The authors of this paper study an anonymous message system called Atom which protects against traffic analysis attacks. Atom addresses what it sees as two deficiencies that previous work does not quite address. The first is that there’s a lot of theory in prior papers that Atom puts into practice. The second is that previous messaging systems that attempted similar security measures scaled at a much slower rate. The contribution of Atom is that it provides workarounds to cryptographic bottlenecks, resulting in a system that runs 23x faster than the next comparable system with similar privacy guarantees. Atom separates itself from existing research because it extrapolates practical systems from theory and puts it in a real-world setting, where they’ve validated its efficacy.
This paper doesn’t introduce too many new concepts or theory, but rather, discusses the practicality of implementing and using such security components. One of the main contributions I found interesting was that they worked around multiparty computation protocols which ordinarily seemed like a bare essential, but generally too inefficient to use. The system also features two forms of tamper resistance, doubling up with both NIZK proofs and a novel trap message-based encryption algorithm. These layered defenses offer a result where if there’s a malicious server editing a message, there’s a 50% chance it’s a trap message. The system also shows that even if there’s a majority of adversaries, a minority of honest users still ensures the system works correctly.
I thought the part regarding how volunteer servers are organized into small groups could’ve been explained better. It’d be interesting to see if it could be done in a decentralized environment. One of the constraints for ensuring anonymity felt somewhat difficult, which is that there is at least one honest, trustworthy server in every server group. I think an explanation of how those groups are created could help clarify. I would be curious to see whether this holds up when there are only a couple of servers, and what might happen if adversarial servers heavily outweigh the trustworthy ones. By extension, the system also seems extremely vulnerable when there are only a few users. This might dissuade early adopters to use it in production. The study also uses servers from the exact same geographical location, which brings up a question of how hard of a hit network performance might take if the servers are scattered globally, which seems more fitting for this kind of application.
The latency is a relatively significant con against the system. It would be interesting to identify why this is the case (i.e., constraint on number of servers? Network latency?). Another direction is, perhaps Atom might be better suited as a private network such that it is available to a subset of users who all want to remain anonymous. I think the attacks against such a system could be explored. For instance, what happens if a malicious attacker spins up a bunch of cheap servers, then puts them all up for the network with the hope that one of the small groups is filled with untrustworthy servers.