Abstract
The goal of anonymous whistleblowing is to publicly disclose a message while at the same time hiding the identity of the sender in a way that even if suspected of being the sender, this cannot be proven. While many solutions to this problem have been proposed over the years, they all require some form of interaction with trusted or non-colluding parties. In this work, we ask whether this is fundamentally inherent. We put forth the notion of anonymous transfer as a primitive allowing to solve this problem without relying on any participating trusted parties.
We initiate the theoretical study of this question, and derive negative and positive results on the existence of such a protocol. We refute the feasibility of asymptotically secure anonymous transfer, where the message will be received with overwhelming probability while at the same time the identity of the sender remains hidden with overwhelming probability. On the other hand, resorting to fine-grained cryptography, we provide a heuristic instantiation (assuming ideal obfuscation) which guarantees that the message will be correctly received with overwhelming probability and the identity of the sender leaks with vanishing probability. Our results provide strong foundations for the study of the possibility of anonymous communications through authenticated channels, an intriguing goal which we believe to be of fundamental interest.
T. Agrikola and S. Maier—Supported by funding from the topic Engineering Secure Systems of the Helmholtz Association (HGF) and by KASTEL Security Research Labs.
G. Couteau—Supported by ANR SCENE.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
Notes
- 1.
This follows directly from the fact that given undetectable secure computation for any function \(\textit{f}\), we can directly construct AT by computing a function that lets two potential senders insert either a bitstring for transfer or \(\bot \) and outputs one of them (i.e. the one input that is not \(\bot \)) to the receiver.
- 2.
A \(\textit{c}\)-round protocol corresponds to a synchronous model, where each message is broadcasted and the messages in each round only depend on messages from previous rounds, see [ACM21] for a formal definition.
- 3.
We slightly abuse notation but we believe the meaning to be clear.
- 4.
Since the protocol is silent-receiver, there is no message from the receiver; furthermore, assuming that the sender message is \(\textit{m}\)-bit is without loss of generality, since otherwise the protocol is trivially not anonymous.
- 5.
See [ACM21] for a definition of sEUF-CMA, IND$-CCA and ideal obfuscation.
- 6.
This is denoted in the figure by the \(\textsf{CointossS}_{( \textit{p} )}^{( \pi )}( \sigma , \overline{\sigma } )\) function, which returns \(\sigma \), i.e. the first argument, with probability \(\textit{p}\), and \(\overline{\sigma }\), i.e. the second argument, with the complementary probability \(( 1-\textit{p} )\), where the randomness for \(\textit{p}\) is extracted from the argument provided by \(\pi \).
- 7.
Secrecy is an additional property we require for Strong AT. Secrecy means that no third party can extract the transferred bit from the transcript (see the full version [ACM21] for the formal definition). This property will be relevant for applications that use AT as a building block.
- 8.
This is in contrast to the Hellinger-distance \(\textsf{H}\) which yields tighter bounds but where the amount of information from a single query really depends on the oracle \(\textsf{O}_{\chi }\) which is queried. This makes it harder to provide meaningful bounds for adversaries querying different oracles with their \(\textit{t}\) samples.
