IACR News item: 05 September 2022
Shengtong Zhang, Arvid Lunnemark, Sualeh Asif
ePrint Report
We present a novel, complete definition of metadata-private messaging (MPM) and show that our definition is achievable and non-trivially more general than previous attempts that we are aware of. Our main contributions are:
1) We describe a vulnerability in existing MPM implementations through a variation of the compromised-friend (CF) attack proposed by Angel et al. Our attack can compromise the exact metadata of any conversations between honest users.
2) We present a security definition for MPM systems assuming that some friends may be compromised.
3) We present a protocol satisfying our security definition based on Anysphere, an MPM system we deployed in practice.
1) We describe a vulnerability in existing MPM implementations through a variation of the compromised-friend (CF) attack proposed by Angel et al. Our attack can compromise the exact metadata of any conversations between honest users.
2) We present a security definition for MPM systems assuming that some friends may be compromised.
3) We present a protocol satisfying our security definition based on Anysphere, an MPM system we deployed in practice.
Additional news items may be found on the IACR news page.