Presentation is loading. Please wait.

Presentation is loading. Please wait.

Vanish: Increasing Data Privacy with Self-Destructing Data

Published byAnu Kangur Modified over 6 years ago

Similar presentations

Presentation on theme: "Vanish: Increasing Data Privacy with Self-Destructing Data"— Presentation transcript:

1 Vanish: Increasing Data Privacy with Self-Destructing Data
Roxana Geambasu, Yoshi Kohno, Amit A. Levy and Hank A. Levy University of Washington Slides by Gal Motika

2 Outline Motivating Problem Goals Distributed Hash Tables (DHTs)
How Vanish Works Availability & Performance Analyze   Security Analyze

3 Motivation: Data Lives Forever
How can Ann delete her sensitive ? She doesn’t know where all the copies are. Services may retain data for long after user tries to delete. Sensitive Ann Carla ISP This is sensitive stuff. This is sensitive stuff. Senstive Sensitive Senstive Sensitive Senstive Sensitive Senstive Sensitive 3

4 Motivation: Data Lives Forever
Ann Carla ISP Senstive Sensitive Senstive Sensitive This is sensitive stuff. Senstive Sensitive Senstive Sensitive Attacker Some time later… Retroactive attack on archived data This is sensitive stuff. 4

5 Self-Destructing Data Model
Sensitive Ann Carla ISP This is sensitive stuff. self-destructing data (timeout) VDO: Vanish Data Object – , Facebook message, text message. Until timeout, VDO is readable. After timeout, all copies become permanently unreadable. Even for attackers who obtain an archived copy & user keys. 5 5

6 Assumptions The VDO will be used to encapsulate data that is only of value to the user for a limited time. Every message has known timeout. Users are connected to the Internet when interacting with VDOs. Early destruction is preferred than information exposure.

7 Goals A VDO must expire automatically and without any explicit action.
The VDO should be accessible until timeout. Leverage existing infrastructures. The system must not require the use of dedicated secure hardware. The system should not introduce new privacy risks to the users.

8 Distributed Hash Tables (DHTs)
A distributed, peer-to-peer (P2P) storage network consisting of multiple participating nodes. (index, value) pair data. Lookup, get, and store operations.

9 Key DHT-related Insights
Huge scale: millions of nodes. Geographic distribution: Nodes are distributed over 190 countries. Decentralization: individually-owned, no single point of trust. Constant evolution: DHTs evolve naturally and dynamically over time as new nodes constantly join and old nodes leave.

10 Data Encapsulation L K Vanish World-Wide DHT k1 k1 k2 k2 k3 k3 . . .
Ann Carla VDO = {C, L} Encapsulate (data, timeout) Vanish Data Object VDO = {C, L} Vanish L World-Wide DHT kN k3 Random indexes k1 k1 Secret Sharing (M of N) k2 k2 K k2 k3 k3 . . . k1 C = EK(data) kN kN 10

11 Data Decapsulation L L X K Vanish Vanish World-Wide DHT . . .
Ann Carla VDO = {C, L} Encapsulate (data, timeout) Vanish Data Object VDO = {C, L} Decapsulate (VDO = {C, L}) data Vanish L Vanish L World-Wide DHT kN kN k3 k3 Random indexes Random indexes Secret Sharing (M of N) Secret Sharing (M of N) X K k2 k2 . . . k1 k1 C = EK(data) data = DK(C) 11 11

12 Data Timeout L K The DHT loses key pieces over time
Natural churn: nodes crash or leave the DHT Built-in timeout: DHT nodes purge data periodically Key loss makes all data copies permanently unreadable Vanish L World-Wide DHT kN k3 Random indexes k1 Secret Sharing (M of N) X K X k3 . . . k1 X kN data = DK(C) 12 12 12

13 The Vuze DHT 160-bit ID based on the IP and port. The ID determines the index ranges that it will store. To store an (index,value), a client looks up 20 nodes with IDs closest to the specified index. Entries in the node’s cache are republished every 30 minutes to the other 19 closest nodes. Nodes remove from their caches all values whose store timestamp is more than 8 hours old.

14 Availability Evaluation
Pushed 1,000 VDOs shares to pseudorandom indices in the Vuze DHT and then polled them back. Repeated this experiment 100 times over a 3-day period. 8-hour Vuze standard timeout.

