One-way indexing for plausible deniability in censorship resistant storage Eugene Vasserman, Victor Heorhiadi, Nicholas Hopper, and Yongdae Kim.

Slides:



Advertisements
Similar presentations
P2P data retrieval DHT (Distributed Hash Tables) Partially based on Hellerstein’s presentation at VLDB2004.
Advertisements

What is OceanStore? - 10^10 users with files each - Goals: Durability, Availability, Enc. & Auth, High performance - Worldwide infrastructure to.
Peer-to-Peer (P2P) Distributed Storage 1Dennis Kafura – CS5204 – Operating Systems.
Lorrie Cranor AT&T Labs Avi Rubin AT&T Labs Marc Waldman
David Choffnes, Winter 2006 OceanStore Maintenance-Free Global Data StorageMaintenance-Free Global Data Storage, S. Rhea, C. Wells, P. Eaton, D. Geels,
Section 3.2: Operating Systems Security
Modern Information Retrieval Chapter 8 Indexing and Searching.
Outline for today Structured overlay as infrastructures Survey of design solutions Analysis of designs.
FRIENDS: File Retrieval In a dEcentralized Network Distribution System Steven Huang, Kevin Li Computer Science and Engineering University of California,
Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber 1 Regulating Online Speech.
Chapter 4  Hash Functions 1 Overview  Cryptographic hash functions are functions that: o Map an arbitrary-length (but finite) input to a fixed-size output.
FreeNet: A Distributed Anonymous Information Storage and Retrieval System Ian Clark, Oskar Sandberg, Brandon Wiley and Theodore Hong.
Efficient Content Location Using Interest-based Locality in Peer-to-Peer Systems Presented by: Lin Wing Kai.
Protecting Free Expression Online with Freenet Presented by Ho Tsz Kin I. Clarke, T. W. Hong, S. G. Miller, O. Sandberg, and B. Wiley 14/08/2003.
ITIS 6200/8200. time-stamping services Difficult to verify the creation date and accurate contents of a digital file Required properties of time-stamping.
Gnutella, Freenet and Peer to Peer Networks By Norman Eng Steven Hnatko George Papadopoulos.
Chord-over-Chord Overlay Sudhindra Rao Ph.D Qualifier Exam Department of ECECS.
Freenet A Distributed Anonymous Information Storage and Retrieval System I Clarke O Sandberg I Clarke O Sandberg B WileyT W Hong.
Wide-area cooperative storage with CFS
A Backup System built from a Peer-to-Peer Distributed Hash Table Russ Cox joint work with Josh Cates, Frank Dabek, Frans Kaashoek, Robert Morris,
Lecture 4 Cryptographic Tools (cont) modified from slides of Lawrie Brown.
Encryption Methods By: Michael A. Scott
Hashing it Out in Public Common Failure Modes of DHT-based Anonymity Schemes Andrew Tran, Nicholas Hopper, Yongdae Kim Presenter: Josh Colvin, Fall 2011.
Cryptography and Network Security Chapter 11 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Practical Techniques for Searches on Encrypted Data Yongdae Kim Written by Song, Wagner, Perrig.
Freenet: A Distributed Anonymous Information Storage and Retrieval System Presentation by Theodore Mao CS294-4: Peer-to-peer Systems August 27, 2003.
© Neeraj Suri EU-NSF ICT March 2006 DEWSNet Dependable Embedded Wired/Wireless Networks MUET Jamshoro Computer Security: Principles and Practice Slides.
Freenet. Anonymity  Napster, Gnutella, Kazaa do not provide anonymity  Users know who they are downloading from  Others know who sent a query  Freenet.
Chi-Cheng Lin, Winona State University CS 313 Introduction to Computer Networking & Telecommunication Network Security (A Very Brief Introduction)
Jim McLeod MyDBA  SQL Server Performance Tuning Consultant with MyDBA  Microsoft Certified Trainer with SQLskills Australia 
Encryption Presentation Jamie Roberts. Encryption Defined: n The process of converting messages, information, or data into a form unreadable by anyone.
Information-Centric Networks05b-1 Week 5 / Paper 2 A survey of peer-to-peer content distribution technologies –Stephanos Androutsellis-Theotokis, Diomidis.
Privacy-Preserving P2P Data Sharing with OneSwarm -Piggy.
