Download vasserman_foci12_slides

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
Document related concepts

Cryptanalysis wikipedia , lookup

Cryptographic hash function wikipedia , lookup

Diff wikipedia , lookup

Transcript 
One-way indexing
for plausible deniability in
censorship resistant storage
Eugene Vasserman, Victor Heorhiadi,
Nicholas Hopper, and Yongdae Kim
Censorship resistant storage
 Provides robust permanent storage
 Protects against targeted blocking
 Resists rubber-hose cryptanalysis – provides
publisher deniability
 Easily searchable (e.g., not hashes)
 Removes “dead data”
 Without necessarily killing unpopular content
 Scales gracefully
I am not a lawyer…
 Is plausible deniability needed?
 Is plausible deniability enough?
 Is “probable ignorance” enough?
“Conflicting” requirements
 Storer plausible deniability
 Keyword search
 Decryption key must be stored in the network
 Pointer and storer must not discover the key
 Self-contained network
 Store keys and content in the same network?
Are you crazy?!
 “One-way indexing”
DHT P2P storage refresher
ANIMATION
Publisher
Searcher
Pointer
(Storer)
Encoding a file
Publisher has
File F
Encrypt
with key K
EK(F)
m-of-n
erasure
coding
n chunks
(n >> m)
Publishing files
Publisher composes “manifests”:
n chunks
File Manifest
h(EK(F))
h(keyword1), h(keyword2), …
h(index keywordi)
h(F)
h(c1), h(c2), …, h(cn)
Key Manifest





h(EK(F))
h(keyword1), h(keyword2), …
h(index keywordi)
h(K)
K
“One-way” publishing
Publish key
file
Publish file
manifest
to
chunks
to 1),
h(r,
h(r’,
keyword
keyword
1),
h(chunk)
h(r,
h(r’,
keyword
keyword2),
2),
…
ANIMATION
Publisher
Finding a file
Search
for
Decrypt
Search
for
file,
Retrieve
Reconstruct
file
m
file,
verify
key
against
random
verify
manifest
against
file
manifest
by
chunks
manifest
by
(hash)
(hash)
keyword
keyword
ANIMATION
Searcher
Beware of forbidden keywords
 h(keyword1)  salt, h(salt, keyword1)
 Brute-force hash search protection
(rainbow tables)
 Robustness improvement (load
balancing)
 Different salts in different manifests
 “Forbidden keyword” attacks tend to fail
Continuous robustness
 Pointer storer  manifest “guarantor”
 Guarantor can:
 Reassemble the encrypted file
 Check replication level of manifest and file
 Re-encode the encrypted file (like publisher)
 Guarantor cannot:
 Decrypt the file (get the plaintext)
 Obtain the keywords (invert a hash)
 Remove data from the network (can drop own data)
Maintaining/refreshing a file
ANIMATION
Retrieve
Re-publish
x’ data,
> 2m
Reconstruct
Retrieve
data
manifest
chunks
x
≥
m
verify
against
random
and/or
manifest
replicas,
chunks
manifest
(hash)
verify
if needed
them
Manifest
guarantor
Dead data pruning
 Each stored item has a timestamp
 File manifest, key manifest, content chunk
 Timestamp initialized at publication time,
refreshed at access time
 Nodes lazily garbage-collect “idle” items
 Have not been accessed in some time period t
 A single honest guarantor is enough to retain a file
in the network
 Manifests “vouched for” by editors are
not subject to dropping
System robustness
Censorship
success
1
0.8
0.6
0.4
0.2
0
0.0
0.2
0.4
0.6
0.8
Node failure
1-of-10 (replication)
50-of-250
50-of-750
10-of-100
50-of-500
75-of-750
1.0
Performance
“User time” to find
and download a file
Time to perform
DHT operations
1
0.9
0.9
0.8
0.8
0.7
0.7
0.6
0.6
CDF
1
0.5
0.5
0.4
0.4
0.3
0.3
Chunk Put
Chunk Get
Manifest Put
Manifest Get
Manifest Maintenance
0.2
0.1
0
0
50
100
150
200
Time (seconds)
0.2
0.1
0
250
300
0
20
40
60
80
Time (seconds)
100
120
140
Summary
Toward robust censorship-resistant
permanent storage:
“One-way” indexing and easy search
 “Probable ignorance” for storers
Replication and proactive maintenance –
targeted are attacks difficult
 Need underlying blocking resistance
Dead data removal and file curation
 Keeps all files for a time, some forever
Related documents
Study Guide #6
Study Guide #6
Manifest Destiny - Father Michael McGivney Catholic Academy
Manifest Destiny - Father Michael McGivney Catholic Academy
Unit 2: A House Divided
Unit 2: A House Divided
Chapter 13- Manifest_Destiny
Chapter 13- Manifest_Destiny
WARM 1-1
WARM 1-1
Note Guide
Note Guide
B. Friday, Oct. 18--POWER POINT-- Manifest Destiny & Imperialism
B. Friday, Oct. 18--POWER POINT-- Manifest Destiny & Imperialism
Name - Rockin American History (08-09)
Name - Rockin American History (08-09)
I. Reactions to Changing Conditions A. Romanticism and Genteel
I. Reactions to Changing Conditions A. Romanticism and Genteel
I.What is a Theoretical Perspective?
I.What is a Theoretical Perspective?