Shared-Dining: Broadcasting Secret Shares using Dining-Cryptographers Groups

TL;DR

This paper introduces a privacy-preserving broadcast protocol using modified dining cryptographers and secret sharing, ensuring message anonymity and robustness against malicious participants with minimal performance overhead.

Contribution

It presents a novel combination of dining cryptographers and Shamir's secret sharing for anonymous message broadcasting with provable privacy guarantees.

Findings

Provides (n-|attackers|)-anonymity for up to k-1 attackers.

Achieves throughput of 10-100 kB/s suitable for high-privacy applications.

Demonstrates security and performance through a prototype implementation.

Abstract

A k-anonymous broadcast can be implemented using a small group of dining cryptographers to first share the message, followed by a flooding phase started by group members. Members have little incentive to forward the message in a timely manner, as forwarding incurs costs, or they may even profit from keeping the message. In worst case, this leaves the true originator as the only sender, rendering the dining-cryptographers phase useless and compromising their privacy. We present a novel approach using a modified dining-cryptographers protocol to distributed shares of an (n,k)-Shamir's secret sharing scheme. Finally, all group members broadcast their received share through the network, allowing any recipient of k shares to reconstruct the message, enforcing anonymity. If less than k group members broadcast their shares, the message cannot be decoded thus preventing privacy breaches for the originator. Our system provides (n-|attackers|)-anonymity for up to k-1 attackers and has little performance impact on dissemination. We show these results in a security analysis and performance evaluation based on a proof-of-concept prototype. Throughput rates between 10 and 100 kB/s are enough for many real applications with high privacy requirements, e.g., financial blockchain system.