OrgAn: Organizational Anonymity with Low Latency

Authors: Debajyoti Das (imecCOSIC, KU Leuven, Leuven, Belgium), Easwar Vivek Mangipudi (Department of Computer Science, Purdue University, West Lafayette, USA), Aniket Kate (Department of Computer Science, Purdue University, West Lafayette, USA)

Volume: 2022
Issue: 3
Pages: 582–605
DOI: https://doi.org/10.56553/popets-2022-0087

artifact

Download PDF

Abstract: There is a growing demand for network-level anonymity for delegates at global organizations such as the UN and Red Cross. Numerous anonymous communication (AC) systems have been proposed over the last few decades to provide anonymity over the internet; however, they introduce high latency overhead, provide weaker anonymity guarantees, or are difficult to deploy at the organizational networks. Recently, the PriFi system introduced a client/relay/server model that suitably utilizes the organizational network topology and proposes a low-latency, strong-anonymity AC protocol. Using an efficient lattice-based (almost) keyhomomorphic pseudorandom function and Netwon’s power sums, we present a novel AC protocol OrgAn in this client/relay/server model that provides strong anonymity against a global adversary controlling the majority of the network. OrgAn’s cryptographic design allows it to overcome several major problems with any realistic PriFi instantiation: (a) unlike PriFi, OrgAn avoids frequent, interactive, slot-agreement protocol among the servers; (b) a PriFi relay has to receive frequent communication from the servers, which can not only become a latency bottleneck but also reveal the access pattern to the servers and increases the chance of server collusion/coercion, while OrgAn servers are absent from any real-time process. We demonstrate how to make this public-key cryptographic solution scale equally well as the symmetric-cryptographic PriFi with practical pre-computation and storage requirements. Through a prototype implementation, we show that OrgAn provides similar throughput and end-to-end latency guarantees as PriFi, while still discounting the setup challenges in PriFi.

Keywords: privacy, anonymity, protocol

Copyright in PoPETs articles are held by their authors. This article is published under a Creative Commons Attribution-NonCommercial-NoDerivs license.