A Universally Composable Framework for the Privacy of Email Ecosystems

Pyrros  Chaidos; Olga Fourtounelli; Aggelos Kiayias; Thomas Zacharias

doi:10.1007/978-3-030-03332-3_8

A Universally Composable Framework for the Privacy of Email Ecosystems

Pyrros Chaidos, Olga Fourtounelli, Aggelos Kiayias, Thomas Zacharias

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract / Description of output

Email communication is amongst the most prominent online activities, and as such, can put sensitive information at risk. It is thus of high importance that internet email applications are designed in a privacy-aware manner and analyzed under a rigorous threat model. The Snowden revelations (2013) suggest that such a model should feature a global adversary, in light of the observational tools available. Furthermore, the fact that protecting metadata can be of equal importance as protecting the communication context implies that end-to-end encryption may be necessary, but it is not sufficient.

With this in mind, we utilize the Universal Composability framework [Canetti, 2001] to introduce an expressive cryptographic model for email “ecosystems” that can formally and precisely capture various well-known privacy notions (unobservability, anonymity, unlinkability, etc.), by parameterizing the amount of leakage an ideal-world adversary (simulator) obtains from the email functionality.

Equipped with our framework, we present and analyze the security of two email constructions that follow different directions in terms of the efficiency vs. privacy tradeoff. The first one achieves optimal security (only the online/offline mode of the users is leaked), but it is mainly of theoretical interest; the second one is based on parallel mixing [Golle and Juels, 2004] and is more practical, while it achieves anonymity with respect to users that have similar amount of sending and receiving activity.

Original language	English
Title of host publication	Advances in Cryptology – ASIACRYPT 2018
Subtitle of host publication	24th International Conference on the Theory and Application of Cryptology and Information Security, Brisbane, QLD, Australia, December 2–6, 2018, Proceedings, Part III
Place of Publication	Brisbane, Australia
Publisher	Springer, Cham
Pages	191-221
Number of pages	31
ISBN (Electronic)	978-3-030-03332-3
ISBN (Print)	978-3-030-03331-6
DOIs	https://doi.org/10.1007/978-3-030-03332-3_8
Publication status	Published - 26 Oct 2018
Event	24th Annual International Conference on the Theory and Application of Cryptology and Information Security - Brisbane, Australia Duration: 2 Dec 2018 → 6 Dec 2018 https://asiacrypt.iacr.org/2018/

Publication series

Name	Lecture Notes in Computer Science
Publisher	Springer, Cham
Volume	11274
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Name	Security and Cryptology
Volume	11274

Conference

Conference	24th Annual International Conference on the Theory and Application of Cryptology and Information Security
Abbreviated title	ASIACRYPT 2018
Country/Territory	Australia
City	Brisbane
Period	2/12/18 → 6/12/18
Internet address	https://asiacrypt.iacr.org/2018/

Access to Document

10.1007/978-3-030-03332-3_8Licence: All Rights Reserved

UCmail_eprint_versionAccepted author manuscript, 586 KB
UCmail_eprint_versionOther version, 583 KB

https://link.springer.com/chapter/10.1007/978-3-030-03332-3_8Licence: All Rights Reserved

Panoramix:Privacy and Accountability in Networks via Optimized Randomized Mix-nets
Kiayias, A.
EU government bodies
1/09/15 → 31/01/19
Project: Research

Cite this

Chaidos, P., Fourtounelli, O., Kiayias, A., & Zacharias, T. (2018). A Universally Composable Framework for the Privacy of Email Ecosystems. In Advances in Cryptology – ASIACRYPT 2018: 24th International Conference on the Theory and Application of Cryptology and Information Security, Brisbane, QLD, Australia, December 2–6, 2018, Proceedings, Part III (pp. 191-221). (Lecture Notes in Computer Science; Vol. 11274), (Security and Cryptology; Vol. 11274). Springer, Cham. https://doi.org/10.1007/978-3-030-03332-3_8

Chaidos, Pyrros ; Fourtounelli, Olga ; Kiayias, Aggelos et al. / A Universally Composable Framework for the Privacy of Email Ecosystems. Advances in Cryptology – ASIACRYPT 2018: 24th International Conference on the Theory and Application of Cryptology and Information Security, Brisbane, QLD, Australia, December 2–6, 2018, Proceedings, Part III. Brisbane, Australia : Springer, Cham, 2018. pp. 191-221 (Lecture Notes in Computer Science). (Security and Cryptology).