References
Agrikola, T., Couteau, G., Maier, S.: Anonymous whistleblowing over authenticated channels. Cryptology ePrint Archive, Report 2021/1341 (2021). https://eprint.iacr.org/2021/1341
Abraham, I., Pinkas, B., Yanai, A.: Blinder - scalable, robust anonymous committed broadcast. In: Ligatti, J., Ou, X., Katz, J., Vigna, G., (eds.) ACM CCS 2020, pp. 1233–1252. ACM Press, Nov 2020
Burrough, B., Ellison, E., Andrews, S.: The snowden saga: a shadowland of secrets and light. Vanity Fair 23 (2014)
Berret, C.: Guide to securedrop (2016)
Biham, E., Goren, Y.J., Ishai, Y.: Basing weak public-key cryptography on strong one-way functions. In: Canetti, R. (ed.) TCC 2008. LNCS, vol. 4948, pp. 55–72. Springer, Heidelberg (2008)
Corrigan-Gibbs, H., Boneh, D., Mazières, D.: Riposte: an anonymous messaging system handling millions of users. In: 2015 IEEE Symposium on Security and Privacy, pp. 321–338. IEEE Computer Society Press, May 2015
Chan, S., Diakonikolas, I., Valiant, P., Valiant, G.: Optimal algorithms for testing closeness of discrete distributions. In: 25th SODA, pp. 1193–1203 (2014)
Cohn-Gordon, K., Cremers, C., Dowling, B., Garratt, L., Stebila, D.: A formal security analysis of the signal messaging protocol. J. Cryptol. 33(4), 1914–1983 (2020)
Chandran, N., Goyal, V., Ostrovsky, R., Sahai, A.: Covert multi-party computation. In: 48th FOCS, pp. 238–248. IEEE Computer Society Press, Oct 2007
Chaum, D.: Untraceable electronic mail, return addresses and digital pseudonyms. In: Gritzalis, D., (ed.) Secure Electronic Voting, vol. 7. Advances in Information Security, pp. 211–219. Springer, (2003). https://doi.org/10.1007/978-1-4615-0239-5_14
Chaum, D.: The dining cryptographers problem: Unconditional sender and recipient untraceability. J. Cryptol. 1(1), 65–75 (1988)
Canetti, R., Lin, H., Tessaro, S., Vaikuntanathan, V.: Obfuscation of probabilistic circuits and applications. In: Dodis, Y., Nielsen, J.B. (eds.) TCC 2015. Part II, volume 9015 of LNCS, pp. 468–497. Springer, Heidelberg (2015)
Dingledine, R., Mathewson, N., Syverson, P.F.: Tor: the second-generation onion router. In: Blaze, M., (ed.) USENIX Security 2004, pp. 303–320. USENIX Association, Aug 2004
Degwekar, A., Vaikuntanathan, V., Vasudevan, P.N.: Finegrained cryptography. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016. Part III, volume 9816 of LNCS, pp. 533–562. Springer, Heidelberg (2016)
Eskandarian, S., Corrigan-Gibbs, H., Zaharia, M., Boneh, D.: Express: lowering the cost of metadata-hiding communication with cryptographic privacy. In Bailey, M., Greenstadt, R., (eds.) USENIX Security 2021, pp. 1775–1792. USENIX Association, Aug 2021
Hopper, N.J., Langford, J., von Ahn, L.: Provably secure steganography. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 77–92. Springer, Heidelberg (2002)
Impagliazzo, R.: A personal view of average-case complexity. In: . Tenth Annual IEEE Conference on Proceedings of Structure in Complexity Theory, pp. 134–147. IEEE (1995)
Jain, A., Lin, H., Luo, J., Wichs, D.: The pseudorandom oracle model and ideal obfuscation. Cryptology ePrint Archive, Report 2022/1204 (2022). https://eprint.iacr.org/2022/1204
Merkle, R.C.: Secure communications over insecure channels. Commun. ACM 21(4), 294–299 (1978)
Newman, Z., Servan-Schreiber, S., Devadas, S.: Spectrum: high-bandwidth anonymous broadcast with malicious security. Cryptology ePrint Archive, Report 2021/325 (2021). https://eprint.iacr.org/2021/325
Philipps, D.: Reality winner, former nsa translator, gets more than 5 years in leak of russian hacking report. New York Times, 23 (2018)
Rogaway, P.: Nonce-based symmetric encryption. In: Roy, B.K., Meier, W. (eds.) FSE 2004. LNCS, vol. 3017, pp. 348–359. Springer, Heidelberg (2004)
von Ahn, L., Hopper, N.J.: Public-key steganography. In: Cachin, C., Camenisch, J. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 323–341. Springer, Heidelberg (2004)
von Ahn, L., Hopper, N.J., Langford, J.: Covert two-party computation. In Gabow, H.N., Fagin, R., (eds.) 37th ACM STOC, pp. 513–522. ACM Press, May 2005
Whistleblowing (2008). https://legal-dictionary.thefreedictionary.com/ Whistleblowing. Accessed: 2021-09-29 from West’s Encyclopedia of American Law, edition 2
Acknowledgements
We thank Rafael Pass for insightful comments and contributions to early stages of this work.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Agrikola, T., Couteau, G., Maier, S. (2022). Anonymous Whistleblowing over Authenticated Channels. In: Kiltz, E., Vaikuntanathan, V. (eds) Theory of Cryptography. TCC 2022. Lecture Notes in Computer Science, vol 13748. Springer, Cham. https://doi.org/10.1007/978-3-031-22365-5_24
Download citation
DOI: https://doi.org/10.1007/978-3-031-22365-5_24
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-22364-8
Online ISBN: 978-3-031-22365-5
eBook Packages: Computer ScienceComputer Science (R0)