Anonymous Stateless Communication Architecture: Design, Network Performance Analysis, and Integration of Tor Hidden Services for Privileged Communications
DOI:
https://doi.org/10.26636/jtit.2026.2.2599Keywords:
anonymous communication, Docker, network architecture, stateless design, Tor Hidden Services, WebSocketAbstract
This paper presents the network architecture and empirical performance analysis of the Proof of Concept (POC) for a stateless Tor-based communication system designed for privileged communication. Unlike existing secure messaging platforms relying on centralized server infrastructures, persistent session states, or identifiable network endpoints, the proposed solution achieves server-side and client anonymity simultaneously through the integration of Tor hidden services v3, stateless application design, and containerized microservice decomposition. We formally describe the system's model and its constituent components: an application server, an ephemeral identity registry, and a browser-based client operating over WebCrypto. Next, we analyze performance of the network layer across 100 measurement cycles. Empirical results confirm that cryptographic operations contribute less than 2 ms of overhead relative to dominant Tor circuit latency (mean value of 8100 ms per circuit). Immunity to traffic, session linkability, and server deanonymization are examined against a realistic network adversary model. POC is compared to SecureDrop, Ricochet, and Signal in terms of five architectural properties and is shown to be the only system under evaluation satisfying all five requirements simultaneously. Deployment considerations for production-grade privileged communication environments, including operational security procedures for public key registration, are discussed as well.
Downloads
References
[1] P. Dela, "Selected Aspects of Cybersecurity", Bellona, vol. 724, pp. 99-119, 2026.
View in Google Scholar
DOI: https://doi.org/10.5604/01.3001.0055.6958
[2] J. Syta, "Challenges in Providing Cybersecurity to Port and Maritime Infrastructure Facilities", GIS Odyssey Journal, vol. 4, pp. 131-144, 2024.
View in Google Scholar
[3] R. Dingledine, N. Mathewson, and P. Syverson, "Tor: The Second-generation Onion Router", Proc. of the 13th USENIX Security Symposium, pp. 303-320, 2004.
View in Google Scholar
DOI: https://doi.org/10.21236/ADA465464
[4] Tor Project, "Tor's Fall Harvest: The Next Generation of Onion Services", 2017 [Online]. Available: https://blog.torproject.org/tors-fall-harvest-next-generation-onion-services/.
View in Google Scholar
[5] J. Kosiński, Cybercrime Paradigms, Difin, Warszawa, 300 p., 2015 (in Polish).
View in Google Scholar
[6] Freedom of the Press Foundation, "SecureDrop Documentation: What Is SecureDrop?", GitHub, 2024 [Online]. Available: https://docs.securedrop.org/en/stable/.
View in Google Scholar
[7] B.-J. Koops, M. Hildebrandt, and D.-O. Jaquet-Chiffelle, "Bridging the Accountability Gap: Rights for New Entities in the Information Society?", Minnesota Journal of Law, Science & Technology, vol. 11, pp. 497-561, 2010.
View in Google Scholar
DOI: https://doi.org/10.24926/15529541.3520
[8] T. Janczewski, "Ephemeral Identity: Challenge-Response Authentication with Ed25519 in Stateless Anonymous Communication Systems", Cybersecurity and Crime, 2026 (in press).
View in Google Scholar
[9] L. Øverlier and P. Syverson, "Locating Hidden Servers", IEEE Symposium on Security and Privacy, Oakland, USA, 2006.
View in Google Scholar
DOI: https://doi.org/10.1109/SP.2006.24
[10] A. Panchenko, L. Niessen, A. Zinnen, and T. Engel, "Website Fingerprinting in Onion Routing Based Anonymization Networks", Proc. of the ACM Workshop on Privacy in the Electronic Society (WPES), pp. 103-114, 2011.
View in Google Scholar
DOI: https://doi.org/10.1145/2046556.2046570
[11] M. Alsabah and I. Goldberg, "Performance and Security Improvements for Tor: A Survey", ACM Computing Surveys, vol. 49, art. no. 32, 2016.
View in Google Scholar
DOI: https://doi.org/10.1145/2946802
[12] P. Winter et al., "Spoiled Onions: Exposing Malicious Tor Exit Relays", Proc. of Privacy Enhancing Technologies (PETS), pp. 205-220, 2014.
View in Google Scholar
DOI: https://doi.org/10.1007/978-3-319-08506-7_16
[13] D. Chaum, "Security Without Identification: Transaction Systems to Make Big Brother Obsolete", Communications of the ACM, vol. 28, pp. 1030-1044, 1985.
View in Google Scholar
DOI: https://doi.org/10.1145/4372.4373
[14] I. Fette and A. Melnikov, "RFC 6455: The WebSocket Protocol", IETF, 2011.
View in Google Scholar
DOI: https://doi.org/10.17487/rfc6455
[15] M. Jones, J. Bradley, and N. Sakimura, "RFC 7519: JSON Web Token (JWT)", IETF, 2015.
View in Google Scholar
DOI: https://doi.org/10.17487/RFC7519
[16] E. Rescorla, "RFC 8446: The Transport Layer Security (TLS) Protocol Version 1.3", IETF, 2018.
View in Google Scholar
DOI: https://doi.org/10.17487/RFC8446
[17] D. Merkel, "Docker: Lightweight Linux Containers for Consistent Development and Deployment", Linux Journal, vol. 2014, 2014.
View in Google Scholar
[18] D.J. Bernstein et al., "High-speed High-security Signatures", Journal of Cryptographic Engineering, vol. 2, pp. 77-89, 2012.
View in Google Scholar
DOI: https://doi.org/10.1007/s13389-012-0027-1
[19] A. Johnson et al., "Users Get Routed: Traffic Correlation on Tor by Realistic Adversaries", Proc. of the ACM SIGSAC Conference on Computer and Communications Security (CCS), pp. 337-348, 2013.
View in Google Scholar
DOI: https://doi.org/10.1145/2508859.2516651
Downloads
Published
Issue
Section
License
Copyright (c) 2026 Tomasz Janczewski
This work is licensed under a Creative Commons Attribution 4.0 International License.