@inproceedings{70a7310ecb134eb0be54fd1e562fa749,

title = "A Universally Composable Framework for the Privacy of Email Ecosystems",

abstract = "Email communication is amongst the most prominent online activities, and as such, can put sensitive information at risk. It is thus of high importance that internet email applications are designed in a privacy-aware manner and analyzed under a rigorous threat model. The Snowden revelations (2013) suggest that such a model should feature a global adversary, in light of the observational tools available. Furthermore, the fact that protecting metadata can be of equal importance as protecting the communication context implies that end-to-end encryption may be necessary, but it is not sufficient.With this in mind, we utilize the Universal Composability framework [Canetti, 2001] to introduce an expressive cryptographic model for email “ecosystems” that can formally and precisely capture various well-known privacy notions (unobservability, anonymity, unlinkability, etc.), by parameterizing the amount of leakage an ideal-world adversary (simulator) obtains from the email functionality.Equipped with our framework, we present and analyze the security of two email constructions that follow different directions in terms of the efficiency vs. privacy tradeoff. The first one achieves optimal security (only the online/offline mode of the users is leaked), but it is mainly of theoretical interest; the second one is based on parallel mixing [Golle and Juels, 2004] and is more practical, while it achieves anonymity with respect to users that have similar amount of sending and receiving activity.",

author = "Pyrros Chaidos and Olga Fourtounelli and Aggelos Kiayias and Thomas Zacharias",

year = "2018",

month = oct,

day = "26",

doi = "10.1007/978-3-030-03332-3_8",

language = "English",

isbn = "978-3-030-03331-6",

series = "Lecture Notes in Computer Science",

publisher = "Springer, Cham",

pages = "191--221",

booktitle = "Advances in Cryptology – ASIACRYPT 2018",

note = "24th Annual International Conference on the Theory and Application of Cryptology and Information Security, ASIACRYPT 2018 ; Conference date: 02-12-2018 Through 06-12-2018",

url = "https://asiacrypt.iacr.org/2018/",

}

Chaidos, P, Fourtounelli, O, Kiayias, A & Zacharias, T 2018, A Universally Composable Framework for the Privacy of Email Ecosystems. in Advances in Cryptology – ASIACRYPT 2018: 24th International Conference on the Theory and Application of Cryptology and Information Security, Brisbane, QLD, Australia, December 2–6, 2018, Proceedings, Part III. Lecture Notes in Computer Science, vol. 11274, Security and Cryptology, vol. 11274, Springer, Cham, Brisbane, Australia, pp. 191-221, 24th Annual International Conference on the Theory and Application of Cryptology and Information Security, Brisbane, Queensland, Australia, 2/12/18. https://doi.org/10.1007/978-3-030-03332-3_8

A Universally Composable Framework for the Privacy of Email Ecosystems. / Chaidos, Pyrros ; Fourtounelli, Olga; Kiayias, Aggelos et al.
Advances in Cryptology – ASIACRYPT 2018: 24th International Conference on the Theory and Application of Cryptology and Information Security, Brisbane, QLD, Australia, December 2–6, 2018, Proceedings, Part III. Brisbane, Australia: Springer, Cham, 2018. p. 191-221 (Lecture Notes in Computer Science; Vol. 11274), (Security and Cryptology; Vol. 11274).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - A Universally Composable Framework for the Privacy of Email Ecosystems

