Search

US-20260129033-A1 - PRACTICAL ANONYMITY WITH LONG-TERM RESISTANCE TO TRAFFIC ANALYSIS

US20260129033A1US 20260129033 A1US20260129033 A1US 20260129033A1US-20260129033-A1

Abstract

Systems and methods for secure and anonymous communication using a hardware enclave is disclosed. The method involves receiving push requests to store messages and fetch requests to retrieve messages within the enclave. Messages are stored in an oblivious data structure and retrieved in predetermined quantities based on recipient-specific parameters. Retrieved messages are padded to fixed sizes before sending to recipients. The system achieves traffic analysis resistance by revealing only limited information about communication patterns-specifically, the sender and timing of sent messages, and the total volume and timing of messages received by each recipient, without disclosing correlations between sent and received messages. The method employs flexible padding functions and asynchronous retrieval to further enhance security.

Inventors

  • Kyle Bradley Frederickson
  • Ioannis Demertzis
  • Darrell Don Earl Long

Assignees

  • THE REGENTS OF THE UNIVERITY OF CALIFORNIA

Dates

Publication Date
20260507
Application Date
20251106

Claims (20)

  1. 1 . A method comprising: receiving, at a hardware enclave, a push request from a sender to store a message for a recipient; storing the message in a data structure within the hardware enclave; receiving, at the hardware enclave, a fetch request from the recipient to retrieve one or more messages; retrieving a predetermined number of messages for the recipient from the data structure, the predetermined number of messages including the message; padding the retrieved messages to a fixed size; and sending the padded messages to the recipient.
  2. 2 . The method of claim 1 , wherein the data structure includes an oblivious data structure.
  3. 3 . The method of claim 1 , wherein the padding the retrieved message to the fixed size includes: identifying a set of messages for the recipient from within the data structure; determining that a total number of messages among the set of messages is below a threshold defined by the predetermined number of messages; and padding the retrieved messages with a set of dummy messages to reach the fixed sizes based on the total number of messages.
  4. 4 . The method of claim 1 , wherein the padding the retrieved message to the fixed size includes: identifying a set of messages for the recipient from within the data structure; determining a base value based on the total number of messages for the recipient; determining the fixed size based on an exponential value calculated based on the base value; and padding the retrieved messages with a set of dummy messages to reach the fixed size.
  5. 5 . The method of claim 1 , wherein a quantity of the predetermined number of messages is based on the recipient.
  6. 6 . The method of claim 1 , further comprising: determining a fetch volume parameter for the recipient, wherein the fetch volume parameter represents a quantity of the predetermined number of messages to be retrieved responsive to the fetch request; maintaining a queue of messages for the recipient; and responsive to the fetch request from the recipient: retrieving a first subset of messages for the recipient up to the quantity of the predetermined number of messages based on the fetch volume associated with the recipient; and deferring a second subset of messages for the recipient beyond the quantity of the predetermined number of messages.
  7. 7 . The method of claim 1 , wherein the data structure is organized across multiple submaps.
  8. 8 . A system comprising: a hardware enclave configured to perform operations comprising: receiving a push request from a sender to store a message for a recipient; storing the message in a data structure within the hardware enclave; receiving a fetch request from the recipient to retrieve one or more messages; retrieving a predetermined number of messages for the recipient from the data structure, the predetermined number of messages including the message; padding the retrieved messages to a fixed size; and sending the padded messages to the recipient.
  9. 9 . The system of claim 8 , wherein the data structure includes an oblivious data structure.
  10. 10 . The system of claim 8 , wherein the padding the retrieved messages to the fixed size includes: identifying a set of messages for the recipient from within the data structure; determining that a total number of messages among the set of messages is below a threshold defined by the predetermined number of messages; and padding the retrieved messages with a set of dummy messages to reach the fixed size based on the total number of messages.
  11. 11 . The system of claim 8 , wherein the padding the retrieved messages to the fixed size includes: identifying a set of messages for the recipient from within the data structure; determining a base value based on the total number of messages for the recipient; determining the fixed size based on an exponential value calculated based on the base value; and padding the retrieved messages with a set of dummy messages to reach the fixed size.
  12. 12 . The system of claim 8 , wherein a quantity of the predetermined number of messages is based on the recipient.
  13. 13 . The system of claim 8 , wherein the operations further comprise: determining a fetch volume parameter for the recipient, wherein the fetch volume parameter represents a quantity of the predetermined number of messages to be retrieved responsive to the fetch request; maintaining a queue of messages for the recipient; and responsive to the fetch request from the recipient: retrieving a first subset of messages for the recipient up to the quantity of the predetermined number of messages based on the fetch volume associated with the recipient; and deferring a second subset of messages for the recipient beyond the quantity of the predetermined number of messages.
  14. 14 . The system of claim 8 , wherein the data structure is organized across multiple submaps.
  15. 15 . The system of claim 8 , further comprising: an application server hosting the hardware enclave; an API server communicatively coupled to the hardware enclave and configured to receive the push requests and fetch requests; and a database server communicatively coupled to the application server.
  16. 16 . The system of claim 15 , further comprising client devices hosting messaging client applications configured to submit the push requests and fetch requests to the hardware enclave via the API server.
  17. 17 . A non-transitory computer-readable medium storing instructions that, when executed by a processor within a hardware enclave, cause the processor to perform operation comprising: receiving a push request from a sender to store a message for a recipient; storing the message in a data structure within the hardware enclave; receiving a fetch request from the recipient to retrieve one or more messages; retrieving a predetermined number of messages for the recipient from the data structure, the predetermined number of messages including the message; padding the retrieved messages to a fixed size; and sending the padded messages to the recipient.
  18. 18 . The non-transitory computer-readable medium of claim 17 , wherein the data structure includes an oblivious data structure.
  19. 19 . The non-transitory computer-readable medium of claim 17 , wherein the padding the retrieved messages to the fixed size includes: identifying a set of messages for the recipient from within the data structure; determining that a total number of messages among the set of messages is below a threshold defined by the predetermined number of messages; and padding the retrieved messages with a set of dummy messages to reach the fixed size based on the total number of messages.
  20. 20 . The non-transitory computer-readable medium of claim 17 , wherein the data structure is organized across multiple submaps.

