Skip to main content
SpringerLink
Log in

Anonymously Publishing Liveness Signals with Plausible Deniability

  • Conference paper
  • First Online:
Advances in Mobile Computing and Multimedia Intelligence (MoMM 2023)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 14417))

  • 137 Accesses

Abstract

Sometimes entities have to prove to others that they are still alive at a certain point in time, but with the added requirements of anonymity and plausible deniability; examples for this are whistleblowers or persons in dangerous situations. We propose a system to achieve this via hash chains and publishing liveness signals on Tor onion services. Even if one participant is discovered and (made to) cooperate, others still enjoy plausible deniability. To support arbitrary numbers of provers on a potentially limited list of online storage services, an additional “key” distinguishes multiple provers. This key should neither be static nor predictable to third parties, and provide forward secrecy. We propose both a derivation from user-memorable passwords and an initial pairing step to transfer unique key material between prover and verifier. In addition to describing the protocol, we provide an open source App implementation and evaluate its performance.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    In this paper we use the term “whistleblower” as a placeholder for any person — or potentially some process — who may be in possession of confidential material, publicly, politically, militarily, or legally exposed for any reason, or otherwise threatened in relation to them potentially releasing such information to the public. There are too many threat scenarios to list exhaustively, which is why we use the commonly known term whistleblower when implying the general threat model and, synonymously, the term “prover” when implying the protocol aspects without loss of generality.

  2. 2.

    Should this trust be misplaced, deniability gets very important — only the statement/data of that person should be available to attackers, but no other evidence.

  3. 3.

    Available online at https://securedrop.org/.

  4. 4.

    We currently rely on standard, non-random-oracle hash functions for building the hash chains of location keys and signals, and therefore do not aim for proofs under the random oracle model for properties of these chains.

  5. 5.

    This combination of requirements on the storage server make it act as a random oracle with time-outs or, in another interpretation, a series of random oracles defined by overlapping epochs. Such a random oracle service might be helpful for other cryptographic protocols whose security properties depend on a random oracle instead of standard hash functions for some building blocks. By re-using our proposed storage service for such other purposes, plausible deniability in communicating with this service could be significantly improved.

  6. 6.

    So two public key decoys are needed, for which the prover must initiate onion creation too, and the verifier needs an arbitrary fake private key.

References

  1. Muffett, A.: On behalf of @Twitter, I am delighted to announce their new @TorProject onion service. https://twitter.com/AlecMuffett/status/1501282223009542151

  2. Brooks, J.: Ricochet. https://ricochet.im/

  3. Celi, S., Symeonidis, I.: The current state of denial. In: Privacy Enhancing Technologies Symposium (2020). https://petsymposium.org/2020/files/hotpets/The_current_state_of_denial.pdf

  4. Corrigan-Gibbs, H., Ford, B.: Dissent: accountable anonymous group messaging. In: Proceedings of the 17th ACM Conference on Computer and Communications Security, pp. 340–350. CCS 2010. Association for Computing Machinery, New York (2010). https://doi.org/10.1145/1866307.1866346

  5. Dingledine, R.: Next generation tor onion services. DEF CON 25 (2017)

    Google Scholar 

  6. Goldschlag, D., Reed, M., Syverson, P.: Onion routing. Commun. ACM 42(2), 39–41 (1999)

    Article  Google Scholar 

  7. Guardian, T.: The Guardian SecureDrop. https://www.theguardian.com/securedrop

  8. Gunn, L.J., Parra, R.V., Asokan, N.: Circumventing cryptographic deniability with remote attestation. In: Proceedings on Privacy Enhancing Technologies 2019(3), 350–369 (2019). https://doi.org/10.2478/popets-2019-0051

  9. Höller, T., Raab, T., Roland, M., Mayrhofer, R.: On the feasibility of short-lived dynamic onion services. In: 2021 IEEE Security and Privacy Workshops (SPW), pp. 25–30. IEEE (May 2021). https://doi.org/10.1109/SPW53761.2021.0001

  10. Höller, T., Roland, M., Mayrhofer, R.: On the state of V3 onion services. In: Proceedings of the ACM SIGCOMM 2021 Workshop on Free and Open Communications on the Internet (FOCI 2021), pp. 50–56. ACM (Aug 2021). https://doi.org/10.1145/3473604.3474565

  11. Kadianakis, G.: Onion-location. https://gitweb.torproject.org/tor-browser-spec.git/tree/proposals/100-onion-location-header.txt

  12. Kokoris-Kogias, E., Alp, E.C., Gasser, L., Jovanovic, P., Syta, E., Ford, B.: Calypso: private data management for decentralized ledgers. Cryptology ePrint Archive, Report 2018/209 (2018). https://ia.cr/2018/209