AU - Chaidos, Pyrros

AU - Fourtounelli, Olga

AU - Kiayias, Aggelos

AU - Zacharias, Thomas

PY - 2018/10/26

Y1 - 2018/10/26

N2 - Email communication is amongst the most prominent online activities, and as such, can put sensitive information at risk. It is thus of high importance that internet email applications are designed in a privacy-aware manner and analyzed under a rigorous threat model. The Snowden revelations (2013) suggest that such a model should feature a global adversary, in light of the observational tools available. Furthermore, the fact that protecting metadata can be of equal importance as protecting the communication context implies that end-to-end encryption may be necessary, but it is not sufficient.With this in mind, we utilize the Universal Composability framework [Canetti, 2001] to introduce an expressive cryptographic model for email “ecosystems” that can formally and precisely capture various well-known privacy notions (unobservability, anonymity, unlinkability, etc.), by parameterizing the amount of leakage an ideal-world adversary (simulator) obtains from the email functionality.Equipped with our framework, we present and analyze the security of two email constructions that follow different directions in terms of the efficiency vs. privacy tradeoff. The first one achieves optimal security (only the online/offline mode of the users is leaked), but it is mainly of theoretical interest; the second one is based on parallel mixing [Golle and Juels, 2004] and is more practical, while it achieves anonymity with respect to users that have similar amount of sending and receiving activity.

AB - Email communication is amongst the most prominent online activities, and as such, can put sensitive information at risk. It is thus of high importance that internet email applications are designed in a privacy-aware manner and analyzed under a rigorous threat model. The Snowden revelations (2013) suggest that such a model should feature a global adversary, in light of the observational tools available. Furthermore, the fact that protecting metadata can be of equal importance as protecting the communication context implies that end-to-end encryption may be necessary, but it is not sufficient.With this in mind, we utilize the Universal Composability framework [Canetti, 2001] to introduce an expressive cryptographic model for email “ecosystems” that can formally and precisely capture various well-known privacy notions (unobservability, anonymity, unlinkability, etc.), by parameterizing the amount of leakage an ideal-world adversary (simulator) obtains from the email functionality.Equipped with our framework, we present and analyze the security of two email constructions that follow different directions in terms of the efficiency vs. privacy tradeoff. The first one achieves optimal security (only the online/offline mode of the users is leaked), but it is mainly of theoretical interest; the second one is based on parallel mixing [Golle and Juels, 2004] and is more practical, while it achieves anonymity with respect to users that have similar amount of sending and receiving activity.

U2 - 10.1007/978-3-030-03332-3_8

DO - 10.1007/978-3-030-03332-3_8

M3 - Conference contribution

SN - 978-3-030-03331-6

T3 - Lecture Notes in Computer Science

SP - 191

EP - 221

BT - Advances in Cryptology – ASIACRYPT 2018

PB - Springer, Cham

CY - Brisbane, Australia

T2 - 24th Annual International Conference on the Theory and Application of Cryptology and Information Security

Y2 - 2 December 2018 through 6 December 2018

ER -

Chaidos P, Fourtounelli O, Kiayias A, Zacharias T. A Universally Composable Framework for the Privacy of Email Ecosystems. In Advances in Cryptology – ASIACRYPT 2018: 24th International Conference on the Theory and Application of Cryptology and Information Security, Brisbane, QLD, Australia, December 2–6, 2018, Proceedings, Part III. Brisbane, Australia: Springer, Cham. 2018. p. 191-221. (Lecture Notes in Computer Science). (Security and Cryptology). doi: 10.1007/978-3-030-03332-3_8

A Universally Composable Framework for the Privacy of Email Ecosystems

Abstract / Description of output

Publication series

Conference

Access to Document

Fingerprint

Projects

Panoramix:Privacy and Accountability in Networks via Optimized Randomized Mix-nets

Cite this