Scalable and Provably Secure P2P Communication Protocols

In contrast to the enormous advances made in cryptographic technology over the last 40 years, there have been correspondingly few advances in anonymizing channels. This lag in advances is due the technical challenge of constructing a provably secure, yet practical, solution to the problem. While practical approaches, such as the widely used Tor network, have not been proven to be secure; provably secure approaches in the academic literature are not flexible or scalable enough to be used widely in real systems. In this paper, we address this open problem. We present three scalable and provably secure peer-to-peer messaging protocols, one for each of the standard adversary models: network, passive, and active. Like in the Tor network, our solutions are flexible in that they are onion-routing protocols, where each client independently chooses the message paths for its messages. Additionally, our solutions do not flood the network with dummy messages (i.e., the number of messages that each participating user generates is no more than polylog in the network size), and the routing is properly load-balanced between the servers. Our work is the first to present a family of Tor-like protocols that utilizes dynamic routing and is provably secure.