Private Communication Against a Dictator
Anamorphic Encryption: Private Communication against a Dictator. Giuseppe Persiano, Duong Hieu Phan, Moti Yung - EUROCRYPT '22
Cryptography has a profound impact on Society, dealing with one of the most basic human rights - privacy. Our work aims to protect privacy in the most critical situation, when cryptographic keys and messages are controlled by an all-powerful dictator.
Cryptography has come under attack by the so-called "Crypto Wars," as it is seen as a way to provide privacy also to outlaws, possibly facilitating illicit activities. Hence some states’ organizations and BigTech prefer not to employ Cryptography’s full power (e.g., employ escrow encryption where the authorities hold a copy of the private decryption key)! It has been argued by technologists, cryptographers, privacy advocates, policy experts, and others that limiting Cryptography could have dire societal and economic consequences (with much greater negative impact on Society than the abuse such limiting attempts to control).
Cryptographers have been very active in proposing solutions that try to strike a balance between individual privacy and Society's right to prosecute crimes. Though such proposals might work in a Democracy (where independent citizen rights organizations exist), they will be easily exploited by a Dictator to establish a firm control on communication, thus limiting or suppressing personal privacy.
Anamorphic encryption aims to protect individual privacy under dictatorship (and showing the futility of such limitations at any setting, like escrow encryption). It provides citizens access to private communication using the implemented cryptosystem itself, even in the presence of a Dictator that requests access to all the systems' decryption keys and dictates all messages. The aim is to demonstrate the limited usefulness of severely damaging the use of Cryptography. The central idea of anamorphic encryption is that the functionality of encryption is fundamentally allowing one to bypass the escrow process. Namely, allowing a cryptosystem to be used, that cryptosystem has a self-anti-censorship property that allows one to fool the Dictator to believe it gets all messages, but in fact it does not! This adds a direct and inherent cryptographic dimension to prior policy (i.e., who should in principle have potential access to messages and when) and general security arguments (i.e., like the actual security of private storage) on why limiting cryptography is not a good idea. It seems that the direct fundamental answer Anamorphic encryption gives to the basic privacy dilemma (personal privacy vs. authority power) is the ultimate answer to the technical debate.
In more details: Cryptography relies on two assumptions that, even though are well justified, become invalid under a dictator:
We show that even if these two assumptions are invalid (a dictator gets the keys of the receiver or dictates messages!) there is, nevertheless, a covert way within the cryptosystem in use for a sender to piggyback secure messages which are, in spite of the stringent dictator conditions, hidden from the dictator itself!
Given these results, new fundamental properties of cryptography were revealed, and one can conjecture that the "Crypto Wars" are possibly futile (i.e., allowing the functionality of encryption allows the shadow functionality of bypassing key escrow and the shadow functionality of sending secrets on top of dictated messages). Anamorphic Cryptography aims to show the above technically and calls for showing this more broadly.
