Dining in the Sunshine: Verifiable Anonymous Communication with Verdict

Among anonymous communication protocols, DC-nets have long held attraction for their strong security against traffic analysis. Recent work has made DC-nets more scalable and practical, but existing systems remain sensitive to DoS attacks: disruptors can anonymously "jam" communications, completely or selectively, until the group re-forms or completes a time-consuming and complex "blame" procedure. To address this constraint, we present Verdict, the first practical anonymity system implementing a proactively verifiable DC-nets protocol: participants encrypt messages in algebraic group elements, combine ciphertexts via group arithmetic, and use knowledge proofs to exclude misbehavior before it can disrupt communication. We develop and compare three different verifiable DC-nets schemes: a previously proposed, yet not implemented pairing-based approach, and two new, more efficient schemes operating in normal modular integer and elliptic curve groups. Evaluation of Verdict using microbenchmarks and trace-driven traffic loads reveals that verifiable DC-nets may be surprisingly usable for applications such as anonymous microblogging in groups with hundreds of members.