Visible to the public What's a Little Leakage Between Friends?

TitleWhat's a Little Leakage Between Friends?
Publication TypeConference Paper
Year of Publication2018
AuthorsAngel, Sebastian, Lazar, David, Tzialla, Ioanna
Conference NameProceedings of the 2018 Workshop on Privacy in the Electronic Society
PublisherACM
Conference LocationNew York, NY, USA
ISBN Number978-1-4503-5989-4
Keywordsanonymous messaging, disclosure attack, metadata-private messaging systems, pubcrawl, resilience, Resiliency, Scalability
Abstract

This paper introduces a new attack on recent messaging systems that protect communication metadata. The main observation is that if an adversary manages to compromise a user's friend, it can use this compromised friend to learn information about the user's other ongoing conversations. Specifically, the adversary learns whether a user is sending other messages or not, which opens the door to existing intersection and disclosure attacks. To formalize this compromised friend attack, we present an abstract scenario called the exclusive call center problem that captures the attack's root cause, and demonstrates that it is independent of the particular design or implementation of existing metadata-private messaging systems. We then introduce a new primitive called a private answering machine that can prevent the attack. Unfortunately, building a secure and efficient instance of this primitive under only computational hardness assumptions does not appear possible. Instead, we give a construction under the assumption that users can place a bound on their maximum number of friends and are okay leaking this information.

URLhttps://dl.acm.org/citation.cfm?doid=3267323.3268958
DOI10.1145/3267323.3268958
Citation KeyangelWhatLittleLeakage2018