian governments or exploitation of software vulnerabilities. In this work we propose an asynchronous protocol for allowing a client to issue requests to a server without leaking any information about the location of the server. In addition, our solution reveals limited information about the network topology, leaking the distance from the client to the corrupted participants. We also provide a simulation-based security definition capturing the requirement described above. Our protocol is secure in the semi-honest model against any number of colluding participants. Moreover our solution is efficient as it requires $O(N \cdot |M|)$ bits per client-server interaction where $N$ is the number of participants and $|M|$ is the number of bits of the message. To the best of our knowledge our solution is the first asynchronous protocol that provides strong security guarantees.