College

College of Engineering

Department

Computer Science Department

Degree Name

BS in Computer Science

Date

6-2018

Advisor(s)

Phillip L. Nico

Abstract

Even when network data is encrypted, observers can make inferences about content based on collected metadata. DeadDrop is an exploratory API designed to protect the metadata of a conversation from both outside observers and the facilitating server. To do so, DeadDrop servers are passed no recipient address, instead relying upon the recipient to check for messages of their own volition. In addition, the recipient downloads a copy of every encrypted message on the server to prevent even the server from knowing to whom each message is intended. To these purposes, DeadDrop is mostly successful. However, it does not obscure all information that can potentially be used to identify a client, and slows down quickly as the number of users and messages increases. As it is, DeadDrop can be effective in specific scenarios. Improvements could potentially solve the scaling issues, but might weaken the anonymization.

Share

COinS