BitTorrent How it applies to networking. What is BitTorrent P2P file sharing protocol Allows users to distribute large amounts of data without placing.
Introduction to Peer-to-Peer Networks. What is a P2P network A P2P network is a large distributed system. It uses the vast resource of PCs distributed.
The Fun That Is File Structures Pages By: Christine Zeitschel.
Click to edit Master title style Fall, Privacy&Security - Virginia Tech – Computer Science Cryptographic Security Secret Sharing, Vanishing Data.
Security.  is one of the most widely used and regarded network services  currently message contents are not secure may be inspected either.
Freenet: A Distributed Anonymous Information Storage and Retrieval System Presenter: Chris Grier ECE 598nb Spring 2006.
Freenet: A Distributed Anonymous Information Storage and Retrieval System Ian Clarke, Oskar Sandberg, Brandon Wiley,Theodore W. Hong Presented by Zhengxiang.
Freenet: A Distributed Anonymous Information Storage and Retrieval System Josh Colvin CIS 590, Fall 2011.
EE515/IS523 Think Like an Adversary Lecture 4 Crypto in a Nutshell Yongdae Kim.
Cryptographic Security Secret Sharing, Vanishing Data 1Dennis Kafura – CS5204 – Operating Systems.
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 2 – Cryptographic.
Authentication Issues and Solutions CSCI 5857: Encoding and Encryption.
1 Network Security Lecture 7 Overview of Authentication Systems Waleed Ejaz
Freenet “…an adaptive peer-to-peer network application that permits the publication, replication, and retrieval of data while protecting the anonymity.
1 Secure Peer-to-Peer File Sharing Frans Kaashoek, David Karger, Robert Morris, Ion Stoica, Hari Balakrishnan MIT Laboratory.
Computer Networking P2P. Why P2P? Scaling: system scales with number of clients, by definition Eliminate centralization: Eliminate single point.
MESSAGE AUTHENTICATION and HASH FUNCTIONS - Chapter 11 MESSAGE AUTHENTICATION and HASH FUNCTIONS - Chapter 11 Masquerade – message insertion, fraud, ACK.
Information-Centric Networks Section # 5.2: Content Distribution Instructor: George Xylomenos Department: Informatics.
A Reputation-Based Approach for Choosing Reliable Resources in Peer-to-Peer Networks E. Damiani S. De Capitani di Vimercati S. Paraboschi P. Samarati F.
Operating Systems Security
CS Spring 2014 CS 414 – Multimedia Systems Design Lecture 37 – Introduction to P2P (Part 1) Klara Nahrstedt.
Freenet: Anonymous Storage and Retrieval of Information
CS 347Notes081 CS 347: Parallel and Distributed Data Management Notes 08: P2P Systems.
P2P Search COP6731 Advanced Database Systems. P2P Computing  Powerful personal computer Share computing resources P2P Computing  Advantages: Shared.
P2P Content Search: Give the Web Back to the People Matthias Bender Sebastin Michel Peter Triantafillou Gerhard Weikum Christian Zimmer Mariam John CSE.
Large Scale Sharing Marco F. Duarte COMP 520: Distributed Systems September 19, 2004.
Keyword search on encrypted data. Keyword search problem  Linux utility: grep  Information retrieval Basic operation Advanced operations – relevance.
International Conference Security in Pervasive Computing(SPC’06) MMC Lab. 임동혁.
Operating Systems Security 1. The Boot Sequence The action of loading an operating system into memory from a powered-off state is known as booting or.
Peer-to-Peer (P2P) File Systems. P2P File Systems CS 5204 – Fall, Peer-to-Peer Systems Definition: “Peer-to-peer systems can be characterized as.
ANONYMOUS STORAGE AND RETRIEVAL OF INFORMATION Olufemi Odegbile.
Chord: A Scalable Peer-to-Peer Lookup Service for Internet Applications * CS587x Lecture Department of Computer Science Iowa State University *I. Stoica,
OceanStore : An Architecture for Global-Scale Persistent Storage Jaewoo Kim, Youngho Yi, Minsik Cho.
Peer-to-Peer (P2P) File Systems
Presentation by Theodore Mao CS294-4: Peer-to-peer Systems
Peer-to-Peer Storage Systems
Vanish: Increasing Data Privacy with Self-Destructing Data
Presentation transcript:

