Are mixnets the answer to anonymous communications?

Combined with strong encryption such as the Signal protocol, modern mixnets could achieve the Holy Grail: metadata-resistant secure communications.

Become An Insider

Sign up now and get FREE access to hundreds of Insider articles, guides, reviews, interviews, blogs, and other premium content. Learn more.

Encryption is not enough.

Widespread deployment of end-to-end encryption is critical to protecting confidential information in transit. But the metadata--the who, the when, the where--transits in the clear. A classic example is using PGP-encrypted email. The body may be encrypted, but the subject, to, from, and rest of the headers are not encrypted.

The last several years have seen widespread deployment of end-to-end encryption both for consumers and in the enterprise. For instance, the Signal protocol now protects the message confidentiality of more than a billion people. However, Signal offers limited metadata resistance, and there is no equally strong tool to anonymize those communications.

In the enterprise, privacy-preserving statistics remain an unsolved problem. In many cases, you might want to know usage statistics for millions or billions of people, but the law (or public outcry) prevents you from doing so. Finding ways to extract useful statistics without violating user privacy at scale, therefore, becomes a challenge.

The answer to both problems could be mixnets.

What are mixnets?

Combined with strong encryption such as the Signal protocol, modern mixnets could achieve the Holy Grail: metadata-resistant secure communications. Unlike many academic efforts so far, researchers with funding are actually building this technology. At the current rate of development and testing, we could see real-world deployment in the next year or two.

First proposed by cryptographer David Chaum in a 1981 paper, at its simplest a mixnet receives a bunch of different messages, delays them, shuffles them, and sends them out again at random intervals. This makes it impossible for a passive adversary to correlate inbound messages with outbound messages. As a result, "Mix networks offer anonymity against the global passive adversary," Ania Piotrowska, a mixnet researcher at the University College, London, tells CSO.

To continue reading this article register now

SUBSCRIBE! Get the best of CSO delivered to your email inbox.