research-article

Open access

Yodel: strong metadata security for voice calls

Authors:

Nickolai ZeldovichAuthors Info & Claims

SOSP '19: Proceedings of the 27th ACM Symposium on Operating Systems Principles

Pages 211 - 224

https://doi.org/10.1145/3341301.3359648

Published: 27 October 2019 Publication History

Abstract

Yodel is the first system for voice calls that hides metadata (e.g., who is communicating with whom) from a powerful adversary that controls the network and compromises servers. Voice calls require sub-second message latency, but low latency has been difficult to achieve in prior work where processing each message requires an expensive public key operation at each hop in the network. Yodel avoids this expense with the idea of self-healing circuits, reusable paths through a mix network that use only fast symmetric cryptography. Once created, these circuits are resilient to passive and active attacks from global adversaries. Creating and connecting to these circuits without leaking metadata is another challenge that Yodel addresses with the idea of guarded circuit exchange, where each user creates a backup circuit in case an attacker tampers with their traffic. We evaluate Yodel across the internet and it achieves acceptable voice quality with 990 ms of latency for 5 million simulated users.

References

[1]

M. Adorjan. AWS inter-region latency, 2019. URL https://cloudping.co.

[2]

E. A. Akkoyunlu, K. Ekanadham, and R. V. Huber. Some constraints and tradeoffs in the design of network communications. In Proceedings of the 5th ACM Symposium on Operating Systems Principles (SOSP), pages 67--74, Austin, TX, Nov. 1975.

Digital Library

[3]

S. Angel and S. Setty. Unobservable communication over fully un-trusted infrastructure. In Proceedings of the 12th USENIX Symposium on Operating Systems Design and Implementation (OSDI), pages 551--569, Savannah, GA, Nov. 2016.

Digital Library

[4]

D.J. Bernstein, T. Lange, and P. Schwabe. The security impact of a new cryptographic library. In Proceedings of the 2nd International Conference on Cryptology and Information Security in Latin America (LATINCRYPT), pages 159--176, Santiago, Chile, Oct. 2012.

Digital Library

[5]

D. Boneh, B. Lynn, and H. Shacham. Short signatures from the Weil pairing. Journal of Cryptology, 17(4):297--319, Sept. 2004.

Digital Library

[6]

B. Boudreau. Global bandwidth & IP pricing trends, 2017. URL https://www2.telegeography.com/hubfs/2017/presentations/telegeography-ptc17-pricing.pdf.

[7]

R. Dingledine, N. Mathewson, and P. Syverson. Tor: The second-generation onion router. In Proceedings of the 13th USENIX Security Symposium, pages 303--320, San Diego, CA, Aug. 2004.

Digital Library

[8]

Z. Dorfman. Botched CIA communications system helped blow cover of Chinese agents. Foreign Policy, Aug. 2018. URL https://foreignpolicy.com/2018/08/15/botched-cia-communications-system-helped-blow-cover/.

[9]

J. Gray. Notes on data base operating systems. In R. Bayer, R. M. Graham, and G. Seegmüller, editors, Operating Systems: An Advanced Course, pages 393--481. Springer-Verlag, 1978.

[10]

S. Humphreys and M. de Zwart. Data retention, journalist freedoms and whistleblowers. Media International Australia, 165(1):103--116, 2017.

[11]

International Telecommunication Union. G.114: One-way transmission time, Nov. 2009. URL https://www.itu.int/rec/T-REC-G.114.

[12]

A. Kwon, D. Lazar, S. Devadas, and B. Ford. Riffle: An efficient communication system with strong anonymity. In Proceedings of the 16th Privacy Enhancing Technologies Symposium, Darmstadt, Germany, July 2016.

[13]

A. Kwon, H. Corrigan-Gibbs, S. Devadas, and B. Ford. Atom: Horizontally scaling strong anonymity. In Proceedings of the 26th ACM Symposium on Operating Systems Principles (SOSP), pages 406--422, Shanghai, China, Oct. 2017.

Digital Library

[14]

A. Kwon, D. Lu, and S. Devadas. XRD: Scalable messaging system with cryptographic privacy. In Proceedings of the 17th USENIX Symposium on Networked Systems Design and Implementation (NSDI), Santa Clara, CA, Feb. 2020.

[15]

D. Lazar and N. Zeldovich. Alpenhorn: Bootstrapping secure communication without leaking metadata. In Proceedings of the 12th USENIX Symposium on Operating Systems Design and Implementation (OSDI), pages 571--586, Savannah, GA, Nov. 2016.

Digital Library

[16]

D. Lazar, Y. Gilad, and N. Zeldovich. Karaoke: Distributed private messaging immune to passive traffic analysis. In Proceedings of the 13th USENIX Symposium on Operating Systems Design and Implementation (OSDI), pages 711--726, Carlsbad, CA, Oct. 2018.

