Transport-Level Privacy for Instant Messaging
Abstract
Traffic analysis poses an important privacy challenge. In particular, transport-level data can leak unintentional information—such as who communicates with whom. Existing tools for metadata privacy have adoption obstacles, including the risks of being scrutinized for having a particular app installed, and performance overheads incompatible with mobile devices.
In this talk, I will present DenIM (Deniable Instant Messaging), a novel protocol built on the idea of hiding traffic to make it unobservable to an adversary by piggybacking it on observable traffic. We posit that resilience to traffic analysis must be directly supported by major IM services themselves, and must be done in a low-latency manner without breaking existing features. Hence, DenIM is designed both for compatibility and performance; DenIM is a variant of the Signal protocol—commonly used for strong encryption in instant messaging services, and, DenIM’s bandwidth overhead scales with the volume of regular traffic, as opposed to scaling with time or the number of users.
Joint work in progress with E. Pagnin and A. Askarov.
Boel Nelson is a postdoc in the Algorithms and Complexity section at University of Copenhagen, and a member of Basic Algorithms Research Copenhagen (BARC). She is an upcoming Marie Skłodowska-Curie postdoctoral fellow—starting her project on Provable Privacy for Metadata (ProPriM) in August 2023 at Aarhus University. Her research interests include data privacy, detection and mitigation of side-channels, and privacy enhancing technologies.
Prior to joining UCPH/BARC, Boel worked as a postdoc in the Logic and Semantics group at Aarhus University, where she conducted research on anonymous communication. Boel earned her PhD from Chalmers University of Technology in 2021.