Enabling Metadata-private and Accountable Networks at Scale

Year: 2023 Version: v1.0

Abstract

Over the past decade, we have witnessed the proliferation of end-to-end encryption (E2EE) among many popular online services, such as WhatsApp and Signal for encrypted messaging, ProtonMail for encrypted emails, Microsoft Teams for encrypted conference calls, and more. By keeping the data always encrypted, E2EE platforms can safeguard data between correspondents as private from anyone, including the service providers, and offer robust in-depth defense against data breaches for both in-the-cloud and on-premise networks.

In this project, we plan to develop new security and privacy-enhancing technologies to push forward the frontier of modern E2EE platforms and set up the foundational framework for future metadata-private E2EE communication systems. We will specifically address the challenges brought by powerful attackers today who can not only monitor but also actively interfere with network traffic, with the three major research tasks.


Fig. 1: Our tasks

This collaborative research serves the rising demand for data security by providing foundational frameworks with new theories, algorithms, and schemes to build metadata-private and accountable E2EE platforms. A prototype system will be developed for concept proof and research validation in real-world scenarios, supported by our industry collaborators. The research outputs will greatly advance the frontier of hot areas today, including privacy-enhancing technologies, confidential computation, data ownership assurance, and verifiable computing. Our interdisciplinary research team has expertise spanning security and privacy, distributed systems, computer networking, and applied cryptography. The synergy of the team will create a critical mass, benefiting all enterprise and consumer services in Hong Kong and beyond.


Publication

  • Rui Lian, Yulong Ming, Chengjun Cai, Yifeng Zheng, Cong Wang, Xiaohua Jia, Nemesis: Combating Abusive Information in Encrypted Messaging with Private Reporting, In European Symposium on Research in Computer Security (ESORICS'24), September 16-20, 2024.

  • Peipei Jiang, Qian Wang, Jianhao Cheng, Cong Wang, Lei Xu, Xinyu Wang, Yihao Wu, Xiaoyuan Li, and Kui Ren, "Boomerang: Metadata-Private Messaging under Hardware Trust", In USENIX Symposium on Networked Systems Design and Implementation (NSDI'23), April 17-19, 2023.


University

City University of Hong Kong
The University of Hong Kong
Hong Kong University of Science and Technology
University of Toronto

Copyright © 2024 Cong's Group