| Conference | Count | Years |
|---|---|---|
| EUROCRYPT | 7 | 2022, 2024 ×2, 2025 ×2, 2026 ×2 |
| CRYPTO | 5 | 2023, 2024 ×2, 2026 ×2 |
| ASIACRYPT | 4 | 2023, 2024 ×2, 2025 |
| PoPETs | 1 | 2023 |
| ESORICS | 1 | 2025 |
| PKC | 1 | 2026 |
| Journals (Springer) | 2 | Sci. China Inf. Sci.; J. King Saud Univ. – CIS |
| APKC Workshop (ACM ASIACCS) | 2 | 2026 ×2 |
| Springer Encyclopedia | 1 | Encyclopedia of Cryptography, Security and Privacy |
| Total | 24 |
| Country | Institutions | Researchers | Papers involved |
|---|---|---|---|
| 🇮🇹 Italy | Università di Salerno Università di Catania |
Giuseppe Persiano, Gennaro Avitabile, Vincenzo Botta, Marcin Mielniczuk, Ivan Visconti (Salerno); Dario Catalano, Francesco Migliaro, Davide Carnemolla (Catania); Daniele Venturi, Daniele Friolo (Sapienza Rome) |
12 |
| 🇺🇸 USA | Google Columbia University Courant Institute of Mathematical Sciences (New York University) Georgia Institute of Technology Purdue University Texas A&M University |
Moti Yung (Google + Columbia); Giuseppe Persiano (Google); Joseph Jaeger, Roy Stracovsky, Vassilis Zikas, Wonseok Choi, Xiangyu Liu (Georgia Tech); Daniel Collins (Texas A&M); Yevgeniy Dodis, Eli Goldin (NYU) |
10 |
| 🇫🇷 France | Telecom Paris, Institut Polytechnique de Paris Zama |
Duong Hieu Phan (Telecom Paris); Amit Deo, Benoît Libert (Zama) |
7 |
| 🇪🇸 Spain | IMDEA Software Institute Universidad Politécnica de Madrid |
Emanuele Giunta (IMDEA + UPM) | 4 |
| 🇨🇳 China | National University of Defense Technology (NUDT) HKUST (Guangzhou) Shanghai Jiao Tong University State Key Laboratory of Cryptology |
Yi Wang, Rongmao Chen, Yifan Yang (NUDT); Xinyi Huang (HKUST Guangzhou); Weihao Wang, Shuai Han, Shengli Liu (SJTU); Weiqi Wang, Yubo Zheng, Peng Xu, Wei Wang (HUST); Zhang Yanshuo et al. (BESTI); Jianting Ning (Guangzhou Univ.) |
7 |
| 🇨🇭 Switzerland | ETH Zurich Zühlke Engineering AG |
Konstantin Gegier, Martin Hirt, Ueli Maurer, Guilherme Rito (ETH Zurich); Fabio Banfi (Zühlke Engineering AG) |
1 |
| 🇩🇪 Germany | Karlsruhe Institute of Technology (KIT) Universität der Bundeswehr München |
Shalini Banerjee, Tapas Pal, Chuanwei Lin (KIT); Daniel Slamanig (Bundeswehr München); Lucjan Hanzlik, Khue Do (CISPA, Saarbrücken) |
4 |
| 🇵🇱 Poland | Wroclaw University of Science and Technology | Miroslaw Kutylowski, Marcin Zawada (Wrocław UST); Adrian Cinal, Przemysław Kubiak, Gabriel Wechta (NASK Warsaw) |
4 |
| 🇻🇳 Vietnam | Institute of Cryptography Science and Technology, Hanoi | Xuan Thanh Do | 1 |
| 🇱🇺 Luxembourg | University of Luxembourg | Andy Rupp, Mohammadamin Rakeei, Gabriele Lenzini | 3 |
| 🇮🇳 India | Indian Institute of Technology Kharagpur TCG CREST, Kolkata |
Nabanita Chakraborty, Ratna Dutta (IIT Kharagpur); Sayantan Ganguly, Shion Samadder Chaudhury (TCG CREST) |
3 |
| 🇩🇰 Denmark | IT University of Copenhagen | Rosario Giustolisi | 2 |
| 🇦🇺 Australia | University of Sydney Griffith University University of Wollongong |
Sri AravindaKrishnan Thyagarajan (Sydney); Leo Yu Zhang (Griffith); Rupeng Yang, Zuoxia Yu, Willy Susilo (Wollongong) |
3 |
| 🇯🇵 Japan | University of Tokyo AIST |
Yuichi Tanishita, Kanta Matsuura (Tokyo); Takahiro Matsuda (AIST) |
2 |
| 🇭🇰 Hong Kong | The University of Hong Kong The Hong Kong Polytechnic University |
Zhikang Xie (HKU); Man Ho Au (PolyU) |
1 |
| 🇧🇷 Brazil | Universidade Federal de Santa Catarina | Lucas Mayr, João Gabriel Feres, Bruno Bianchi Pagani, Ricardo Custódio | 1 |
| 🇬🇧 UK | Edinburgh Napier University | William J. Buchanan, Jamie Gilchrist | 1 |
| 🇦🇹 Austria | AIT Austrian Institute of Technology | Stephan Krenn | 1 |