Secure and Anonymous Communication Technique: Formal Model and Its Prototype Implementation

Abstract

Both anonymity and end-to-end encryption are recognized as important properties in privacy-preserving communication. However, secure and anonymous communication protocol that requires both anonymity and end-to-end encryption cannot be realized through a simple combination of current anonymous communication protocols and public key infrastructure (PKI). Indeed, the current PKI contradicts anonymity because the certificate for a user's public key identifies the user. Moreover, we believe that anonymous communication channels should have certain authentication mechanisms because such a channel could incubate criminal communication. To cope with this issue, we propose a secure and anonymous communication protocol by employing identity-based encryption for encrypting packets without sacrificing anonymity, and group signature for anonymous user authentication. Communication occurs in the protocol through proxy entities that conceal user IP addresses from service providers (SPs). We also introduce a proof-of-concept implementation to demonstrate the protocol's feasibility and analyze its performance. Finally, we conclude that the protocol realizes secure and anonymous communications between users and SPs with practical performance.