Abstract
Sometimes entities have to prove to others that they are still alive at a certain point in time, but with the added requirements of anonymity and plausible deniability; examples for this are whistleblowers or persons in dangerous situations. We propose a system to achieve this via hash chains and publishing liveness signals on Tor onion services. Even if one participant is discovered and (made to) cooperate, others still enjoy plausible deniability. To support arbitrary numbers of provers on a potentially limited list of online storage services, an additional “key” distinguishes multiple provers. This key should neither be static nor predictable to third parties, and provide forward secrecy. We propose both a derivation from user-memorable passwords and an initial pairing step to transfer unique key material between prover and verifier. In addition to describing the protocol, we provide an open source App implementation and evaluate its performance.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
In this paper we use the term “whistleblower” as a placeholder for any person — or potentially some process — who may be in possession of confidential material, publicly, politically, militarily, or legally exposed for any reason, or otherwise threatened in relation to them potentially releasing such information to the public. There are too many threat scenarios to list exhaustively, which is why we use the commonly known term whistleblower when implying the general threat model and, synonymously, the term “prover” when implying the protocol aspects without loss of generality.
- 2.
Should this trust be misplaced, deniability gets very important — only the statement/data of that person should be available to attackers, but no other evidence.
- 3.
Available online at https://securedrop.org/.
- 4.
We currently rely on standard, non-random-oracle hash functions for building the hash chains of location keys and signals, and therefore do not aim for proofs under the random oracle model for properties of these chains.
- 5.
This combination of requirements on the storage server make it act as a random oracle with time-outs or, in another interpretation, a series of random oracles defined by overlapping epochs. Such a random oracle service might be helpful for other cryptographic protocols whose security properties depend on a random oracle instead of standard hash functions for some building blocks. By re-using our proposed storage service for such other purposes, plausible deniability in communicating with this service could be significantly improved.
- 6.
So two public key decoys are needed, for which the prover must initiate onion creation too, and the verifier needs an arbitrary fake private key.
References
Muffett, A.: On behalf of @Twitter, I am delighted to announce their new @TorProject onion service. https://twitter.com/AlecMuffett/status/1501282223009542151
Brooks, J.: Ricochet. https://ricochet.im/
Celi, S., Symeonidis, I.: The current state of denial. In: Privacy Enhancing Technologies Symposium (2020). https://petsymposium.org/2020/files/hotpets/The_current_state_of_denial.pdf
Corrigan-Gibbs, H., Ford, B.: Dissent: accountable anonymous group messaging. In: Proceedings of the 17th ACM Conference on Computer and Communications Security, pp. 340–350. CCS 2010. Association for Computing Machinery, New York (2010). https://doi.org/10.1145/1866307.1866346
Dingledine, R.: Next generation tor onion services. DEF CON 25 (2017)
Goldschlag, D., Reed, M., Syverson, P.: Onion routing. Commun. ACM 42(2), 39–41 (1999)
Guardian, T.: The Guardian SecureDrop. https://www.theguardian.com/securedrop
Gunn, L.J., Parra, R.V., Asokan, N.: Circumventing cryptographic deniability with remote attestation. In: Proceedings on Privacy Enhancing Technologies 2019(3), 350–369 (2019). https://doi.org/10.2478/popets-2019-0051