[17]

D. Lazar, Y. Gilad, and N. Zeldovich. Privacy analysis for Yodel, Aug. 2019. URL https://vuvuzela.io/yodel-analysis.pdf.

[18]

S. Le Blond, D. R. Choffnes, W. Caldwell, P. Druschel, and N. Merritt. Herd: A scalable, traffic analysis resistant anonymity network for VoIP systems. In Proceedings of the 2015 ACM SIGCOMM Conference, pages 639--652, London, United Kingdom, Aug. 2015.

Digital Library

[19]

J. Mayer, P. Mutchler, and J. C. Mitchell. Evaluating the privacy properties of telephone metadata. Proceedings of the National Academy of Sciences (PNAS), 113(20):5536--5541, 2016.

[20]

S. J. Murdoch and G. Danezis. Low-cost traffic analysis of Tor. In Proceedings of the 26th IEEE Symposium on Security and Privacy, pages 183--195, Oakland, CA, May 2005.

Digital Library

[21]

National Security Agency. Tor stinks. The Guardian, Oct. 2013. URL https://www.theguardian.com/world/interactive/2013/oct/04/tor-stinks-nsa-presentation-document.

[22]

C. Nocturnus. Operation soft cell: A worldwide campaign against telecommunications providers, June 2019. URL https://www.cybereason.com/blog/operation-soft-cell-a-worldwide-campaign-against-telecommunications-providers.

[23]

Office of the Director of National Intelligence. Statistical transparency report regarding use of national security authorities (calendar year 2018), Apr. 2019. URL https://www.dni.gov/files/CLPT/documents/2019_ASTR_for_CY2018.pdf.

[24]

A. M. Piotrowska, J. Hayes, T. Elahi, S. Meiser, and G. Danezis. The Loopix anonymity system. In Proceedings of the 26th USENIX Security Symposium, pages 1199--1216, Vancouver, Canada, Aug. 2017.

Digital Library

[25]

A. Sanatinia and G. Noubir. Honey onions: A framework for characterizing and identifying misbehaving Tor HSDirs. In Proceedings of the 2016 IEEE Conference on Communications and Network Security (CNS), pages 127--135, Philadelphia, PA, Oct. 2016.

[26]

N. Tyagi, Y. Gilad, D. Leung, M. Zaharia, and N. Zeldovich. Stadium: A distributed metadata-private messaging system. In Proceedings of the 26th ACM Symposium on Operating Systems Principles (SOSP), pages 423--440, Shanghai, China, Oct. 2017.

Digital Library

[27]

J.-M. Valin and J. Skoglund. A real-time wideband neural vocoder at 1.6 kb/s using LPCNet. arXiv:1903.12087 [eess.AS], Mar. 2019. Available at https://arxiv.org/abs/1903.12087.

[28]

J.-M. Valin and K. Vos. Updates to the Opus audio codec. RFC 8251, RFC Editor, Oct. 2017. URL https://tools.ietf.org/html/rfc8251.

[29]

J.-M. Valin, K. Vos, and T. Terriberry. Definition of the Opus audio codec. RFC 6716, RFC Editor, Sept. 2012. URL https://tools.ietf.org/html/rfc6716.

[30]

J. van den Hooff, D. Lazar, M. Zaharia, and N. Zeldovich. Vuvuzela: Scalable private messaging resistant to traffic analysis. In Proceedings of the 25th ACM Symposium on Operating Systems Principles (SOSP), pages 137--152, Monterey, CA, Oct. 2015.

Digital Library

[31]

P. Winter, R. Köwer, M. Mulazzani, M. Huber, S. Schrittwieser, S. Lindskog, and E. Weippl. Spoiled onions: Exposing malicious Tor exit relays. In Proceedings of the 14th Privacy Enhancing Technologies Symposium, pages 304--331, Amsterdam, Netherlands, July 2014.

[32]

D. I. Wolinsky, H. Corrigan-Gibbs, B. Ford, and A. Johnson. Dissent in numbers: Making strong anonymity scale. In Proceedings of the 10th USENIX Symposium on Operating Systems Design and Implementation (OSDI), pages 179--192, Hollywood, CA, Oct. 2012.

Cited By

Chandran GDemuth KEdalatnejad KLinsner SReuter CSchneider TAyday EVaidya J(2024)Encrypted MultiChannel Communication (EMC2): Johnny Should Use Secret SharingProceedings of the 23rd Workshop on Privacy in the Electronic Society10.1145/3689943.3695051(34-39)Online publication date: 20-Nov-2024
https://dl.acm.org/doi/10.1145/3689943.3695051
Liu SChen LFu Y(2024)Periscoping: Private Key Distribution for Large-Scale MixnetsIEEE INFOCOM 2024 - IEEE Conference on Computer Communications10.1109/INFOCOM52122.2024.10621274(681-690)Online publication date: 20-May-2024
https://doi.org/10.1109/INFOCOM52122.2024.10621274
Nelson BPagnin EAskarov A(2024)Metadata Privacy Beyond Tunneling for Instant Messaging2024 IEEE 9th European Symposium on Security and Privacy (EuroS&P)10.1109/EuroSP60621.2024.00044(697-723)Online publication date: 8-Jul-2024
https://doi.org/10.1109/EuroSP60621.2024.00044
Show More Cited By

Recommendations

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

SOSP '19: Proceedings of the 27th ACM Symposium on Operating Systems Principles

October 2019

615 pages

ISBN:9781450368735

DOI:10.1145/3341301

General Chairs:
Tim Brecht
University of Waterloo
,
Carey Williamson
University of Calgary

Copyright © 2019 Owner/Author.

