A Universally Composable Framework for the Privacy of Email Ecosystems

Pyrros Chaidos, Olga Fourtounelli, Aggelos Kiayias, Thomas Zacharias

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Email communication is amongst the most prominent online activities, and as such, can put sensitive information at risk. It is thus of high importance that internet email applications are designed in a privacy-aware manner and analyzed under a rigorous threat model. The Snowden revelations (2013) suggest that such a model should feature a global adversary, in light of the observational tools available. Furthermore, the fact that protecting metadata can be of equal importance as protecting the communication context implies that end-to-end encryption may be necessary, but it is not sufficient.

With this in mind, we utilize the Universal Composability framework [Canetti, 2001] to introduce an expressive cryptographic model for email “ecosystems” that can formally and precisely capture various well-known privacy notions (unobservability, anonymity, unlinkability, etc.), by parameterizing the amount of leakage an ideal-world adversary (simulator) obtains from the email functionality.

Equipped with our framework, we present and analyze the security of two email constructions that follow different directions in terms of the efficiency vs. privacy tradeoff. The first one achieves optimal security (only the online/offline mode of the users is leaked), but it is mainly of theoretical interest; the second one is based on parallel mixing [Golle and Juels, 2004] and is more practical, while it achieves anonymity with respect to users that have similar amount of sending and receiving activity.
Original languageEnglish
Title of host publicationAdvances in Cryptology – ASIACRYPT 2018
Subtitle of host publication24th International Conference on the Theory and Application of Cryptology and Information Security, Brisbane, QLD, Australia, December 2–6, 2018, Proceedings, Part III
Place of PublicationBrisbane, Australia
PublisherSpringer, Cham
Pages191-221
Number of pages31
ISBN (Electronic)978-3-030-03332-3
ISBN (Print)978-3-030-03331-6
DOIs
Publication statusPublished - 26 Oct 2018
Event24th Annual International Conference on the Theory and Application of Cryptology and Information Security - Brisbane, Australia
Duration: 2 Dec 20186 Dec 2018
https://asiacrypt.iacr.org/2018/

Publication series

NameLecture Notes in Computer Science
PublisherSpringer, Cham
Volume11274
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349
NameSecurity and Cryptology
Volume11274

Conference

Conference24th Annual International Conference on the Theory and Application of Cryptology and Information Security
Abbreviated titleASIACRYPT 2018
Country/TerritoryAustralia
CityBrisbane
Period2/12/186/12/18
Internet address

Fingerprint

Dive into the research topics of 'A Universally Composable Framework for the Privacy of Email Ecosystems'. Together they form a unique fingerprint.

Cite this