There is an inherent tension between the value provided by Location-Based Services (LBSs) and the location-privacy concerns they raise. Unfortunately, users are often forced to either boycott LBS applications completely or fully trust a centralized service with their location data. In this paper, we propose several techniques for resolving this tension. In particular, we present a mechanism by which peers who shared a physical location and time can be matched by a central server, without compromising peer-to-server or peer-to-peer anonymity. We utilize k-anonymity techniques to maintain location privacy and cryptographic techniques to provide both a proof of this co-location and an end-to-end confidential channel that is invulnerable to server snooping and man-in-the-middle attacks.