This work is licensed under a Creative Commons Attribution International 4.0 License.

Sponsors

SIGOPS: ACM Special Interest Group on Operating Systems

In-Cooperation

USENIX Assoc: USENIX Assoc

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 27 October 2019

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Qualifiers

Research-article

Conference

SOSP '19

Sponsor:

SIGOPS

SOSP '19: ACM SIGOPS 27th Symposium on Operating Systems Principles

October 27 - 30, 2019

Ontario, Huntsville, Canada

Acceptance Rates

Overall Acceptance Rate 174 of 961 submissions, 18%

Upcoming Conference

SOSP '25

Sponsor:
sigops

ACM SIGOPS 31st Symposium on Operating Systems Principles

October 13 - 16, 2025

Seoul , Republic of Korea

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

14
Total Citations
View Citations
1,344
Total Downloads

Downloads (Last 12 months)166
Downloads (Last 6 weeks)27

Reflects downloads up to 20 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Chandran GDemuth KEdalatnejad KLinsner SReuter CSchneider TAyday EVaidya J(2024)Encrypted MultiChannel Communication (EMC2): Johnny Should Use Secret SharingProceedings of the 23rd Workshop on Privacy in the Electronic Society10.1145/3689943.3695051(34-39)Online publication date: 20-Nov-2024
https://dl.acm.org/doi/10.1145/3689943.3695051
Liu SChen LFu Y(2024)Periscoping: Private Key Distribution for Large-Scale MixnetsIEEE INFOCOM 2024 - IEEE Conference on Computer Communications10.1109/INFOCOM52122.2024.10621274(681-690)Online publication date: 20-May-2024
https://doi.org/10.1109/INFOCOM52122.2024.10621274
Nelson BPagnin EAskarov A(2024)Metadata Privacy Beyond Tunneling for Instant Messaging2024 IEEE 9th European Symposium on Security and Privacy (EuroS&P)10.1109/EuroSP60621.2024.00044(697-723)Online publication date: 8-Jul-2024
https://doi.org/10.1109/EuroSP60621.2024.00044
Das DMeiser SMohammadi EKate A(2024)Divide and Funnel: A Scaling Technique for Mix-Networks2024 IEEE 37th Computer Security Foundations Symposium (CSF)10.1109/CSF61375.2024.00031(49-64)Online publication date: 8-Jul-2024
https://doi.org/10.1109/CSF61375.2024.00031
Coijanovic CStark ASchadt DStrufe T(2024)Pirates: Anonymous Group Calls over Fully Untrusted InfrastructureInformation Security and Privacy10.1007/978-981-97-5101-3_11(193-212)Online publication date: 15-Jul-2024
https://doi.org/10.1007/978-981-97-5101-3_11
Hugenroth DBeresford ACalandrino JTroncoso C(2023)Powering privacyProceedings of the 32nd USENIX Conference on Security Symposium10.5555/3620237.3620541(5431-5448)Online publication date: 9-Aug-2023
https://dl.acm.org/doi/10.5555/3620237.3620541
Nunes VBrás JCarvalho ABarradas DGallagher KSantos N(2023)Enhancing the Unlinkability of Circuit-Based Anonymous Communications with k-FunnelsProceedings of the ACM on Networking10.1145/36291401:CoNEXT3(1-26)Online publication date: 28-Nov-2023
https://dl.acm.org/doi/10.1145/3629140
Hasselquist DJohansson NCarlsson NRegazzoni FFournaris A(2023)Now is the Time: Scalable and Cloud-supported Audio Conferencing using End-to-End Homomorphic EncryptionProceedings of the 2023 on Cloud Computing Security Workshop10.1145/3605763.3625245(41-53)Online publication date: 26-Nov-2023
https://dl.acm.org/doi/10.1145/3605763.3625245
Schatz DRossberg MSchaefer G(2023)Evaluating Statistical Disclosure Attacks and Countermeasures for Anonymous Voice CallsProceedings of the 18th International Conference on Availability, Reliability and Security10.1145/3600160.3600186(1-10)Online publication date: 29-Aug-2023
https://dl.acm.org/doi/10.1145/3600160.3600186
Jiang PWang QWu YWang CMeng WJensen CCremers CKirda E(2023)Poster: Metadata-private Messaging without CoordinationProceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security10.1145/3576915.3624385(3615-3617)Online publication date: 15-Nov-2023
https://dl.acm.org/doi/10.1145/3576915.3624385
Show More Cited By

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Table of Contents