Paper 2022/1139

Formal Security Definition of Metadata-Private Messaging

Shengtong Zhang, Anysphere, Inc.
Arvid Lunnemark, Anysphere, Inc.
Sualeh Asif, Anysphere, Inc.
Abstract

We present a novel, complete definition of metadata-private messaging (MPM) and show that our definition is achievable and non-trivially more general than previous attempts that we are aware of. Our main contributions are: 1) We describe a vulnerability in existing MPM implementations through a variation of the compromised-friend (CF) attack proposed by Angel et al. Our attack can compromise the exact metadata of any conversations between honest users. 2) We present a security definition for MPM systems assuming that some friends may be compromised. 3) We present a protocol satisfying our security definition based on Anysphere, an MPM system we deployed in practice.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Preprint.
Keywords
private information retrieval metadata-private messaging security proof
Contact author(s)
stzh1555 @ anysphere co
arvid @ anysphere co
sualeh @ anysphere co
History
2022-09-05: approved
2022-08-31: received
See all versions
Short URL
https://ia.cr/2022/1139
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2022/1139,
      author = {Shengtong Zhang and Arvid Lunnemark and Sualeh Asif},
      title = {Formal Security Definition of Metadata-Private Messaging},
      howpublished = {Cryptology ePrint Archive, Paper 2022/1139},
      year = {2022},
      note = {\url{https://eprint.iacr.org/2022/1139}},
      url = {https://eprint.iacr.org/2022/1139}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.