Presentation is loading. Please wait.

Presentation is loading. Please wait.

Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Cryptographic Security Secret Sharing, Vanishing Data.

Published byEmil Nash Modified over 9 years ago

Similar presentations

Presentation on theme: "Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Cryptographic Security Secret Sharing, Vanishing Data."— Presentation transcript:

1 Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Cryptographic Security Secret Sharing, Vanishing Data 1

2 Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science  How can a group of individuals share a secret?  Requirements:  some information is confidential  the information is only available when any k of the n members of group collaborate (k <= n) k = n implies unanimity k >= n/2 implies simple majority k = 1 implies independence  Assumptions  The secret is represented as a number  The number may be the secret or a (cryptographic) key that is used to decrypt the secret 2 Secret Sharing

3 Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science  General idea:  Secret data D is divided in n pieces D 1,…D n  Knowledge of k or more Di pieces makes D easily computable  Knowledge of k-1 or fewer pieces leaves D completely unknowable  Terminology  This is called a (k,n) threshold scheme  Uses  Divided authority (requires multiple distinct approvals from among a set of authorities)  Cooperation under mutual suspicion (secret only disclosed with sufficient agreement) 3 Secret Sharing

4 Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science  Mathematics  A polynomial of degree n-1 is of the form  Just as 2 points determine a straight line (a polynomial of degree 1), n+1 points uniquely determine a polynomial of degree n. That is, if then 4 Secret Sharing

5 Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science  Given D, k, and n  Construct a random k-1 degree polynomial 5 Simple (k,n) Threshold Scheme

6 Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science  Given D, k, and n  Construct a random k-1 degree polynomial  Distribute the n pieces as (i, D i )  Any k of the n pieces can be used to find the unique polynomial and discover a 0 (equivalently solve for q(0) )  Finding the polynomial is called polynomial interpolation 6 Simple (k,n) Threshold Scheme

7 Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science  Suppose k=2, n=3, and D=34  Choose a random k-1 degree polynomial:  Generate n values:  The n pieces are (1,46), (2,58), and (3,70) 7 Example

8 Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science  Given 2 pieces (1,46) and (3,70) find the secret, D, by solving the simultaneous equations: 8 Example

9 Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science  Given a set of k+1 data points (x 0,y 0 )…(x k,y k )  A k degree polynomial for these points is where Dennis Kafura – CS5204 – Operating Systems 9 What’s Lagrange Got To Do With It? Joseph Louis Lagrange

10 Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science  Motivation  Many forms of data (e.g., email) are archived by service providers for reliability/availability  Data stored “in the cloud” beyond user control  Such data creates a target for intruders, and may persist beyond useful lifetime to the user’s detriment through disclosure of personal information  Recreates “forget-ability” and/or deniability  Protect against retroactive data disclosure  Innovation: “vanishing data object” (VDO) 10 Vanishing Data

11 Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science  VDO permanently unreadable after a period  Is readable by legitimate users during the period  Allows attacker to retroactively know the VDO and all persistent cryptographic keys 11 Vanishing Data

12 Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science  VDO permanently unreadable after a period  Is readable by legitimate users during the period  Allows attacker to retroactively know the VDO and all persistent cryptographic keys  Does not require  explicit action by the user or storage service to render the data unreadable  changes to any of the stored copies of the data  secure hardware  any new services (leverage existing services) 12 Vanishing Data

13 Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science 13 Example Applications

14 Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science  Key elements  Threshold secret sharing  Distributed hash tables (DHT) P2P systems Availability Scale, geographic distribution, decentralization Churn – Median lifetime minutes/hours – 2.4 min (Kazaa), 60 min (Gnutella), 5 hours (Vuze) – extended to desired period by background refresh VUZE – Open-source P2P system – using bittorrent protocol 14 Vanish Architecture

15 Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science  Operation  Locator is a pseudorandom number generator keyed by L; used to select random locations in the DHT for storing the VDO  VDO is encrypted with key K  N shares of K are created and then K is erased  VDO = (L, C, N, threshold) 15 Vanish Architecture

16 Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science 16 Setting Parameters Use threshold=90% Use N=50

17 Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science  Tradeoff  Larger threshold values provide more security  Larger threshold values provide shorter lifetimes 17 Setting Parameters

18 Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science  Prepush – Vanish proactively creates and distributes data keys 18 Performance Measurement

19 Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science  Decapsulate VDO prior to expiration  Further encrypt data using traditional encryption schemes  Eavesdrop on net connection  Use DHT that encrypts traffic between nodes  Compose with system (like TOR) to tunnel interactions with DHT through remote machines  Integrate in DHT  Eavesdrop on store/lookup operations Possible but extremely expensive to attacker (see next)  Standard attacks on DHTs Adopt standard solution 19 Attack Vectors and Defenses

20 Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science  Assuming 5% of the DHT nodes are compromised what is the probability of VDO compromise? 20 Parameters and security

Download ppt "Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Cryptographic Security Secret Sharing, Vanishing Data."

