Paper 2021/670

AOT: Anonymization by Oblivious Transfer

Farid Javani and Alan T. Sherman


We introduce AOT, an anonymous communication system based on mix network architecture that uses oblivious transfer (OT) to deliver messages. Using OT to deliver messages helps AOT resist blending (n−1) attacks and helps AOT preserve receiver anonymity, even if a covert adversary controls all nodes in AOT. AOT comprises three levels of nodes, where nodes at each level perform a different function and can scale horizontally. The sender encrypts their payload and a tag, derived from a secret shared between the sender and receiver, with the public key of a Level-2 node and sends them to a Level-1 node. On a public bulletin board, Level-3 nodes publish tags associated with messages ready to be retrieved. Each receiver checks the bulletin board, identifies tags, and receives the associated messages using OT. A receiver can receive their messages even if the receiver is offline when messages are ready. Through what we call a "handshake" process, communicants can use the AOT protocol to establish shared secrets anonymously. Users play an active role in contributing to the unlinkability of messages: periodically, users initiate requests to AOT to receive dummy messages, such that an adversary cannot distinguish real and dummy requests.

Available format(s)
Cryptographic protocols
Publication info
Preprint. MINOR revision.
Anonymous communicationanonymous secret sharingblending attackmixnetsoblivious transfer
Contact author(s)
javani1 @ umbc edu
sherman @ umbc edu
2021-05-25: received
Short URL
Creative Commons Attribution


      author = {Farid Javani and Alan T.  Sherman},
      title = {{AOT}: Anonymization by Oblivious Transfer},
      howpublished = {Cryptology ePrint Archive, Paper 2021/670},
      year = {2021},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.