Please note: This PhD seminar will take place online.
Sajin Sasy, PhD candidate
David R. Cheriton School of Computer Science
Supervisor: Professor Ian Goldberg
Ensuring privacy of online communications remains a challenge. While the contents or data of online communications are often protected by end-to-end encryption, the metadata of communications are not. Metadata such as who is communicating with whom, how much, and how often, are leaked by popular messengers today.
In the last four decades we have witnessed a rich literature of designs towards metadata-protected communications systems (MPCS). While recent MPCS designs often target metadata-protected messaging systems, no existing construction so far could simultaneously attain four fundamental properties desirable of any messaging system; namely (i) low latency, (ii) high throughput, (iii) horizontal scalability, and (iv) asynchronicity. Existing designs often capture disjoint subsets of these properties. For instance, PIR-based approaches attain low latency and asynchronicity, but they have low throughput and lack horizontal scalability. On the other hand mixnet and Trusted Execution Environment (TEE) based approaches attain high throughput and horizontal scalability but lack asynchronicity.
In this work, we present TEEMS, the first MPCS designed for metadata-protected messaging that simultaneously achieves all the four aforementioned properties. Our TEE-based design presents a novel approach towards metadata-protected messaging through ColumnRoute, an oblivious routing protocol. Moreover, we introduce the notion of public and private channels for MPCS, an approach that helps circumvent shortcomings of prior designs. We empirically demonstrate TEEMS' ability to support a million clients engaged in metadata-protected conversations in under 1 s, with 202 cores, more than an order of magnitude improvement over prior work in terms of latency and throughput, using fewer cores, and all while supporting more properties.