Mixclave Networks: Building Mixnets with Hardware Enclaves

Mark Theis

EECS Department, University of California, Berkeley

Technical Report No. UCB/EECS-2023-67

May 5, 2023

http://www2.eecs.berkeley.edu/Pubs/TechRpts/2023/EECS-2023-67.pdf

All secure messaging systems protect the content and integrity of users' messages, but the oblivious routing of messages concealing who communicates with whom (metadata-private messaging) is increasingly crucial for privacy. Existing techniques conceal routing metadata using mix networks (mixnets) made up of multiple nodes that batch and forward traffic to confound traffic analysis. State-of-the-art mix networks remain resilient to a passive global adversary even as attackers compromise up to 20% of the mix nodes. As infrastructure moves to the cloud, threat models for metadata-private messaging must assume an adversary that is both active and even present on machines routing user data. This paper proposes Mixclaves, a scalable, metadata-private messaging architecture that builds on hardware enclaves to provide a cost-efficient, low-latency mixnet implementation deployable in public clouds. Building on stronger guarantees provided by enclaves not only simplifies the implementation of mixnets, it also admits novel features and lower operating costs. Compared to Loopix and Groove, two popular mixnet implementations, mixclaves are 54% cheaper on cost to achieve the same message throughput.

Advisors: Scott Shenker

BibTeX citation:

@mastersthesis{Theis:EECS-2023-67,
    Author= {Theis, Mark},
    Title= {Mixclave Networks: Building Mixnets with Hardware Enclaves},
    School= {EECS Department, University of California, Berkeley},
    Year= {2023},
    Month= {May},
    Url= {http://www2.eecs.berkeley.edu/Pubs/TechRpts/2023/EECS-2023-67.html},
    Number= {UCB/EECS-2023-67},
    Abstract= {All secure messaging systems protect the content and integrity of users' messages, but the oblivious routing of messages concealing who communicates with whom (metadata-private messaging) is increasingly crucial for privacy. Existing techniques conceal routing metadata using mix networks (mixnets) made up of multiple nodes that batch and forward traffic to confound traffic analysis. State-of-the-art mix networks remain resilient to a passive global adversary even as attackers compromise up to 20% of the mix nodes. As infrastructure moves to the cloud, threat models for metadata-private messaging must assume an adversary that is both active and even present on machines routing user data. This paper proposes Mixclaves, a scalable, metadata-private messaging architecture that builds on hardware enclaves to provide a cost-efficient, low-latency mixnet implementation deployable in public clouds. Building on stronger guarantees provided by enclaves not only simplifies the implementation of mixnets, it also admits novel features and lower operating costs. Compared to Loopix and Groove, two popular mixnet implementations, mixclaves are 54% cheaper on cost to achieve the same message throughput.},
}

EndNote citation:

%0 Thesis
%A Theis, Mark 
%T Mixclave Networks: Building Mixnets with Hardware Enclaves
%I EECS Department, University of California, Berkeley
%D 2023
%8 May 5
%@ UCB/EECS-2023-67
%U http://www2.eecs.berkeley.edu/Pubs/TechRpts/2023/EECS-2023-67.html
%F Theis:EECS-2023-67