> Vuvuzela is the first system that provides strong metadata privacy while scaling to millions of users. Previous systems that hide metadata using Tor (such as Pond) are prone to traffic analysis attacks.
Pardon my ignorance here, so how is something like my IP hidden from the centralized server? I would assume "strong metadata privacy" would include the most obvious metadata, IP, and keep it from the server like Tor which they compare against.
> Vuvuzela is secure against adversaries that observe and tamper with all network traffic, and that control all nodes except for one server. Vuvuzela’s key insight is to minimize the number of variables observable by an attacker, and to use
differential privacy techniques to add noise to all observable variables in a way that provably hides information about which users are communicating.
Someone watching all traffic will know that you're using Vuvuzela, but won't be able to figure out who you're communicating with. In Tor, generally if someone can see all traffic they can rapidly trace communication links-- it's encrypted, but the fact that you send packets and induce a chain of a few other packets to the target is a dead giveaway.
I understand the traffic analysis part. I'm talking about individual MITM (e.g. an ISP) or tracking DNS operators. Can my ISP tell the endpoint I'm connecting to? With Tor, my source and destination are anonymized and that provides a level of metadata privacy (strength is debatable of course). I'm wondering if Vuvuzela, whilst comparing to Tor, offers less metadata privacy on this point.
Noise to thwart traffic analysis is wholly unrelated to endpoint obfuscation.
Pardon my ignorance here, so how is something like my IP hidden from the centralized server? I would assume "strong metadata privacy" would include the most obvious metadata, IP, and keep it from the server like Tor which they compare against.