15 Availability Evaluation – Cont.
N=50 and threshold of 90% is recommended for high availability.

16 Performance Evaluation
Encryption/Decryption time is negligible. The DHT component accounts for over 99% of the execution time. The Encapsulation/Decapsulation times were measured.

17 Security Analyses The attacker can have access to the sender computer, the provider or to the DHT. The key shares are unlikely to remain in the DHT much after the timeout. After timeout, many of the hosting nodes would have long disappeared or changed their ID. Even for legal authorities it will be difficult to reconstruct the lost data. The relevant attacks can be done before the timeout.

18 Strategy (1) - Decapsulate VDO Prior to Expiration
An attacker might try to obtain a copy of the VDO and revoke its privacy prior to its expiration. Example: an provider that proactively decapsulates all VDO s in real-time. Defense: encapsulate VDOs in traditional encryption schemes, like PGP or GPG.

19 Strategy (2): Sniff User’s Internet Connection
An attacker sniffs the data users push into or retrieve from the DHT. Example: an ISP or employer. Defense: Encrypt DHT communications between nodes. Compose with Tor to tunnel one’s interactions with a DHT through remote machines. The man-in-the-middle attack is not solved.

20 Strategy (3): Integrate into DHT
The attacker integrate itself into the DHT in order to create copies of all data that it is asked to store. The attacker intercept internal DHT lookup procedures and then issue get requests of his own for learned indices. Standard DHT attacks (Sybil ,Eclipse) are handled by Vuze DHT (the ID is based on the IP), or changing the Vuze client.

21 Experimental Methodology
The experiment can not be done on real DHT because the attacker should acquire as much as possible nodes. 1,000, 2,000, 4,500, and 8,000 node DHTs were tested Churn (node death and birth) is modeled by a Poisson distribution with median lifetime of 2 hours.

22 Store Sniffing Attack The adversary saves all of the index-to-value mappings it receives from peers. Via store messages. Via replication (every 30 minutes to the 20 closest nodes. The attacker compromised % of 1000-node DHT.

23 Store Sniffing Attack - Attacker Sizes
None of the 1,000 tested VDOs was compromised. For N=150, 2 hours churn:

24 Lookup Sniffing Attack
Lookup requests pass through multiple nodes. The attacker can fetch the value of the searched index. Defense: lookup for a different index but with the same node ID. For 1M nodes, 160 index bits, the first 20 bits are the ID of the node. On lookup, randomize the last 80 bits, so it will be impossible for the attacker to get the key.

25 Conclusions Vanish causes sensitive information, such as s, files, or text messages, to irreversibly self-destruct. Without any action on the user’s part. Without any centralized or trusted system. Vanish is robust against adversarial attacks. Limitations: In Vuze, the fixed data timeout present challenge for a self-destructing data system.

26 Questions?

Download ppt "Vanish: Increasing Data Privacy with Self-Destructing Data"

Similar presentations

Overview Network security involves protecting a host (or a group of hosts) connected to a network Many of the same problems as with stand-alone computer.

Overview Network security involves protecting a host (or a group of hosts) connected to a network Many of the same problems as with stand-alone computer.
P2P data retrieval DHT (Distributed Hash Tables) Partially based on Hellerstein’s presentation at VLDB2004.

P2P data retrieval DHT (Distributed Hash Tables) Partially based on Hellerstein’s presentation at VLDB2004.
Ion Stoica, Robert Morris, David Karger, M. Frans Kaashoek, Hari Balakrishnan MIT and Berkeley presented by Daniel Figueiredo Chord: A Scalable Peer-to-peer.

Ion Stoica, Robert Morris, David Karger, M. Frans Kaashoek, Hari Balakrishnan MIT and Berkeley presented by Daniel Figueiredo Chord: A Scalable Peer-to-peer.
Pastry Peter Druschel, Rice University Antony Rowstron, Microsoft Research UK Some slides are borrowed from the original presentation by the authors.

Pastry Peter Druschel, Rice University Antony Rowstron, Microsoft Research UK Some slides are borrowed from the original presentation by the authors.
TAP: A Novel Tunneling Approach for Anonymity in Structured P2P Systems Yingwu Zhu and Yiming Hu University of Cincinnati.

TAP: A Novel Tunneling Approach for Anonymity in Structured P2P Systems Yingwu Zhu and Yiming Hu University of Cincinnati.
Storage management and caching in PAST, a large-scale, persistent peer-to-peer storage utility Antony Rowstron, Peter Druschel Presented by: Cristian Borcea.

