Katzenpost
Observation resistant secure messaging layer
Secure messaging is among the most fundamental privacy challenges of today. While there are meanwhile several widely used offerings that can encrypt instant messages you send to others, there are very few reliable options that are able to keep others from finding out who you were communicating with - and when. The most popular end-to-end messaging application do not adequately protect the identities of who-is-talking-to-who from the infrastructure operators. Katzenpost aims to offer a traffic analysis resistant messaging layer that allows all the participants in the network to have significantly more privacy than other mechanisms. It offers a decentralized mixnet architecture that works similarly to onion routing, where message routing information is encrypted, and differs in that each message is a fixed size, has random forwarding delays, and is accompanied by cover traffic messages to frustrate passive traffic analysis. The project aims to be a building block for other to build applications on, lowering the threshold for existing applications to benefit from increased privacy and confidentiality.
- The project's own website: https://katzenpost.mixnetworks.org
Why does this actually matter to end users?
One of the things people enjoy the most about the internet, is that it enables them to talk to others remotely almost without limit. Internet allows anyone connected to keep closely connected with friends and family, and help their kids solve a math problem while they are at work. People collaborate with their colleagues from the couch of their living room, the cafe where they enjoy lunch or on their cell phone on the bus to the gym. Businesses can easily service their customers where this is most convenient to them, without having to travel themselves. This is so convenient, that some businesses have already moved entirely online. Internet communication has become the nerve center of whole neighbourhoods, where people watch over the possessions of their neighbours while these are away for work or leisure.
However, users have a hard time to understand how privacy is impacted if they use the wrong technology. Because internet works almost everywhere, the natural privacy protection of the walls of a house, a school or an office is gone. Unlike the traditional phone companies, many of the large technology providers run their business not on delivering an honest service but on secretly eavesdropping on their users and selling information to others. It is mostly not about what you say, so it is relatively easy for providers to allow some form of privacy by encrypting messages. The more interesting parts are who talks to whom, when, and where they are in the real world while they meet on the internet. if you want to be reachable across the internet, you have to constantly let the communication provider follow you wherever you go. This makes the private and professional lives of citizens an open book to companies that with the help of AI and other technologies make billions from selling 'hidden data' normal people are completely unaware of even exists. And of course in societies that are not so democratic, this type of information is critical to bring down opposition and stifle human rights.
End-to-end encryption has become more commonplace with major online messaging and communication tools, but encoding what you say to your friends online does not mean that the service provider cannot see who you contacted, when, from where. This metadata might be even more important than the content of an online conversation. If you want to profile or track someone, you can get a lot of information from the people they talk to, where they come from, who their friends are, etcetera. Katzenpost is a free software project that creates a decentralized and anonymous communication system and with this proposal, will add a security layer that prevents traffic analysis. Through traffic analysis third parties can intercept and examine messages to find out certain patterns, for example who is speaking to who, even though everything is encrypted. Resisting traffic analysis is an important effort to ensure users actually private communication. This project aims to advance the state of art and provide a concrete building block for other applications to use and make their application more secure and private.
This project was funded through the NGI0 PET Fund, a fund established by NLnet with financial support from the European Commission's Next Generation Internet programme, under the aegis of DG Communications Networks, Content and Technology under grant agreement No 825310.