https://www.ndss-symposium.org/ndss-paper/improving-signals-sealed-sender/ ndss logo Menu Navigation * About + Test of Time Award + Why NDSS Symposium + Sponsorship * 2023 Symposium + Attend + Accepted Papers + Program + Accepted Posters + Co-located Events + Leadership * 2022 Symposium + Accepted Papers + Program + Leadership + Co-located Events * Previous Events + Previous NDSS Symposia + Previous USEC Events Search Icon 2023 Program Search for:[ ]Search Button Improving Signal's Sealed Sender Ian Martiny (University of Colorado Boulder), Gabriel Kaptchuk (Boston University), Adam Aviv (The George Washington University), Dan Roche (U.S. Naval Avademy), Eric Wustrow (University of Colorado Boulder) The Signal messaging service recently deployed a emph{sealed sender} feature that provides sender anonymity by cryptographically hiding a message's sender from the service provider. We demonstrate, both theoretically and empirically, that this one-sided anonymity is broken when two parties send multiple messages back and forth; that is, the promise of sealed sender does not emph{compose} over a conversation of messages. Our attack is in the family of Statistical Disclosure Attacks (SDAs), and is made particularly effective by emph {delivery receipts} that inform the sender that a message has been successfully delivered, which are enabled by default on Signal. We show using theoretical and simulation-based models that Signal could link sealed sender users in as few as 5 messages. Our attack goes beyond tracking users via network-level identifiers by working at the application layer of Signal. This make our attacks particularly effective against users that employ Tor or VPNs as anonymity protections, who would otherwise be secure against network tracing. We present a range of practical mitigation strategies that could be employed to prevent such attacks, and we prove our protocols secure using a new simulation-based security definition for one-sided anonymity over any sequence of messages. The simplest provably-secure solution uses many of the same mechanisms already employed by the (flawed) sealed-sender protocol used by Signal, which means it could be deployed with relatively small overhead costs; we estimate that the extra cryptographic cost of running our most sophisticated solution in a system with millions of users would be less than $40 per month. Paper Video View More Papers Dinosaur Resurrection: PowerPC Binary Patching for Base Station Analysis Uwe Muller, Eicke Hauck, Timm Welz, Jiska Classen, Matthias Hollick (Secure Mobile Networking Lab, TU Darmstadt) Read More Welcome to the DNS Privacy Workshop Read More An Analysis of First-Party Cookie Exfiltration due to CNAME... Tongwei Ren (Worcester Polytechnic Institute), Alexander Wittmany (University of Kansas), Lorenzo De Carli (Worcester Polytechnic Institute), Drew Davidsony (University of... Read More PrivacyFlash Pro: Automating Privacy Policy Generation for Mobile Apps Sebastian Zimmeck (Wesleyan University), Rafael Goldstein (Wesleyan University), David Baraka (Wesleyan University) Read More About * About * Test of Time Award * Why NDSS Symposium * Sponsorship NDSS Symposium 2023 * 2023 Symposium * Attend * Program * Submissions * Leadership NDSS Symposium 2022 * 2022 Symposium * Program * Accepted Papers * Leadership * Co-located Events Previous Events * Previous Events * Previous NDSS Symposia * Previous USEC Events NDSS Symposium 30th anniversary Facebook Twitter LinkedIn Youtube Privacy Policy | Terms of Use | NDSS Code of Conduct | Contact Us isoc logo Internet Society (c) 1992-2023