More Like this

1. Addra: Metadata-private voice communication over fully untrusted infrastructure

   Ahmad, Ishtiyaque ; Yang, Yuntian ; Agrawal, Divyakant ; El Abbadi, Amr ; Gupta, Trinabh ( July 2021 , 15th USENIX Symposium on Operating Systems Design and Implementation, OSDI2021, July 14-16, 2021)

   Metadata from voice calls, such as the knowledge of who is communicating with whom, contains rich information about people’s lives. Indeed, it is a prime target for powerful adversaries such as nation states. Existing systems that hide voice call metadata either require trusted intermediaries in the network or scale to only tens of users. This paper describes the design, implementation, and evaluation of Addra, the first system for voice communication that hides metadata over fully untrusted infrastructure and scales to tens of thousands of users. At a high level, Addra follows a template in which callers and callees deposit and retrieve messages from private mailboxes hosted at an untrusted server. However, Addra improves message latency in this architecture, which is a key performance metric for voice calls. First, it enables a caller to push a message to a callee in two hops, using a new way of assigning mailboxes to users that resembles how a post office assigns PO boxes to its customers. Second, it innovates on the underlying cryptographic machinery and constructs a new private information retrieval scheme, FastPIR, that reduces the time to process oblivious access requests for mailboxes. An evaluation of Addra on a cluster of 80 machines on AWS demonstrates that it can serve 32K users with a 99-th percentile message latency of 726 ms—a 7✕ improvement over a prior system for text messaging in the same threat model. 

   more » « less
2. Retweeting Risk Communication: The Role of Threat and Efficacy

   https://doi.org/10.1111/risa.13140  

   Vos, Sarah C. ; Sutton, Jeannette ; Yu, Yue ; Renshaw, Scott Leo ; Olson, Michele K. ; Gibson, C. Ben ; Butts, Carter T. ( August 2018 , Risk Analysis)

   Social media platforms like Twitter and Facebook provide risk communicators with the opportunity to quickly reach their constituents at the time of an emerging infectious disease. On these platforms, messages gain exposure through message passing (called “sharing” on Facebook and “retweeting” on Twitter). This raises the question of how to optimize risk messages for diffusion across networks and, as a result, increase message exposure. In this study we add to this growing body of research by identifying message‐level strategies to increase message passing during high‐ambiguity events. In addition, we draw on the extended parallel process model to examine how threat and efficacy information influence the passing of Zika risk messages. In August 2016, we collected 1,409 Twitter messages about Zika sent by U.S. public health agencies’ accounts. Using content analysis methods, we identified intrinsic message features and then analyzed the influence of those features, the account sending the message, the network surrounding the account, and the saliency of Zika as a topic, using negative binomial regression. The results suggest that severity and efficacy information increase how frequently messages get passed on to others. Drawing on the results of this study, previous research on message passing, and diffusion theories, we identify a framework for risk communication on social media. This framework includes four key variables that influence message passing and identifies a core set of message strategies, including message timing, to increase exposure to risk messages on social media during high‐ambiguity events.

    

   more » « less
3. Can We Break Symmetry with o(m) Communication?

   https://doi.org/10.1145/3465084  

   Pai, Shreyas ; Pandurangan, Gopal ; Pemmaraju, Sriram ; Robinson, Peter ( July 2021 , PODC'21: Proceedings of the 2021 ACM Symposium on Principles of Distributed Computing)

   null (Ed.)

   We study the communication cost (or message complexity) of fundamental distributed symmetry breaking problems, namely, coloring and MIS. While significant progress has been made in understanding and improving the running time of such problems, much less is known about the message complexity of these problems. In fact, all known algorithms need at least Ω(m) communication for these problems, where m is the number of edges in the graph. We addressthe following question in this paper: can we solve problems such as coloring and MIS using sublinear, i.e., o(m) communication, and if sounder what conditions? In a classical result, Awerbuch, Goldreich, Peleg, and Vainish [JACM 1990] showed that fundamental global problems such asbroadcast and spanning tree construction require at least o(m) messages in the KT-1 Congest model (i.e., Congest model in which nodes have initial knowledge of the neighbors' ID's) when algorithms are restricted to be comparison-based (i.e., algorithms inwhich node ID's can only be compared). Thirty five years after this result, King, Kutten, and Thorup [PODC 2015] showed that onecan solve the above problems using Õ(n) messages (n is the number of nodes in the graph) in Õ(n) rounds in the KT-1 Congest model if non-comparison-based algorithms are permitted. An important implication of this result is that one can use the synchronous nature of the KT-1 Congest model, using silence to convey information,and solve any graph problem using non-comparison-based algorithms with Õ(n) messages, but this takes an exponential number of rounds. In the asynchronous model, even this is not possible. In contrast, much less is known about the message complexity of local symmetry breaking problems such as coloring and MIS. Our paper fills this gap by presenting the following results. Lower bounds: In the KT-1 CONGEST model, we show that any comparison-based algorithm, even a randomized Monte Carlo algorithm with constant success probability, requires Ω(n 2) messages in the worst case to solve either (△ + 1)-coloring or MIS, regardless of the number of rounds. We also show that Ω(n) is a lower bound on the number ofmessages for any (△ + 1)-coloring or MIS algorithm, even non-comparison-based, and even with nodes having initial knowledge of up to a constant radius. Upper bounds: In the KT-1 CONGEST model, we present the following randomized non-comparison-based algorithms for coloring that, with high probability, use o(m) messages and run in polynomially many rounds.(a) A (△ + 1)-coloring algorithm that uses Õ(n1.5) messages, while running in Õ(D + √ n) rounds, where D is the graph diameter. Our result also implies an asynchronous algorithm for (△ + 1)-coloring with the same message bound but running in Õ(n) rounds. (b) For any constantε > 0, a (1+ε)△-coloring algorithm that uses Õ(n/ε 2 ) messages, while running in Õ(n) rounds. If we increase our input knowledge slightly to radius 2, i.e.,in the KT-2 CONGEST model, we obtain:(c) A randomized comparison-based MIS algorithm that uses Õ(n 1.5) messages. while running in Õ( √n) rounds. While our lower bound results can be viewed as counterparts to the classical result of Awerbuch, Goldreich, Peleg, and Vainish [JACM 90], but for local problems, our algorithms are the first-known algorithms for coloring and MIS that take o(m) messages and run in polynomially many rounds. 

