To evaluate privacy and confidentiality in Hyperledger blockchain systems we look at toward Riposte, a new system for anonymous broadcast messaging.
Riposte is the first such system, to our knowledge, that simultaneously protects against traffic-analysis attacks, prevents anonymous denial-of service by malicious clients, and scales to million-user anonymity sets. To achieve these properties, Riposte makes novel use of techniques used in systems for private information retrieval and secure multi-party computation. For latency-tolerant workloads with many more readers than writers (e.g. Twitter, Wikileaks), we demonstrate that a three-server Riposte cluster can build an anonymity set of 2,895,216 users in 32 hours. paper
# 1 Introduction # 2 Goals and Problem Statement 2.1 System Goals 2.2 Threat Model 2.3 Security Goals 2.4 Intersection Attacks # 3 System Architecture 3.1 A First-Attempt Construction: Toy Protocol 3.2 Collisions 3.3 Forward Security # 4 Improving Bandwidth Efficiency with Distributed Point Functions 4.1 Definitions 4.2 Applying Distributed Point Functions for Bandwidth Efficiency 4.3 A Two-Server Scheme Tolerating One Malicious Server 4.4 An s-Server Scheme Tolerating s − 1 Malicious Servers # 5 Preventing Disruptors 5.1 Three-Server Protocol 5.2 Zero Knowledge Techniques # 6 Experimental Evaluation 6.1 Three-Server Protocol 6.2 s-Server Protocol 6.3 Discussion: Whistleblowing and Microblogging with Million-User Anonymity Sets # 7 Related Work # 8 Conclusion and Open Questions