Description

CLAIM OF PRIORITY This application claims the benefit of U.S. Provisional Patent Application No. 63/716,979 , filed Nov. 6, 2024, entitled “PRACTICAL ANONYMITY WITH LONG-TERM RESISTANCE TO TRAFFIC ANALYSIS,” which is incorporated herein by reference in its entirety. TECHNICAL FIELD Embodiments of the present disclosure relate generally to secure communication systems, and more specifically to anonymous messaging, metadata protection, and traffic analysis resistance. BACKGROUND Secure communication systems have become increasingly important in the digital age, with a growing need for protecting not only message contents but also metadata associated with communications. Existing messaging services often employ end-to-end encryption to safeguard message contents, but this leaves metadata exposed to potential adversaries. Metadata, which includes information about who is communicating with whom, when, and how much, can be a rich source of information that may render message contents superfluous. Anonymous communication has been an active field of research, with various systems proposed to address metadata privacy. However, widely deployed systems like Tor operate under weak adversary models and offer weak guarantees even within those models. For example, Tor, while popular, is known to be vulnerable to traffic analysis attacks. Some systems have attempted to provide stronger security guarantees against global adversaries capable of observing all network links. These systems may rely on techniques such as mixnets, secret-sharing based schemes, or differential privacy. However, they often suffer from significant security, are vulnerable to traffic analysis, and usability problems preclude their adoption in real-world scenarios. Many of these systems impose strict bandwidth restrictions or make unrealistic assumptions about user behavior to achieve security, leading to poor performance or impractical deployment requirements. For instance, some systems require users to send exactly one message per round, which is unenforceable and can result in prohibitively high latencies. Accordingly, there is a recognized need for metadata-private communication systems that can provide long-term security against traffic analysis while maintaining practical performance and usability. Such systems should ideally operate without imposing global bandwidth restrictions, support multiple concurrent conversations without message loss, and be readily deployable by single organizations. BRIEF DESCRIPTION OF THE SEVERAL VIEWS OF THE DRAWINGS To easily identify the discussion of any particular element or act, the most significant digit or digits in a reference number refer to the figure number in which that element is first introduced. FIG. 1 is a block diagram showing a system for exchanging data (e.g., messages and associated content) over a network in accordance with some embodiments, wherein the messaging system includes an anonymous messaging system. FIG. 2 is flowchart illustrating a method for anonymous messaging, according to certain examples. FIG. 3 is flowchart illustrating a method of padding retrieved messages to a fixed size, according to certain examples. FIG. 4 is flowchart illustrating a method of determining a fixed size, according to certain examples. FIG. 5 is flowchart illustrating a method of determining a fetch volume parameter, according to certain examples. FIG. 6 is a block diagram illustrating a representative software architecture, which may be used in conjunction with various hardware architectures herein described and used to implement various embodiments. FIG. 7 is a block diagram illustrating components of a machine, according to some example embodiments, able to read instructions from a machine-readable medium (e.g., a machine-readable storage medium) and perform any one or more of the methodologies discussed herein. DETAILED DESCRIPTION As discussed above, current end-to-end encrypted messaging systems protect message contents but fail to adequately secure metadata, leaving users vulnerable to traffic analysis attacks. Existing metadata-private communication systems either lack scalability or are susceptible to long-term traffic analysis. Systems that attempt to mitigate traffic analysis often rely on unrealistic user assumptions or impose system-wide bandwidth restrictions, significantly impacting usability and performance. According to certain examples, the disclosed invention addresses the problem of metadata privacy in communication systems by utilizing a hardware enclave to provide secure and anonymous messaging. The system receives push requests from senders to store messages for recipients within an oblivious data structure in the hardware enclave. When recipients send fetch requests, the system retrieves a predetermined number of messages, pads them to a fixed size, and sends them to the recipient. This approach achieves traffic analysis resistance by revealing only limited information about communi