AOT: Anonymization by Oblivious Transfer

TL;DR

AOT is an anonymous communication system leveraging oblivious transfer within a multi-level mix network to enhance receiver anonymity and resist blending attacks, allowing offline message retrieval and anonymous shared secret establishment.

Contribution

This paper introduces AOT, a novel mix network architecture that integrates oblivious transfer to improve anonymity and resistance to blending attacks in anonymous communication.

Findings

Resists blending ($n-1$) attacks effectively.

Enables offline message retrieval for receivers.

Supports anonymous shared secret establishment via handshake.

Abstract

We introduce AOT, an anonymous communication system based on mix network architecture that uses oblivious transfer (OT) to deliver messages. Using OT to deliver messages helps AOT resist blending ($n-1$) attacks and helps AOT preserve receiver anonymity, even if a covert adversary controls all nodes in AOT. AOT comprises three levels of nodes, where nodes at each level perform a different function and can scale horizontally. The sender encrypts their payload and a tag, derived from a secret shared between the sender and receiver, with the public key of a Level-2 node and sends them to a Level-1 node. On a public bulletin board, Level-3 nodes publish tags associated with messages ready to be retrieved. Each receiver checks the bulletin board, identifies tags, and receives the associated messages using OT. A receiver can receive their messages even if the receiver is offline when messages are ready. Through what we call a "handshake" process, communicants can use the AOT protocol to establish shared secrets anonymously. Users play an active role in contributing to the unlinkability of messages: periodically, users initiate requests to AOT to receive dummy messages, such that an adversary cannot distinguish real and dummy requests.