Metadata-private messaging designs that scale to support millions of users are rigid: they limit users to a single device that is online all the time and transmits on short regular intervals, and require users to choose precisely when each of their buddies can message them. These requirements induce high network and energy costs for the clients, restricting users to communicate via one powerful device, like their desktop. Groove is the first scalable metadata-private messaging system that gives users flexibility: it supports users with multiple devices, allows them to message buddies at any time, even when those buddies are offline, and conserves the user's device bandwidth and energy. Groove offers flexibility by introducing oblivious delegation, where users designate an untrusted service provider to participate in rigid mechanisms of metadata-private communication. It provides differential privacy guarantees on par with rigid systems like Stadium and Karaoke. An evaluation of a Groove prototype on AWS with 100 servers, distributed across four data centers on two continents, demonstrates that it can achieve 32 s of latency for 1 million users with 50 buddies in their contact lists. Experiments with a client running on a Pixel 4 smartphone show that it uses about 100 MB/month of bandwidth and increases battery consumption by 50 mW (+16%) compared to an idle smartphone. These measurements show that Groove makes it realistic to hide messaging metadata on a mobile device.
|Original language||American English|
|Title of host publication||Proceedings of the 16th USENIX Symposium on Operating Systems Design and Implementation, OSDI 2022|
|Number of pages||16|
|State||Published - 2022|
|Event||16th USENIX Symposium on Operating Systems Design and Implementation, OSDI 2022 - Carlsbad, United States|
Duration: 11 Jul 2022 → 13 Jul 2022
|Name||Proceedings of the 16th USENIX Symposium on Operating Systems Design and Implementation, OSDI 2022|
|Conference||16th USENIX Symposium on Operating Systems Design and Implementation, OSDI 2022|
|Period||11/07/22 → 13/07/22|
Bibliographical noteFunding Information:
The authors thank Gil Segev and Bryan Ford for helpful discussions, and our shepherd, Natacha Crooks. This work was supported, in part, by the Alon fellowship, the Hebrew University cybersecurity research center, and gifts from Microsoft and Google.
© 2022 by The USENIX Association. All rights reserved.