Introduction

A company running a social networking website would like to develop a private discussion system to allow a group of users to participate in an online discussion on some sensitive issues. To encourage an open discussion, it is important to enable these users or group members to freely express their opinions without revealing their real identities. This means that an anonymous discussion system is needed to protect the privacy of the users.

To develop the above system, the company has defined a set of requirements, including those listed below which are particularly relevant to this coursework:

(a) A particular user can register as a group leader who is responsible for selecting a discussion topic and managing the group membership.

(b) For the discussion credibility and transparency, every user, who wishes to participate in the discussion, must register with the group leader in order to become a member of the group, where the group leader must authenticate the user based on their real identity. Each group member is allowed to know the real identities of all the other registered users within the group.

(c) Each group member can send messages to all the other group members anonymously. This is done by anonymously creating a sessional/temporary user account with a unique pseudo username and a password for each registered group member in such a way that no single party (a group member, a system or the group leader) can link the real identity of any other group member to their pseudonym. Every group member can then communicate with the others in the group under their pseudo name.

Note that due to licence and cost issues, the company has ruled out the direct use of any existing systems/applications (e.g., Kerberos, PGP, IPSec and SSL/TLS) and decided to go for the development of an in-house solution for the above discussion system.

Detail of the task

You are required to participate in the design of the anonymous discussion system described above in the Introduction section. You can assume the availability of any cryptosystems you need for the design, and document all the results obtained from each of the following tasks assigned to you:

Propose a communication protocol for the group membership registration and anonymous account creation for a user, and describe what assumptions you have made and how the proposed protocol operates.

Note that the protocol should consist of messages transferred step by step between different parties/entities involved, where the details of all the data items sent in each message must be clearly defined.

You can assume that there exists a trusted server for assistance in the process of anonymous user account creation, but the server must not be able to link the pseudo username of an anonymous account to the real identity of its associated group member.

Analyse the security of your proposed protocol in detail to show how the protocol achieves the following security properties:

Authenticity described in requirement (b) in the Introduction section, including the authenticity of each protocol message, and

Anonymity stated in requirement (c) in the Introduction section. This is an individual coursework, so it must be completed independently.

Assessment Criteria for Part1

(a) Statement of assumptions made (b) Design of methods used in the protocol (c) Definition of data items used in the protocol (d) Definition of messages in the protocol (e) Protocol explanation

Assessment Criteria for Part2

(a) Protocol analysis for authenticity (b) Protocol analysis for anonymity

notes : 1- The assumptions cannot compromise/weaken the authenticity and anonymity requirements stated.

2- design by yourself how you achieve confidentiality, authenticity and anonymity using only asymmetric/symmetric crypto algorithms

3- You need to define your protocol messages in a style similar to the one used by the Kerberos protocol. You need to define the messages of your own protocol using notations, not just descriptions. Have a look at the Kerberos protocols.

4- If an encryption is used, all its inputs including the key used must be clearly defined.

5-The protocol should satisfy both the authenticity and anonymity requirements . The anonymity requirement means that no single party, even the trusted server, can link a users pseudo ID to his/her real ID.