View Feed
group-icon
Coffee Room
Discuss anything here - everything that you wish to discuss with fellow engineers.
12915 Members
Join this group to post and comment.

MIT Researchers Create “Vuvuzela” Messaging Platform That Hides Your Messages With Noise

A group of researchers from MIT’s Computer Science and Artificial Intelligence Laboratory (CSAIL) have created a new text messaging system called Vuvuzela which guarantees untraceable communication between two parties on the internet. Just like the plastic horn that earned it notoriety at the 2010 Football World Cup in South Africa for being too noisy, the Vuvuzela messaging system drowns the actual message in a sea of dummy messages so that a third party cannot deduce which message is being sent to which user. Apart from the dummy messages, the Vuvuzela messaging system implements other security safeguards such as a chain of three servers and encryption for transmitting data and a dead-drop server.

MIT researchers began working on the Vuvuzela messaging system when they found that existing secure messaging systems had some significant flaws that could be exploited by US government surveillance schemes that were exposed by Edward Snowden back in 2013. It’s not just the messages that needed to be obfuscated but also the metadata that needed to be scrubbed off. When you send a message through Vuvuzela it is not transmitted directly to a server, it is instead dropped in a mailbox. The receiver can get the message from this mailbox and send a reply through it. This exchange of messages happens in 10 or 20 second “rounds” which means there is a slight delay in communication. This delay makes sure that a third party never knows the exact time when a message was sent.

Vuvuzela

Every message sent through Vuvuzela is wrapped in three layers of encryption. The first server removes a layer of encryption and randomises the order of transmission to the server to hide the recipients. The second server removes the next layer and randomises the message order which makes it harder for the bad guys to know which message was sent to which user. Finally the third server removes the final layer of encryption and finds out the recipient’s memory address and delivers it. When messages move from first server to the second one the noise factor becomes evident. The server creates a huge number of dummy messages with their own encrypted destinations and instructs the second server to do the same. Any adversary cannot find out what message was or who it was sent to at which time even when they have acquired control of any of the three servers.

The team tested out their prototype which is a CPU hungry one on one of Amazon’s 36-core EC2 servers and found that with a million simulated users sending 15,000 messages every second, the latency was 44 seconds. The team found out that the results remain the same when the system is scaled for a larger user base. Once they work out the kinks, they are planning to release it for the public. To know more about this Vuvuzela, you can head over to MIT News or read the Research Paper [PDF]. You can also check out the project on GitHub and read its coverage on Gizmodo.

Share this content on your social channels -