Deniable liaisons

Abstract

People sometimes need to communicate directly with one another while concealing the communication itself. Existing systems can allow users to achieve this level of privacy in the wide-area Internet, but parties who are in close proximity (e.g., a public square or coffee shop) may want a lightweight communications channel with similar properties. Today, covert exchanges in local settings typically require the exchange of physical media or involve other forms of direct communication (e.g., conversations, blind drops); most, if not all, of these exchanges are observable: in other words, even if the message exchanges are confidential, they are not covert or deniable. We construct a local communications channel that is unobservable to everyone except the parties exchanging messages. To do so, we take advantage of the ubiquitous phenomenon of packet corruption in wireless networks, which provide deniable cover for message exchange between parties within radio range. The communicating parties use a shared secret to differentiate truly corrupted frames from those that hide messages; to other parties, messages appear as corrupted wireless frames. We tackle the challenge of designing the observable corruption patterns to ensure that an observer can neither link sender and receiver of a hidden message (unlinkability), nor determine so much as the existence of any hidden message (deniability). We present the design and implementation of a prototype system that achieves these properties using off-the-shelf 802.11 hardware, evaluate its performance, and assess its resilience to various attacks.