  13. Kumagai, J.: The whistle-blower’s dilemma. IEEE Spectrum (2004). https://spectrum.ieee.org/the-whistleblowers-dilemma

  14. Kwon, A., AlSabah, M., Lazar, D., Dacier, M., Devadas, S.: Circuit fingerprinting attacks: Passive deanonymization of tor hidden services. In: 24th USENIX Security Symposium (USENIX Security 2015), pp. 287–302. USENIX Association, Washington (Aug 2015), https://www.usenix.org/conference/usenixsecurity15/technical-sessions/presentation/kwon

  15. Marlinspike, M.: The double ratchet algorithm. https://signal.org/docs/specifications/doubleratchet/

  16. Nasr, M., Bahramali, A., Houmansadr, A.: DeepCorr: strong flow correlation attacks on tor using deep learning. In: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security. ACM (Jan 2018). https://doi.org/10.1145/3243734.3243824

  17. Open Privacy Research Society: cwtch. https://cwtch.im/

  18. Rivest, R.L., Shamir, A., Wagner, D.A.: Time-lock puzzles and timed-release crypto. Tech. rep. (1996)

    Google Scholar 

  19. Sayrafi, M.: Introducing the cloudflare onion service. https://blog.cloudflare.com/cloudflare-onion-service/ (Sep 2018)

  20. Snowden, E.: Permanent Record. Pan Macmillan (Sept 2019)

    Google Scholar 

  21. Sonntag, M.: Anonymous proof of liveness. In: Proceedings of IDIMT-2021. Trauner Verlag (2021)

    Google Scholar 

  22. Swartz, A.: Securedrop. https://github.com/freedomofpress/securedrop

  23. Syta, E., Peterson, B., Wolinsky, D.I., Fischer, M., Ford, B.: Deniable anonymous group authentication. Tech. Rep. YALEU/DCS/TR-1486, Yale University (February 2014)

    Google Scholar 

  24. Tate, J.: Bradley Manning sentenced to 35 years in WikiLeaks case. Washington Post, online archived at. https://web.archive.org/web/20130825043050/http://articles.washingtonpost.com/2013-08-21/world/41431547_1_bradley-manning-david-coombs-pretrial-confinement (Aug 2013)

  25. The Tor Project: Tor Rendezvous Specification - Version 3. https://github.com/torproject/torspec/blob/master/rend-spec-v3.txt

  26. Tor Project, I.: The Tor project. https://www.torproject.org/ (2021)

  27. Hoffman, W.: Facebook’s Dark Web. Onion Site Reaches 1 Million Monthly Tor Users. https://www.inverse.com/article/14672-facebook-s-dark-web-onion-site-reaches-1-million-monthly-tor-users

Download references

Acknowledgments

This work has been carried out within the scope of Digidow, the Christian Doppler Laboratory for Private Digital Authentication in the Physical World. We gratefully acknowledge financial support by the Austrian Federal Ministry for Digital and Economic Affairs, the National Foundation for Research, Technology and Development and the Christian Doppler Research Association, 3 Banken IT GmbH, ekey biometric systems GmbH, Kepler Universitätsklinikum GmbH, NXP Semiconductors Austria GmbH, and Österreichische Staatsdruckerei GmbH.

Author information

Authors and Affiliations

  1. Institute of Networks and Security, Johannes Kepler University Linz, Altenbergerstr. 69, 4040, Linz, Austria

    Michael Sonntag & René Mayrhofer

  2. LIT Secure and Correct Systems Lab, Johannes Kepler University Linz, Altenbergerstr. 69, 4040, Linz, Austria

    Stefan Rass

Authors
  1. Michael Sonntag
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. René Mayrhofer
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Stefan Rass
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Michael Sonntag .

Editor information

Editors and Affiliations

  1. Monash University, Melbourne, VIC, Australia

    Pari Delir Haghighi

  2. Johannes Kepler University Linz, Linz, Austria

    Ismail Khalil

  3. Johannes Kepler University Linz, Linz, Austria

    Gabriele Kotsis

  4. Udayana University, Denpasar, Indonesia

    Ngurah Agus Sanjaya ER

Rights and permissions

Reprints and permissions

Copyright information

© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Sonntag, M., Mayrhofer, R., Rass, S. (2023). Anonymously Publishing Liveness Signals with Plausible Deniability. In: Delir Haghighi, P., Khalil, I., Kotsis, G., ER, N.A.S. (eds) Advances in Mobile Computing and Multimedia Intelligence. MoMM 2023. Lecture Notes in Computer Science, vol 14417. Springer, Cham. https://doi.org/10.1007/978-3-031-48348-6_1

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-48348-6_1

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-48347-9

  • Online ISBN: 978-3-031-48348-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation