Privacy Pass: Bypassing Internet Challenges Anonymously

Alex Davidson 1 , Ian Goldberg 2 , Nick Sullivan 3 , George Tankersley and Filippo Valsorda
  • 1 Royal Holloway, University of London (work completed during an internship at Cloudflare), , London, UK
  • 2 University of Waterloo, , Waterloo, Belgium
  • 3 Cloudflare, San Francisco, , California, USA


The growth of content delivery networks (CDNs) has engendered centralized control over the serving of internet content. An unwanted by-product of this growth is that CDNs are fast becoming global arbiters for which content requests are allowed and which are blocked in an attempt to stanch malicious traffic. In particular, in some cases honest users-especially those behind shared IP addresses, including users of privacy tools such as Tor, VPNs, and I2P - can be unfairly targeted by attempted ‘catch-all solutions’ that assume these users are acting maliciously. In this work, we provide a solution to prevent users from being exposed to a disproportionate amount of internet challenges such as CAPTCHAs. These challenges are at the very least annoying and at their worst - when coupled with bad implementations - can completely block access from web resources. We detail a 1-RTT cryptographic protocol (based on an implementation of an oblivious pseudorandom function) that allows users to receive a significant amount of anonymous tokens for each challenge solution that they provide. These tokens can be exchanged in the future for access without having to interact with a challenge. We have implemented our initial solution in a browser extension named “Privacy Pass”, and have worked with the Cloudflare CDN to deploy compatible server-side components in their infrastructure. However, we envisage that our solution could be used more generally for many applications where anonymous and honest access can be granted (e.g., anonymous wiki editing). The anonymity guarantee of our solution makes it immediately appropriate for use by users of Tor/VPNs/ I2P. We also publish figures from Cloudflare indicating the potential impact from the global release of Privacy Pass.

If the inline PDF is not rendering correctly, you can download the PDF file here.

  • [1] Dan Boneh, Ben Lynn, and Hovav Shacham. Short signatures from the Weil pairing. In Colin Boyd, editor, ASIACRYPT 2001, volume 2248 of LNCS, pages 514-532. Springer, Heidelberg, December 2001.

  • [2] Jonathan Burns, Daniel Moore, Katrina Ray, Ryan Speers, and Brian Vohaska. EC-OPRF: Oblivious pseudorandom functions using elliptic curves. Cryptology ePrint Archive, Report 2017/111, 2017.

  • [3] David Chaum. Blind signatures for untraceable payments. In David Chaum, Ronald L. Rivest, and Alan T. Sherman, editors, CRYPTO’82, pages 199-203. Plenum Press, New York, USA, 1982.

  • [4] David Chaum. Blind signature system. In David Chaum, editor, CRYPTO’83, page 153. Plenum Press, New York, USA, 1983.

  • [5] David Chaum, Amos Fiat, and Moni Naor. Untraceable electronic cash. In Shafi Goldwasser, editor, CRYPTO’88, volume 403 of LNCS, pages 319-327. Springer, Heidelberg, August 1990.

  • [6] David Chaum and Torben P. Pedersen. Wallet databases with observers. In Ernest F. Brickell, editor, CRYPTO’92, volume 740 of LNCS, pages 89-105. Springer, Heidelberg, August 1993.

  • [7] Cisco. The zettabyte era: Trends and analysis, 2017. Accessed Sep 2017.

  • [8] Cloudflare. Personal communication, 2017.

  • [9] Florian Dold and Christian Grothoff. GNU Taler: Ethical online payments for the internet age. ERCIM News, 2016(106), 2016.

  • [10] Georg Fuchsbauer, Christian Hanser, Chethan Kamath, and Daniel Slamanig. Practical round-optimal blind signatures in the standard model from weaker assumptions. Cryptology ePrint Archive, Report 2016/662, 2016.

  • [11] Sanjam Garg and Divya Gupta. Efficient round optimal blind signatures. In Phong Q. Nguyen and Elisabeth Oswald, editors, EUROCRYPT 2014, volume 8441 of LNCS, pages 477-495. Springer, Heidelberg, May 2014.

  • [12] Sanjam Garg, Vanishree Rao, Amit Sahai, Dominique Schröder, and Dominique Unruh. Round optimal blind signatures. In Phillip Rogaway, editor, CRYPTO 2011, volume 6841 of LNCS, pages 630-648. Springer, Heidelberg, August 2011.

  • [13] Ryan Henry and Ian Goldberg. Extending Nymble-like systems. In 2011 IEEE Symposium on Security and Privacy, pages 523-537. IEEE Computer Society Press, May 2011.

  • [14] Ryan Henry and Ian Goldberg. Formalizing anonymous blacklisting systems. In 2011 IEEE Symposium on Security and Privacy, pages 81-95. IEEE Computer Society Press, May 2011.

  • [15] Ryan Henry and Ian Goldberg. Batch proofs of partial knowledge. In Michael J. Jacobson Jr., Michael E. Locasto, Payman Mohassel, and Reihaneh Safavi-Naini, editors, ACNS 13, volume 7954 of LNCS, pages 502-517. Springer, Heidelberg, June 2013.

  • [16] Henry, Ryan. Efficient Zero-Knowledge Proofs and Applications. PhD thesis, University of Waterloo, 2014.

  • [17] Thomas S. Heydt-Benjamin, Hee-Jin Chae, Benessa Defend, and Kevin Fu. Privacy for public transportation. In George Danezis and Philippe Golle, editors, Privacy Enhancing Technologies: 6th International Workshop (PET 2006), pages 1-19. Springer, 2006.

  • [18] Stanislaw Jarecki, Aggelos Kiayias, and Hugo Krawczyk. Round-optimal password-protected secret sharing and TPAKE in the password-only model. In Palash Sarkar and Tetsu Iwata, editors, ASIACRYPT 2014, Part II, volume 8874 of LNCS, pages 233-253. Springer, Heidelberg, December 2014.

  • [19] Stanislaw Jarecki, Aggelos Kiayias, Hugo Krawczyk, and Jiayu Xu. Highly-efficient and composable password-protected secret sharing (or: How to protect your bitcoin wallet online). In EuroS&P, pages 276-291. IEEE, 2016.

  • [20] Florian Kerschbaum, Hoon Wei Lim, and Ivan Gudymenko. Privacy-preserving billing for e-ticketing systems in public transportation. In Proceedings of the 12th ACM Workshop on Workshop on Privacy in the Electronic Society, WPES ’13, pages 143-154, New York, NY, USA, 2013. ACM.

  • [21] Zhuotao Liu, Yushan Liu, Philipp Winter, Prateek Mittal, and Yih-Chun Hu. Torpolice: Towards enforcing servicedefined access policies for anonymous communication in the tor network. In 25th IEEE International Conference on Network Protocols, ICNP 2017, pages 1-10, 2017.

  • [22] Peter Lofgren and Nicholas Hopper. BNymble: More anonymous blacklisting at almost no cost (a short paper). In George Danezis, editor, FC 2011, volume 7035 of LNCS, pages 268-275. Springer, Heidelberg, February / March 2012.

  • [23] Dimitrios Papadopoulos, Duane Wessels, Shumon Huque, Moni Naor, Jan Vcelák, Leonid Reyzin, and Sharon Goldberg. Making NSEC5 practical for DNSSEC. Cryptology ePrint Archive, Report 2017/099, 2017. http: //

  • [24] David Pointcheval and Jacques Stern. Provably secure blind signature schemes. In Kwangjo Kim and Tsutomu Matsumoto, editors, ASIACRYPT’96, volume 1163 of LNCS, pages 252-265. Springer, Heidelberg, November 1996.

  • [25] Markus Rückert. Lattice-based blind signatures. In Masayuki Abe, editor, ASIACRYPT 2010, volume 6477 of LNCS, pages 413-430. Springer, Heidelberg, December 2010.

  • [26] Ahmad-Reza Sadeghi, Ivan Visconti, and Christian Wachsmann. User privacy in transport systems based on RFID e-tickets. Proceedings of the 1st International Workshop on Privacy in Location-Based Applications (PilBA), 2008.

  • [27] Claus-Peter Schnorr. Efficient identification and signatures for smart cards. In Gilles Brassard, editor, CRYPTO’89, volume 435 of LNCS, pages 239-252. Springer, Heidelberg, August 1990.

  • [28] Claus-Peter Schnorr and Markus Jakobsson. Security of signed ElGamal encryption. In Tatsuaki Okamoto, editor, ASIACRYPT 2000, volume 1976 of LNCS, pages 73-89. Springer, Heidelberg, December 2000.

  • [29] Tor. List of services blocking Tor, 2017. Accessed Sep 2017.


Journal + Issues