Paper 2021/1514

Clarion: Anonymous Communication from Multiparty Shuffling Protocols

Saba Eskandarian, UNC Chapel Hill
Dan Boneh, Stanford University

This paper studies the role of multiparty shuffling protocols in enabling more efficient metadata-hiding communication. We show that the process of shuffling messages can be expedited by having servers collaboratively shuffle and verify secret-shares of messages instead of using a conventional mixnet approach where servers take turns performing independent verifiable shuffles of user messages. We apply this technique to achieve both practical and asymptotic improvements in anonymous broadcast and messaging systems. We first show how to build a three server anonymous broadcast scheme, secure against one malicious server, that relies only on symmetric cryptography. Next, we adapt our three server broadcast scheme to a $k$-server scheme secure against $k-1$ malicious servers, at the cost of a more expensive per-shuffle preprocessing phase. Finally, we show how our scheme can be used to significantly improve the performance of the MCMix anonymous messaging system. We implement our shuffling protocol in a system called Clarion and find that it outperforms a mixnet made up of a sequence of verifiable (single-server) shuffles by $9.2\times$ for broadcasting small messages and outperforms the MCMix conversation protocol by $11.8\times$.

Available format(s)
Cryptographic protocols
Publication info
Published elsewhere. NDSS 2022
anonymous communicationmetadata-hiding communication
Contact author(s)
saba @ cs unc edu
2023-02-13: last of 2 revisions
2021-11-20: received
See all versions
Short URL
Creative Commons Attribution


      author = {Saba Eskandarian and Dan Boneh},
      title = {Clarion: Anonymous Communication from Multiparty Shuffling Protocols},
      howpublished = {Cryptology ePrint Archive, Paper 2021/1514},
      year = {2021},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.