Riposte: An Anonymous Messaging System Handling Millions of Users

@article{CorriganGibbs2015RiposteAA,
  title={Riposte: An Anonymous Messaging System Handling Millions of Users},
  author={Henry Corrigan-Gibbs and Dan Boneh and David Mazi{\`e}res},
  journal={2015 IEEE Symposium on Security and Privacy},
  year={2015},
  pages={321-338}
}
This paper presents Riposte, a new system for anonymous broadcast messaging. Riposte is the first such system, to our knowledge, that simultaneously protects against traffic-analysis attacks, prevents anonymous denial-of-service by malicious clients, and scales to million-user anonymity sets. To achieve these properties, Riposte makes novel use of techniques used in systems for private information retrieval and secure multi-party computation. For latency-tolerant workloads with many more… 
View on IEEE
arxiv.org
170 Citations
Highly Influential Citations
22
Background Citations
93
Methods Citations
39
Results Citations
6

Figures from this paper

170 Citations

Citation Type

Citation Type

Metadata-Conscious Anonymous Messaging
TLDR
This work proves that the performance of a message propagation protocol called adaptive diffusion achieves asymptotically optimal source-hiding and significantly outperforms standard diffusion and demonstrates empirically that adaptive diffusion hides the source effectively on real social graphs.
Two Cents for Strong Anonymity: The Anonymous Post-office Protocol
TLDR
The Anonymous Post-Office Protocol is introduced, a practical strongly-anonymous messaging system that offers strong anonymity against strong, globally-eavesdropping adversaries, that may also control multiple servers, including all-but-one servers in a mix-cascade.
Stadium: A Distributed Metadata-Private Messaging System
TLDR
Stadium is presented, a point-to-point messaging system that provides metadata and data privacy while scaling its work efficiently across hundreds of low-cost providers operated by different organizations and achieves its provable guarantees through differential privacy and the addition of noisy cover traffic.
Atom: Horizontally Scaling Strong Anonymity
TLDR
It is shown that, on a heterogeneous network of 1,024 servers, Atom can transit a million Tweet-length messages in 28 minutes, over 23x faster than prior systems with similar privacy guarantees.
Atom: Scalable Anonymity Resistant to Traffic Analysis
TLDR
Evaluating Atom on a distributed network of 1,024 dual-core servers is evaluated and it is demonstrated that the system can anonymize more than a million Tweet-length messages with less than 30 minutes of latency.
MCMix: Anonymous Messaging via Secure Multiparty Computation
TLDR
MCMix is presented, an anonymous messaging system that completely hides communication metadata and can scale in the order of hundreds of thousands of users, illustrating how MPC is a viable and competitive alternative to mix-nets and DC-nets for anonymous communication.
PriFi: A Low-Latency Local-Area Anonymous Communication Network
TLDR
PriFi is presented, the first practical protocol for anonymous communication in local-area networks that is provably secure against traffic-analysis attacks, has a low communication latency, and is traffic agnostic, and can be used in practice with minimal latency overhead.
PriFi: Low-Latency Anonymity for Organizational Networks
TLDR
PriFi is presented, an anonymous communication protocol for LANs, which protects users against eavesdroppers and provides high-performance traffic-analysis resistance, and solves the challenge of equivocation attacks by encrypting traffic based on communication history.
Riffle: An Efficient Communication System With Strong Anonymity
TLDR
Riffle consists of a small set of anonymity servers and a large number of users, and guarantees anonymity among all honest clients as long as there exists at least one honest server, a bandwidth and computation efficient communication system with strong anonymity.
XRD: Scalable Messaging System with Cryptographic Privacy
TLDR
XRD is presented, a metadata private messaging system that provides cryptographic privacy, while scaling easily to support more users by adding more servers, and uses a novel technique the authors call aggregate hybrid shuffle.
...
1
2
3
4
5
...

References

SHOWING 1-10 OF 140 REFERENCES
Herbivore: A Scalable and Efficient Protocol for Anonymous Communication
TLDR
Herbivore is described, a peer-to-peer, scalable, tamper-resilient communication system that provides provable anonymity and privacy and simultaneously provides high efficiency and scalability, distinguishing it from other anonymous communication protocols.
Crowds: anonymity for Web transactions
TLDR
The design, implementation, security, performance, and scalability of the Crowds system for protecting users' anonymity on the world-wide-web are described and degrees of anonymity as an important tool for describing and proving anonymity properties are introduced.
Low-cost traffic analysis of Tor
TLDR
New traffic-analysis techniques are presented that allow adversaries with only a partial view of the network to infer which nodes are being used to relay the anonymous streams and therefore greatly reduce the anonymity provided by Tor, and it is shown that otherwise unrelated streams can be linked back to the same initiator.
Mixminion: design of a type III anonymous remailer protocol
TLDR
Mixminion works in a real-world Internet environment, requires little synchronization or coordination between nodes, and protects against known anonymity-breaking attacks as well as or better than other systems with similar design parameters.
Dissent: accountable anonymous group messaging
TLDR
The protocol preserves message integrity and one-to-one correspondence between members and messages, makes denial-of-service attacks by members traceable to the culprit, and efficiently handles large, unbalanced message loads.
Tor: The Second-Generation Onion Router
TLDR
This second-generation Onion Routing system addresses limitations in the original design by adding perfect forward secrecy, congestion control, directory servers, integrity checking, configurable exit policies, and a practical design for location-hidden services via rendezvous points.
Dissent in Numbers: Making Strong Anonymity Scale
TLDR
Novel techniques are developed in Dissent, a practical group anonymity system, to increase by over two orders of magnitude the scalability of strong, traffic analysis resistant approaches.
Limits of Anonymity in Open Environments
TLDR
This paper presents a model where one can determine the protection limit of an anonymity technique, i.e. the number of observations required for an attacker to "break" uniquely a given anonymity technique.
Proactively Accountable Anonymous Messaging in Verdict
TLDR
Verdict is presented, the first practical anonymous group communication system built using proactively verifiable DC-nets: participants use public-key cryptography to construct DC-net ciphertexts, and use zero-knowledge proofs of knowledge to detect and exclude misbehavior before disruption.
Tarzan: a peer-to-peer anonymizing network layer
TLDR
Measurements show that Tarzan imposes minimal overhead over a corresponding non-anonymous overlay route, and Protocols toward unbiased peer-selection offer new directions for distributing trust among untrusted entities.
...
1
2
3
4
5
...