Storage management and caching in PAST, a large-scale, persistent peer-to-peer storage utility Antony Rowstron, Peter Druschel Presented by: Cristian Borcea.
Clayton Sullivan PEER-TO-PEER NETWORKS. INTRODUCTION What is a Peer-To-Peer Network A Peer Application Overlay Network Network Architecture and System.

Clayton Sullivan PEER-TO-PEER NETWORKS. INTRODUCTION What is a Peer-To-Peer Network A Peer Application Overlay Network Network Architecture and System.
Kademlia: A Peer-to-peer Information System Based on the XOR Metric Petar Mayamounkov David Mazières A few slides are taken from the authors’ original.

Kademlia: A Peer-to-peer Information System Based on the XOR Metric Petar Mayamounkov David Mazières A few slides are taken from the authors’ original.
Click to edit Master title style Defeating Vanish with Low-Cost Sybil Attacks Against Large DHTs Scott Wolchok 1 Owen S. Hofmann 2 Nadia Heninger 3 Edward.

Click to edit Master title style Defeating Vanish with Low-Cost Sybil Attacks Against Large DHTs Scott Wolchok 1 Owen S. Hofmann 2 Nadia Heninger 3 Edward.
236349 Project in Computer Security Integrating TOR’s attacks into the I2P darknet Chen Avnery Amihay Vinter.

Project in Computer Security Integrating TOR’s attacks into the I2P darknet Chen Avnery Amihay Vinter.
Comet: An Active Distributed Key-Value Store Roxana Geambasu Amit Levy Yoshi Kohno Arvind Krishnamurthy Hank Levy University of Washington.

Comet: An Active Distributed Key-Value Store Roxana Geambasu Amit Levy Yoshi Kohno Arvind Krishnamurthy Hank Levy University of Washington.
Vanish: Increasing Data Privacy with Self-Destructing Data Roxana Geambasu Yoshi Kohno Amit Levy Hank Levy University of Washington.

Vanish: Increasing Data Privacy with Self-Destructing Data Roxana Geambasu Yoshi Kohno Amit Levy Hank Levy University of Washington.
S EMINAR A SELF DESTRUCTING DATA SYSTEM BASED ON ACTIVE STORAGE FRAMEWORK ONON P RESENTED BY S HANKAR G ADHVE G UIDED BY P ROF.P RAFUL P ARDHI.

S EMINAR A SELF DESTRUCTING DATA SYSTEM BASED ON ACTIVE STORAGE FRAMEWORK ONON P RESENTED BY S HANKAR G ADHVE G UIDED BY P ROF.P RAFUL P ARDHI.
Security strategy. What is security strategy? How an organisation plans to protect and respond to security attacks on their information technology assets.

Security strategy. What is security strategy? How an organisation plans to protect and respond to security attacks on their information technology assets.
Storage Management and Caching in PAST, a large-scale, persistent peer- to-peer storage utility Authors: Antony Rowstorn (Microsoft Research) Peter Druschel.

Storage Management and Caching in PAST, a large-scale, persistent peer- to-peer storage utility Authors: Antony Rowstorn (Microsoft Research) Peter Druschel.
A. Frank 1 Internet Resources Discovery (IRD) Peer-to-Peer (P2P) Technology (1) Thanks to Carmit Valit and Olga Gamayunov.

A. Frank 1 Internet Resources Discovery (IRD) Peer-to-Peer (P2P) Technology (1) Thanks to Carmit Valit and Olga Gamayunov.
Freenet A Distributed Anonymous Information Storage and Retrieval System I Clarke O Sandberg I Clarke O Sandberg B WileyT W Hong.

Freenet A Distributed Anonymous Information Storage and Retrieval System I Clarke O Sandberg I Clarke O Sandberg B WileyT W Hong.
Squirrel: A decentralized peer- to-peer web cache Paul Burstein 10/27/2003.

Squirrel: A decentralized peer- to-peer web cache Paul Burstein 10/27/2003.
Wide-area cooperative storage with CFS

Wide-area cooperative storage with CFS
1CS 6401 Peer-to-Peer Networks Outline Overview Gnutella Structured Overlays BitTorrent.

1CS 6401 Peer-to-Peer Networks Outline Overview Gnutella Structured Overlays BitTorrent.

Similar presentations

Ads by Google