Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cryptography In Censorship Resistant Web Publishing Systems By Hema Hariharan Swati B Shah.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Cryptography In Censorship Resistant Web Publishing Systems By Hema Hariharan Swati B Shah."— Presentation transcript:

1 Cryptography In Censorship Resistant Web Publishing Systems By Hema Hariharan Swati B Shah

2 Outline  Publisher Retriever Relationship  What is a publisher friendly Web publishing system?  How to remain Anonymous?  How to be Censorship Resistant  The trick to Tamper Resistance  Present Technology  Case study :Publius  Q & A

3 Publisher Retriever Relationship  Publisher and the Retriever  Security issues Retriever Protection Hackers,Virus etc Publisher Protection Protecting his documents from being tampered Protecting his freedom of speech

4 What is publisher friendly Web publishing system?  Source Anonymous  Censorship resistant  Tamper evedent  Content Unknown  Updateable  Fault tolerant

5 How to remain Anonymous?  URL rewriting service  Anonymous URL generation  URL “U”  Encrypted URL E k (U) using public key k  New URL http://www.rewebber.com/Ek(u)http://www.rewebber.com/Ek(u  Retreving content using an Anonymous URL  Given URL http://www.serviceprovider.com//E k (uhttp://www.serviceprovider.com//E k (u)  Decrypted using private key corresponding to k  Content retrieved form URL “U”  Rewriting Service Provider Network

6 How to be Censorship resistant?  Replication  Distributed servers all around the world.  Diversity of ownership of the servers  A simple example  A file hosted on to 100 servers of which 10 names are retained and the rest destroyed.

7 The trick to Tamper Resistance  Mixnets method  Store file in Remote servers  Each remote server encrypts with public key and send it to the file servers under its control  Search at random at some remote security servers to retrieve from the corresponding file servers  Disadvantages  Chances of not finding the file  Deletion impossible  Expiry date set during publishing

8 The trick to Tamper Resistance  Encrypt and Distribute Document  Encrypt,Divide and Distribute Key  Access to the document based on the number of shares of the key the user has access to.  Updation  Deletion

9 The Current Technology  The Eternity Service  Distributed network  Replication  Mix nets  Persistent storage till a specified expiration date  Publius  Distributed network  Replication  Key sharing technique  Dragster  No replication

10 Case Study :PUBLIUS  Three Components Publishers Retrievers Servers - a static list of m servers  Operations Publish Retrieve Update Delete

11 Publish Operation  Encrypt file F with Symmetric key K  Split K into N parts using Shamir’s Secret sharing scheme - (P,N) Threshold Scheme  Compute names for all N parts:  name i = wrap(H(F. part i ))  Compute locations for each part  location i = (name i MOD m) + 1  Publish encrypted file and one part of K to each of these locations, save under directory name i on the server

12 Publish Operation (Contd.)

13 Retrieve Operation Retriever must have the URL U of the intended file Parse the name values from U and compute locations of the Servers hosting the file Select P of these arbitrarily Retrieve the encrypted file and P parts of key K Reconstruct K, and retrieve the file Perform temper-check

14 Delete Operation  Generate a password PW while publishing  To delete, send H(server domain name.PW) to each hosting server  Each server performs authentication, then deletes the file  A file can be published as Undeletable

15 Update Operation  Updates file without changing its URL  Specify new file, original URL, old PW and new PW to each hosting server  Server first publishes the new file by calling Publius Publish operation, and gets new URL  Performs authentication  Puts the new URL in a directory called update under the corresponding name i  A file can be published as nonupdatable

16 Implementation Issues  Publius URL  http://!publius!/options/encode(name 1 ) … encode(name n ) Option field has: Version number Number of parts needed to reconstruct the key Size of the server list Update flag  Server Software  Client Software

17 Goals Achieved! Censorship Resistant Tamper Evident Content Anonymous Source Anonymous Fault tolerant Persistent Updateable Extensible Freely Available

18 Limitation of Publius  Supports only static contents  Key-parts/file deletion or corruption  Vulnerable to Redirection Attack  Vulnerable to Denial of Service Attack  Threats to Publisher Anonymity

19 Pros and Cons  Prevents denial of service attacks  A persistent backup system  Protects privacy and human rights  Child pornography  Pirated songs and software  Violating Copyrights  Illegal material

20 Publius Website: http://cs1.cs.nyu.edu/~waldman/publius Thank You! Any Questions?

Download ppt "Cryptography In Censorship Resistant Web Publishing Systems By Hema Hariharan Swati B Shah."

Similar presentations

Kerberos 1 Public domain image of Heracles and Cerberus. From an Attic bilingual amphora, 530–520 BC. From Italy (?).

Kerberos 1 Public domain image of Heracles and Cerberus. From an Attic bilingual amphora, 530–520 BC. From Italy (?).
HiveMind Distributed File Storage Using JavaScript Botnets Copyright 2013 Sean T. Malone.

HiveMind Distributed File Storage Using JavaScript Botnets Copyright 2013 Sean T. Malone.
Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
Building web applications on top of encrypted data using Mylar Presented by Tenglu Liang Tai Liu.

Building web applications on top of encrypted data using Mylar Presented by Tenglu Liang Tai Liu.
1 Computer Networks: A Systems Approach, 5e Larry L. Peterson and Bruce S. Davie Chapter 8 Network Security Copyright © 2010, Elsevier Inc. All rights.

1 Computer Networks: A Systems Approach, 5e Larry L. Peterson and Bruce S. Davie Chapter 8 Network Security Copyright © 2010, Elsevier Inc. All rights.
Publius A Robust, Tamper Evident, Censorship Resistant WWW Based Publishing System Marc Waldman NYU – CS Dept. Lorrie Cranor AT&T Research Aviel Rubin.

Publius A Robust, Tamper Evident, Censorship Resistant WWW Based Publishing System Marc Waldman NYU – CS Dept. Lorrie Cranor AT&T Research Aviel Rubin.
Lorrie Cranor AT&T Labs Avi Rubin AT&T Labs Marc Waldman

Lorrie Cranor AT&T Labs Avi Rubin AT&T Labs Marc Waldman
Publius: A robust, tamper-evident, censorship-resistant web publishing system By Waldman, Rubin, and Cranor Presented by Marco Barreno October 8th, 2003.

Publius: A robust, tamper-evident, censorship-resistant web publishing system By Waldman, Rubin, and Cranor Presented by Marco Barreno October 8th, 2003.
Michelle J. Gosselin, Jennifer Schommer Guanzhong Wang.

Michelle J. Gosselin, Jennifer Schommer Guanzhong Wang.
1 MD5 Cracking One way hash. Used in online passwords and file verification.

1 MD5 Cracking One way hash. Used in online passwords and file verification.
Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.

Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.
Chapter 1 – Introduction

Chapter 1 – Introduction
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.

Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.
Security Chapters 14,15. The Security Environment Threats Security goals and threats.

Security Chapters 14,15. The Security Environment Threats Security goals and threats.
Online Security Tuesday April 8, 2003 Maxence Crossley.

Online Security Tuesday April 8, 2003 Maxence Crossley.
Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber 1 Regulating Online Speech.

Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber 1 Regulating Online Speech.
Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.

Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.
CMSC 414 Computer and Network Security Lecture 16 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 16 Jonathan Katz.
Privacy Policy, Law and Technology Carnegie Mellon University Fall 2007 Lorrie Cranor 1 Identity, Anonymity,

Privacy Policy, Law and Technology Carnegie Mellon University Fall 2007 Lorrie Cranor 1 Identity, Anonymity,

Similar presentations

Ads by Google