Accountable Anonymous Group Messaging (1004.3057v1)

Abstract: Users often wish to participate in online groups anonymously, but misbehaving users may abuse this anonymity to spam or disrupt the group. Messaging protocols such as Mix-nets and DC-nets leave online groups vulnerable to denial-of-service and Sybil attacks, while accountable voting protocols are unusable or inefficient for general anonymous messaging. We present the first general messaging protocol that offers provable anonymity with accountability for moderate-size groups, and efficiently handles unbalanced loads where few members have much data to transmit in a given round. The N group members first cooperatively shuffle an NxN matrix of pseudorandom seeds, then use these seeds in N "pre-planned" DC-nets protocol runs. Each DC-nets run transmits the variable-length bulk data comprising one member's message, using the minimum number of bits required for anonymity under our attack model. The protocol preserves message integrity and one-to-one correspondence between members and messages, makes denial-of-service attacks by members traceable to the culprit, and efficiently handles large and unbalanced message loads. A working prototype demonstrates the protocol's practicality for anonymous messaging in groups of 40+ member nodes.

• The paper introduces Dissent, a protocol that allows each member to send one message per round, balancing anonymity with accountability.
• It employs a dual-phase process combining a shuffle protocol for anonymizing message inputs and a bulk transfer phase for efficient, secure data transmission.
• The prototype demonstrates practical viability by resisting DoS attacks and ensuring robust accountability in moderately sized group communications.

Accountable Anonymous Group Messaging: A Summary

The paper "Accountable Anonymous Group Messaging" introduces an innovative protocol named Dissent designed for providing anonymous communication within moderately-sized online groups. Aimed at addressing the challenges associated with maintaining anonymity while enforcing accountability, the protocol effectively rectifies issues inherent in previous anonymous communication methods, such as Mix-nets and DC-nets. These traditional methods suffer vulnerabilities to denial-of-service (DoS) attacks and lack accountability, potentially leading to abuse by malicious participants.

The authors propose a protocol offering anonymity with a structured approach for ensuring accountability among group members, preventing abuses such as message corruption or the creation of Sybil identities. Their design is predicated on a two-phase process combining a "shuffle" protocol with a "bulk" data transfer protocol.

Protocol Details and Methodology

The communication protocol described operates in two primary stages:

1. Shuffle Protocol: This phase anonymizes data inputs by shuffling message descriptors. The process uses pseudorandom seeds collectively shuffled among group members, offering anonymity within predetermined group sizes. The shuffle's integrity leverages enhancements of Brickell and Shmatikov's data collection protocol, with additional "go/no-go" and "blame" phases to allow fault detection and member expulsion in case of disruptions or misbehavior.
2. Bulk Transfer Protocol: Building on the information-theoretic anonymity of DC-nets, this stage leverages the shuffle's output to facilitate bulk data transmission, ensuring that higher data loads can be handled efficiently even under significant imbalance. Messages are transmitted using the minimal number of bits required, ensuring not just the integrity and confidentiality but also resistance to DoS attacks from within the group.

The authors highlight a critical innovation—the ability of each group member to send exactly one message per round—which provides a basis for ensuring accountability without compromising anonymity.

Performance and Practical Implications

The paper reports on the development of a prototype implementation to demonstrate the protocol's practical applicability. This prototype was tested within controlled network environments using the Emulab testbed. It efficiently managed variable message sizes and nodes, demonstrating that while the protocol's setup incurs certain overheads, these costs are within acceptable limits for non-interactive applications requiring robust anonymity and accountability measures.

Theoretical and Practical Applications

The research contributes significantly to both theoretical foundations and practical applications of cryptography and secure communications. It explicitly enables scenarios demanding strong, anonymous accountability, such as whistleblowing channels similar to WikiLeaks, anonymous voting systems, and decentralized information sharing among private groups. The protocol's design inherently balances the constraints of cryptographic rigor with computational and transmission efficiency, making it well-suited for latency-tolerant applications of moderate group sizes.

Future Developments

While effective, the protocol still has practical limitations in scaling to large groups and interactive scenarios. Future research could seek enhancements to integrate more advanced cryptographic primitives or optimizations to further mitigate startup latency impacts and improve scale without sacrificing the accountability or robustness of the anonymity provided.

Overall, "Accountable Anonymous Group Messaging" presents a novel intersection of anonymity and accountability in group communications, offering large potential for applications in domains valuing secure, anonymous exchanges without exposure to actor misbehavior.