In this talk, I will present DenIM (Deniable Instant Messaging), a novel
protocol built on the idea of hiding traffic to make it unobservable to
an adversary by piggybacking it on observable traffic. We posit that
resilience to traffic analysis must be directly supported by major IM
services themselves, and must be done in a low-latency manner without
breaking existing features. Hence, DenIM is designed both for
compatibility and performance; DenIM is a variant of the Signal
protocol—commonly used for strong encryption in instant messaging
services, and, DenIM’s bandwidth overhead scales with the volume of
regular traffic, as opposed to scaling with time or the number of users.