Liveness Signal

Description

Liveness Signal allows sending and verifying simple binary signals through third party servers while retaining full anonymity and plausible deniability. A prover (for example, a whistleblower) can post a new signal based on a schedule to previously agreed to with a verifier (for example, a journalist) to indicate that they are well. Both the prover and verifier use the same app with an agreed signal key (for example, a password) and exchange a one-time pairing. After that, all contact happens through a configurable third-party server over Tor onion services and remains anonymous to all parties. Verifiers can check if a new signal has been posted, but signals contain no other identifying content. Local storage is in the app is encrypted with a user chosen app password. Entering a wrong password will not yield an error message, and signals can still be sent and verified, but will not be linked to the correct chain of signals that you get when entering the correct app password. This property makes it plausible deniable that a user is either a prover or a verifier - without the correct password, they can be interchangeable.

For communicating with the storage server over Tor, a separate app such as Orbot or TorServices needs to be installed and started.

This app is a prototype implementation of the protocol described in the publication "Anonymously publishing liveness signals with plausible deniability" at The 21st International Conference on Advances in Mobile Computing and Multimedia Intelligence (MoMM 2023), Springer LNCS. It is not meant for usage where human live may depend upon it, but as a prototype for future integration into other (for example, social messaging) apps. Source code is available at https://github.com/rmayr/livenesssignal-android.