   more » « less
4. Broadcasting in Noisy Radio Networks

   https://doi.org/10.1145/3087801.3087808  

   Censor-Hillel, Keren ; Haeupler, Bernhard ; Hershkowitz, D. Ellis ; Zuzic, Goran ( October 2017 , ACM SIGACT-SIGOPS Symposium on Principles of Distributed Computing)

   The widely-studied radio network model [Chlamtac and Kutten, 1985] is a graph-based description that captures the inherent impact of collisions in wireless communication. In this model, the strong assumption is made that node v receives a message from a neighbor if and only if exactly one of its neighbors broadcasts. We relax this assumption by introducing a new noisy radio network model in which random faults occur at senders or receivers. Specifically, for a constant noise parameter p ∈ [0,1), either every sender has probability p of transmitting noise or every receiver of a single transmission in its neighborhood has probability p of receiving noise. We first study single-message broadcast algorithms in noisy radio networks and show that the Decay algorithm [Bar-Yehuda et al., 1992] remains robust in the noisy model while the diameter-linear algorithm of Gasieniec et al., 2007 does not. We give a modified version of the algorithm of Gasieniec et al., 2007 that is robust to sender and receiver faults, and extend both this modified algorithm and the Decay algorithm to robust multi-message broadcast algorithms, broadcasting Ω(1/log n log log n) and Ω(1/log n) messages per round, respectively. We next investigate the extent to which (network) coding improves throughput in noisy radio networks. In particular, we study the coding cap -- the ratio of the throughput of coding to that of routing -- in noisy radio networks. We address the previously perplexing result of Alon et al. 2014 that worst case coding throughput is no better than worst case routing throughput up to constants: we show that the worst case throughput performance of coding is, in fact, superior to that of routing -- by a Θ(log(n)) gap -- provided receiver faults are introduced. However, we show that sender faults have little effect on throughput. In particular, we show that any coding or routing scheme for the noiseless setting can be transformed to be robust to sender faults with only a constant throughput overhead. These transformations imply that the results of Alon et al., 2014 carry over to noisy radio networks with sender faults as well. As a result, if sender faults are introduced then there exist topologies for which there is a Θ(log log n) gap, but the worst case throughput across all topologies is Θ(1/log n) for both coding and routing. 

   more » « less
5. ExTru: A Lightweight, Fast, and Secure Expirable Trust for the Internet of Things

   https://doi.org/10.1109/DCAS51144.2020.9330632  

   Kamali, Hadi M ; Azar, Kimia Z ; Roshanisefat, Shervin ; Vakil, Ashkan ; Homayoun, Houman ; Sasan, Avesta ( November 2020 , 2020 IEEE 14th Dallas Circuits and Systems Conference (DCAS))

   null (Ed.)

   The resource-constrained nature of the Internet of Things (IoT) edges, poses a challenge in designing a secure and high-performance communication for this family of devices. Although side-channel resistant ciphers (either block or stream) could guarantee the security of the communication, the energy intensive nature of these ciphers makes them undesirable for lightweight IoT solutions. In this paper, we introduce ExTru, an encrypted communication protocol based on stream ciphers that adds a configurable switching & toggling network (CSTN) to not only boost the performance of the communication in these devices, it also consumes far less energy than the conventional side-channel resistant ciphers. Although the overall structure of the proposed scheme is leaky against physical attacks, we introduce a dynamic encryption mechanism that removes this vulnerability. We demonstrate how each communicated message in the proposed scheme reduces the level of trust. Accordingly, since a specific number of messages, N, could break the communication and extract the key, by using the dynamic encryption mechanism, ExTru can re-initiate the level of trust periodically after T messages where T <; N, to protect the communication against side-channel and scan-based attacks (e.g. SAT attack). Furthermore, we demonstrate that by properly configuring the value of T, ExTru not only increases the strength of security from per “device” to per “message”, it also significantly improves energy saving as well as throughput vs. an architecture that only uses a conventional side-channel resistant block/stream cipher. 

   more » « less