Similar presentations

Trusted Data Sharing over Untrusted Cloud Storage Provider Gansen Zhao, Chunming Rong, Jin Li, Feng Zhang, and Yong Tang Cloud Computing Technology and.

Trusted Data Sharing over Untrusted Cloud Storage Provider Gansen Zhao, Chunming Rong, Jin Li, Feng Zhang, and Yong Tang Cloud Computing Technology and.
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.

ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
Authors: Yanchao Zhang, Member, IEEE, Wei Liu, Wenjing Lou,Member, IEEE, and Yuguang Fang, Senior Member, IEEE Source: IEEE TRANSACTIONS ON DEPENDABLE.

Authors: Yanchao Zhang, Member, IEEE, Wei Liu, Wenjing Lou,Member, IEEE, and Yuguang Fang, Senior Member, IEEE Source: IEEE TRANSACTIONS ON DEPENDABLE.
Group Protocols for Secure Wireless Ad hoc Networks Srikanth Nannapaneni Sreechandu Kamisetty Swethana pagadala Aparna kasturi.

Group Protocols for Secure Wireless Ad hoc Networks Srikanth Nannapaneni Sreechandu Kamisetty Swethana pagadala Aparna kasturi.
Distribution and Revocation of Cryptographic Keys in Sensor Networks Amrinder Singh Dept. of Computer Science Virginia Tech.

Distribution and Revocation of Cryptographic Keys in Sensor Networks Amrinder Singh Dept. of Computer Science Virginia Tech.
Www.mobilevce.com © 2004 Mobile VCE 3G 20041. www.mobilevce.com © 2004 Mobile VCE 3G 20042 19 th October 2004 Regional Blackouts: Protection of Broadcast.

© 2004 Mobile VCE 3G © 2004 Mobile VCE 3G th October 2004 Regional Blackouts: Protection of Broadcast.
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style A Survey on Decentralized Group Key Management Schemes.

Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style A Survey on Decentralized Group Key Management Schemes.
Cryptography and Data Security: Long-Term Challenges Burt Kaliski, RSA Security Northeastern University CCIS Mini Symposium on Information Security November.

Cryptography and Data Security: Long-Term Challenges Burt Kaliski, RSA Security Northeastern University CCIS Mini Symposium on Information Security November.
Trustworthy Services from Untrustworthy Components: Overview Fred B. Schneider Department of Computer Science Cornell University Ithaca, New York 14853.

Trustworthy Services from Untrustworthy Components: Overview Fred B. Schneider Department of Computer Science Cornell University Ithaca, New York
Click to edit Master title style Defeating Vanish with Low-Cost Sybil Attacks Against Large DHTs Scott Wolchok 1 Owen S. Hofmann 2 Nadia Heninger 3 Edward.

Click to edit Master title style Defeating Vanish with Low-Cost Sybil Attacks Against Large DHTs Scott Wolchok 1 Owen S. Hofmann 2 Nadia Heninger 3 Edward.
Vanish: Increasing Data Privacy with Self-Destructing Data Roxana Geambasu Yoshi Kohno Amit Levy Hank Levy University of Washington.

Vanish: Increasing Data Privacy with Self-Destructing Data Roxana Geambasu Yoshi Kohno Amit Levy Hank Levy University of Washington.
S EMINAR A SELF DESTRUCTING DATA SYSTEM BASED ON ACTIVE STORAGE FRAMEWORK ONON P RESENTED BY S HANKAR G ADHVE G UIDED BY P ROF.P RAFUL P ARDHI.

S EMINAR A SELF DESTRUCTING DATA SYSTEM BASED ON ACTIVE STORAGE FRAMEWORK ONON P RESENTED BY S HANKAR G ADHVE G UIDED BY P ROF.P RAFUL P ARDHI.
CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.

CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.
CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.
Random Key Predistribution Schemes for Sensor Networks Authors: Haowen Chan, Adrian Perrig, Dawn Song Carnegie Mellon University Presented by: Johnny Flowers.

Random Key Predistribution Schemes for Sensor Networks Authors: Haowen Chan, Adrian Perrig, Dawn Song Carnegie Mellon University Presented by: Johnny Flowers.
Secret Sharing Algorithms

Secret Sharing Algorithms
1 The Sybil Attack John R. Douceur Microsoft Research Presented for Cs294-4 by Benjamin Poon.

1 The Sybil Attack John R. Douceur Microsoft Research Presented for Cs294-4 by Benjamin Poon.
Multicast Security May 10, 2004 Sam Irvine Andy Nguyen.

Multicast Security May 10, 2004 Sam Irvine Andy Nguyen.
Key Management and Distribution. YSLInformation Security – Mutual Trust2 Major Issues Involved in Symmetric Key Distribution For symmetric encryption.

Key Management and Distribution. YSLInformation Security – Mutual Trust2 Major Issues Involved in Symmetric Key Distribution For symmetric encryption.
Middleware for P2P architecture Jikai Yin, Shuai Zhang, Ziwen Zhang.

Middleware for P2P architecture Jikai Yin, Shuai Zhang, Ziwen Zhang.

Similar presentations

Ads by Google