Presentation is loading. Please wait.

Presentation is loading. Please wait.

Vanish: Increasing Data Privacy with Self-Destructing Data Roxana Geambasu Tadayoshi Kohno Amit A. Levy Henry M. Levy University of Washington.

Published byMarian Agatha Woods Modified over 9 years ago

Similar presentations

Presentation on theme: "Vanish: Increasing Data Privacy with Self-Destructing Data Roxana Geambasu Tadayoshi Kohno Amit A. Levy Henry M. Levy University of Washington."— Presentation transcript:

1 Vanish: Increasing Data Privacy with Self-Destructing Data Roxana Geambasu Tadayoshi Kohno Amit A. Levy Henry M. Levy University of Washington

2 Problem:  Data is never truly forgotten Email caches Email caches Chat History Chat History Cloud Services Cloud Services Data Backups Data Backups Transmission to 3 rd parties Transmission to 3 rd parties  Resting data is vulnerable Recent hack on Sony for example Recent hack on Sony for example 2

3 Problem:  What kind of data? Email Email Chat History Chat History Posts on public forums Posts on public forums Pictures Pictures Personal Files Personal Files  Many items of sensitive data are only useful for a limited time 3

4 Problem:  Who wants your data? The spouse in a divorce case The spouse in a divorce case The public during an election cycle The public during an election cycle The government in a criminal case The government in a criminal case The plaintiff in a civil case The plaintiff in a civil case Your employer Your employer Identity Thief Identity Thief Someone who intends to blackmail you. Someone who intends to blackmail you. 4

5 Requirements:  We would like sensitive data to be permanently deleted after it has served its original purpose. Even if it is archived by any number of 3 rd parties Even if it is archived by any number of 3 rd parties Without any explicit action by the creator Without any explicit action by the creator Without the need to access the data where it is stored Without the need to access the data where it is stored Without the use of secure hardware Without the use of secure hardware Without deployment of new external services. Without deployment of new external services. 5

6 Intro to Vanish  Vanish claims to solve the problem while meeting all requirements.  At a High Level: Threshold Secret Sharing Threshold Secret Sharing Distributed Hash Tables (Vuze and OpenDHT) Distributed Hash Tables (Vuze and OpenDHT) Vanishing Data Object (VDO) Vanishing Data Object (VDO) 6

7 Threshold Secret Sharing  Many different implementations  Basic Principal n = Number of “shares” n = Number of “shares” t = Threshold t = Threshold The Secret can be revealed using any combination of t shares. The Secret can be revealed using any combination of t shares.  Vanish uses Shamir secret sharing 7

8 Threshold Secret Sharing Crafting and distributing shares 1. Generate a secret key K 2. Determine value for n and t 3. Calculate and distribute n shares Obtaining a secret from shares 1. Collect t shares from the set of n shareholders 2. Combine shares and determine the value K 8

9 Shamir Secret Sharing It takes k points to define a polynomial of degree k-1 1. Choose threshold coefficients a 1..a t 2. Choose its y-intercept (a 0 ) as the key 3. Choose any N points along the curve and distribute them as shares 4. One only needs k points to re-construct the curve and find the y-intercept. 9

10 Vuze Distributed Hash Table Desirable Properties: 1. Availability 2. Scale 3. Geographic Distribution 4. Decentralization 5. Churn 10

11 Vuze Distributed Hash Table  Based on the Kademlia Protocol  Has 2 160 indexes split over 1M+ nodes  An index has a fixed 8-hour timeout  Data is copied to the 20 closest nodes to ensure availability until the timeout. Three commands: 1. Lookup – Find which node owns a particular index 2. Get – Get the data from a host for an index 3. Store – Store data on a host at an index. 11

12 Vanishing Data Object (VDO)  Input: Data Object D Data Object D Timeout T (optional) Timeout T (optional)  Output: VDO V = {L,C,N,threshold} VDO V = {L,C,N,threshold} 12

13 Vanish: Encapsulation Building the VDO: 1. Pick a random symmetric key K 2. Encrypt D with K to obtain C 3. Create N shares of K (secret sharing) 4. Generate access key L 5. Use PRNG seeded with L to generate DHT indices I 1 – I N 6. Store shares K 1 -K N into indices I 1 -I N 13

14 Vanish: Encapsulation 14 Image Credit: “Vanish”; Geambasu, Kohno, Levy, Levy 2009 pp. 7

15 Vanish: Decapsulation Getting back your data: 1. Obtain VDO V = {L,C,N,threshold} 2. Use L and N to derive indices I 1 -I N 3. Obtain at least threshold shares of K 1 -K N 4. Calculate key K 5. Obtain Data D = decrypt K (C) 15

16 Vanish Applications  FireVanish Plugin written for Firefox 3.0 Plugin written for Firefox 3.0 Requires the Unix Vuze DHT implementation. Requires the Unix Vuze DHT implementation. Was adapted from FireGPG Was adapted from FireGPG  Desktop File Application Only discussed in the paper and never distributed Only discussed in the paper and never distributed Claimed secure erasure of items in host trash bin. Claimed secure erasure of items in host trash bin. 16

