All the existed instant messaging systems require the users’ registration to the management center, regardless of the client-server or peer-to-peer architectures. Therefore, the management center knows each user’s identity, and the users’ identity privacy completely relies on the trust of the management center. To protect the users’ identity privacy, a decentralized instant messaging protocol is proposed with the help of multiple-collision trapdoor hash functions. In our protocol, each user belongs a small group with a group manager and the group manager issues the certificate for its members. The certificate is used to hide the users’ identity from the people except the manager of the small group. For any two users belonging two groups that trusted one another, our protocol can help the two users to construct a communication connection without leasing their real identities. After the hard work to initialize the communication connection, the on-going connection just needs a lighter cost to keep anonymous communications, with the help of multiple-collision trapdoor hash functions.