One-way indexing for plausible deniability in censorship resistant storage Eugene Vasserman, Victor Heorhiadi, Nicholas Hopper, and Yongdae Kim

Censorship resistant storage Provides robust permanent storage Protects against targeted blocking Resists rubber-hose cryptanalysis – provides publisher deniability Easily searchable (e.g., not hashes) Removes “dead data” Without necessarily killing unpopular content Scales gracefully

I am not a lawyer… Is plausible deniability needed? Is plausible deniability enough? Is “probable ignorance” enough?

“Conflicting” requirements Storer plausible deniability Keyword search Decryption key must be stored in the network Pointer and storer must not discover the key Self-contained network Store keys and content in the same network? Are you crazy?! “One-way indexing”

DHT P2P storage refresher Pointer (Storer) Searcher Publisher ANIMATION

Encoding a file Publisher has n chunks (n >> m) m-of-n erasure coding File F Encrypt with key K E K (F)

Publishing files n chunks File Manifest h(E K (F)) h(keyword 1 ), h(keyword 2 ), … h(index keyword i ) h(F) h(c 1 ), h(c 2 ), …, h(c n ) Publisher composes “manifests”: Key Manifest h(E K (F)) h(keyword 1 ), h(keyword 2 ), … h(index keyword i ) h(K) K    

“One-way” publishing Publisher Publish file manifest to h(r, keyword 1 ), h(r, keyword 2 ), … Publish file chunks to h(chunk) Publish key manifest to h(r’, keyword 1 ), h(r’, keyword 2 ), … ANIMATION

Finding a file Searcher Retrieve m random file chunks Reconstruct file, verify against manifest (hash) Decrypt file, verify against manifest (hash) Search for file manifest by keyword Search for key manifest by keyword ANIMATION

Beware of forbidden keywords h(keyword 1 )  salt, h(salt, keyword 1 ) Brute-force hash search protection (rainbow tables) Robustness improvement (load balancing) Different salts in different manifests “Forbidden keyword” attacks tend to fail

Continuous robustness Pointer storer  manifest “guarantor” Guarantor can: Reassemble the encrypted file Check replication level of manifest and file Re-encode the encrypted file (like publisher) Guarantor cannot: Decrypt the file (get the plaintext) Obtain the keywords (invert a hash) Remove data from the network (can drop own data)

Maintaining/refreshing a file Manifest guarantor Re-publish data chunks and/or manifest if needed Retrieve x’ > 2m manifest replicas, verify them Retrieve x ≥ m random chunks Reconstruct data, verify against manifest (hash) ANIMATION

Dead data pruning Each stored item has a timestamp File manifest, key manifest, content chunk Timestamp initialized at publication time, refreshed at access time Nodes lazily garbage-collect “idle” items Have not been accessed in some time period t A single honest guarantor is enough to retain a file in the network Manifests “vouched for” by editors are not subject to dropping

System robustness

Performance Time to perform DHT operations “User time” to find and download a file

Summary Toward robust censorship-resistant permanent storage: “One-way” indexing and easy search “Probable ignorance” for storers Replication and proactive maintenance – targeted are attacks difficult Need underlying blocking resistance Dead data removal and file curation Keeps all files for a time, some forever

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.