Höller, T., Raab, T., Roland, M., Mayrhofer, R.: On the feasibility of short-lived dynamic onion services. In: 2021 IEEE Security and Privacy Workshops (SPW), pp. 25–30. IEEE (May 2021). https://doi.org/10.1109/SPW53761.2021.0001
Höller, T., Roland, M., Mayrhofer, R.: On the state of V3 onion services. In: Proceedings of the ACM SIGCOMM 2021 Workshop on Free and Open Communications on the Internet (FOCI 2021), pp. 50–56. ACM (Aug 2021). https://doi.org/10.1145/3473604.3474565
Kadianakis, G.: Onion-location. https://gitweb.torproject.org/tor-browser-spec.git/tree/proposals/100-onion-location-header.txt
Kokoris-Kogias, E., Alp, E.C., Gasser, L., Jovanovic, P., Syta, E., Ford, B.: Calypso: private data management for decentralized ledgers. Cryptology ePrint Archive, Report 2018/209 (2018). https://ia.cr/2018/209
Kumagai, J.: The whistle-blower’s dilemma. IEEE Spectrum (2004). https://spectrum.ieee.org/the-whistleblowers-dilemma
Kwon, A., AlSabah, M., Lazar, D., Dacier, M., Devadas, S.: Circuit fingerprinting attacks: Passive deanonymization of tor hidden services. In: 24th USENIX Security Symposium (USENIX Security 2015), pp. 287–302. USENIX Association, Washington (Aug 2015), https://www.usenix.org/conference/usenixsecurity15/technical-sessions/presentation/kwon
Marlinspike, M.: The double ratchet algorithm. https://signal.org/docs/specifications/doubleratchet/
Nasr, M., Bahramali, A., Houmansadr, A.: DeepCorr: strong flow correlation attacks on tor using deep learning. In: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security. ACM (Jan 2018). https://doi.org/10.1145/3243734.3243824
Open Privacy Research Society: cwtch. https://cwtch.im/
Rivest, R.L., Shamir, A., Wagner, D.A.: Time-lock puzzles and timed-release crypto. Tech. rep. (1996)
Sayrafi, M.: Introducing the cloudflare onion service. https://blog.cloudflare.com/cloudflare-onion-service/ (Sep 2018)
Snowden, E.: Permanent Record. Pan Macmillan (Sept 2019)
Sonntag, M.: Anonymous proof of liveness. In: Proceedings of IDIMT-2021. Trauner Verlag (2021)
Swartz, A.: Securedrop. https://github.com/freedomofpress/securedrop
Syta, E., Peterson, B., Wolinsky, D.I., Fischer, M., Ford, B.: Deniable anonymous group authentication. Tech. Rep. YALEU/DCS/TR-1486, Yale University (February 2014)
Tate, J.: Bradley Manning sentenced to 35 years in WikiLeaks case. Washington Post, online archived at. https://web.archive.org/web/20130825043050/http://articles.washingtonpost.com/2013-08-21/world/41431547_1_bradley-manning-david-coombs-pretrial-confinement (Aug 2013)
The Tor Project: Tor Rendezvous Specification - Version 3. https://github.com/torproject/torspec/blob/master/rend-spec-v3.txt
Tor Project, I.: The Tor project. https://www.torproject.org/ (2021)
Hoffman, W.: Facebook’s Dark Web. Onion Site Reaches 1 Million Monthly Tor Users. https://www.inverse.com/article/14672-facebook-s-dark-web-onion-site-reaches-1-million-monthly-tor-users
Acknowledgments
This work has been carried out within the scope of Digidow, the Christian Doppler Laboratory for Private Digital Authentication in the Physical World. We gratefully acknowledge financial support by the Austrian Federal Ministry for Digital and Economic Affairs, the National Foundation for Research, Technology and Development and the Christian Doppler Research Association, 3 Banken IT GmbH, ekey biometric systems GmbH, Kepler Universitätsklinikum GmbH, NXP Semiconductors Austria GmbH, and Österreichische Staatsdruckerei GmbH.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Sonntag, M., Mayrhofer, R., Rass, S. (2023). Anonymously Publishing Liveness Signals with Plausible Deniability. In: Delir Haghighi, P., Khalil, I., Kotsis, G., ER, N.A.S. (eds) Advances in Mobile Computing and Multimedia Intelligence. MoMM 2023. Lecture Notes in Computer Science, vol 14417. Springer, Cham. https://doi.org/10.1007/978-3-031-48348-6_1
Download citation
DOI: https://doi.org/10.1007/978-3-031-48348-6_1
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-48347-9
Online ISBN: 978-3-031-48348-6
eBook Packages: Computer ScienceComputer Science (R0)