Click to Skip Ad
Closing in...

MIT researchers create ‘untraceable’ text messaging that’s even more secure than Tor

Published Dec 11th, 2015 7:34PM EST
MIT Untraceable SMS Text Messaging
Image: Jaren Wilkey/BYU

If you buy through a BGR link, we may earn an affiliate commission, helping support our expert product labs.

Given recent news that popular online anonymity tool Tor might not be as completely secure as many of us had assumed, we were intrigued to see that some researchers at MIT are now claiming that they’ve created a way to send completely “untraceable” text messages. A team at MIT’s Computer Science and Artificial Intelligence Laboratory (CSAIL) has developed a text messaging system that they say “provides a strong mathematical guarantee of user anonymity, while, according to experimental results, permitting the exchange of text messages once a minute or so.”

FROM EARLIER: Cable providers still have no answer for Netflix as cord-cutting accelerates

The researchers have named the system “Vuvuzela,” which is a reference to the noise-making devices used by fans at football matches around the world. The idea behind the system is that, like a stadium full of vuvuzelas, it creates a lot of spurious “noise” that makes it difficult to pinpoint the sound being made by any individual vuvuzela.

In its basic structure, the system sends messages through three different servers that are each designed to unwrap three different levels of encryption. While this obviously makes it harder for someone to intercept a message and to see its sender and recipient, CSAIL says that an adversary who compromises the integrity of the first server can still “know that two users whose messages reached the first server within some window of time have been talking.”

And this is where they so-called vuvuzela techniques help. When the first server receives a message, it will simultaneously send out a series of “dummy” messages to other locations with encrypted destinations. Once the second server receives the actual message, it also sends out its own dummy messages at the same time it passes on the message to the third server.

The idea here is that even if a person has compromised part of the process, they will still find it impossible to discern who is sending and receiving messages.

“So statistically, it’s almost impossible for the adversary to determine even whether any of the messages arriving within the same time window ended up at the same destination,” CSAIL explains. “Those statistical guarantees hold even if two of the three servers are infiltrated. As long as one of them remains uncompromised, the system works.”

Read more about this new text messaging system for yourself at this link.

Brad Reed
Brad Reed Staff Writer

Brad Reed has written about technology for over eight years at BGR.com and Network World. Prior to that, he wrote freelance stories for political publications such as AlterNet and the American Prospect. He has a Master's Degree in Business and Economics Journalism from Boston University.