17 Vanish: VDO Availability Using N=1 1% of VDOs expire too early 1% of VDOs expire too early 5% of VDOs expire LONG after intended 5% of VDOs expire LONG after intended Using N=100, T=99% Average Life was only 4 hours Average Life was only 4 hours Using 20≤ N ≤50+, T=90% Almost ideal results Almost ideal results 17 Image Credit: “Vanish”; Geambasu, Kohno, Levy, Levy 2009 pp. 8

18 Vanish: Performance  In 2009, it took 17 seconds to push 20 Index-Data pairs into Vuze DHT  Retrieving 20 values took 2.0 seconds  Both scale linearly  Pre-Push feature added to speed up encapsulation to about 0.1 seconds. 18

19 Vanish: Security  Attacks after the VDO has expired are infeasible Shares were spread over jurisdictions Shares were spread over jurisdictions Churn in Vuze makes it infeasible to identify which machines had shares. Churn in Vuze makes it infeasible to identify which machines had shares. 19

20 Vanish: Security  Some attacks before VDO’s expire: ISP proactively encapsulates email ISP proactively encapsulates email ○ Ans: Put VDO’s inside PGP container Someone sniffs and archives all DHT operations of sender or receiver Someone sniffs and archives all DHT operations of sender or receiver ○ Ans: Use tor The attacker joins the DHT in an attempt to retain copies of store and lookup requests. The attacker joins the DHT in an attempt to retain copies of store and lookup requests. ○ Ans: Stay Tuned… 20

21 http://vanish.cs.washington.edu/ 21

Download ppt "Vanish: Increasing Data Privacy with Self-Destructing Data Roxana Geambasu Tadayoshi Kohno Amit A. Levy Henry M. Levy University of Washington."

Similar presentations

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
P2P data retrieval DHT (Distributed Hash Tables) Partially based on Hellerstein’s presentation at VLDB2004.

P2P data retrieval DHT (Distributed Hash Tables) Partially based on Hellerstein’s presentation at VLDB2004.
PROVENANCE FOR THE CLOUD (USENIX CONFERENCE ON FILE AND STORAGE TECHNOLOGIES(FAST `10)) Kiran-Kumar Muniswamy-Reddy, Peter Macko, and Margo Seltzer Harvard.

PROVENANCE FOR THE CLOUD (USENIX CONFERENCE ON FILE AND STORAGE TECHNOLOGIES(FAST `10)) Kiran-Kumar Muniswamy-Reddy, Peter Macko, and Margo Seltzer Harvard.
1 Computer Networks: A Systems Approach, 5e Larry L. Peterson and Bruce S. Davie Chapter 8 Network Security Copyright © 2010, Elsevier Inc. All rights.

1 Computer Networks: A Systems Approach, 5e Larry L. Peterson and Bruce S. Davie Chapter 8 Network Security Copyright © 2010, Elsevier Inc. All rights.
Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, 2010. ICWCSC 2010. International.

Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.
Modelling and Analysing of Security Protocol: Lecture 10 Anonymity: Systems.

Modelling and Analysing of Security Protocol: Lecture 10 Anonymity: Systems.
Kademlia: A Peer-to-peer Information System Based on the XOR Metric Petar Mayamounkov David Mazières A few slides are taken from the authors’ original.

Kademlia: A Peer-to-peer Information System Based on the XOR Metric Petar Mayamounkov David Mazières A few slides are taken from the authors’ original.
Click to edit Master title style Defeating Vanish with Low-Cost Sybil Attacks Against Large DHTs Scott Wolchok 1 Owen S. Hofmann 2 Nadia Heninger 3 Edward.

Click to edit Master title style Defeating Vanish with Low-Cost Sybil Attacks Against Large DHTs Scott Wolchok 1 Owen S. Hofmann 2 Nadia Heninger 3 Edward.
Authentication Cristian Solano. Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key.

Authentication Cristian Solano. Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key.
TrustMe: Anonymous Management of Trust Relationships in Decentralized P2P Systems Aameek Singh and Ling Liu Presented by: Korporn Panyim.

TrustMe: Anonymous Management of Trust Relationships in Decentralized P2P Systems Aameek Singh and Ling Liu Presented by: Korporn Panyim.
Vanish: Increasing Data Privacy with Self-Destructing Data Roxana Geambasu Yoshi Kohno Amit Levy Hank Levy University of Washington.

Vanish: Increasing Data Privacy with Self-Destructing Data Roxana Geambasu Yoshi Kohno Amit Levy Hank Levy University of Washington.
S EMINAR A SELF DESTRUCTING DATA SYSTEM BASED ON ACTIVE STORAGE FRAMEWORK ONON P RESENTED BY S HANKAR G ADHVE G UIDED BY P ROF.P RAFUL P ARDHI.

S EMINAR A SELF DESTRUCTING DATA SYSTEM BASED ON ACTIVE STORAGE FRAMEWORK ONON P RESENTED BY S HANKAR G ADHVE G UIDED BY P ROF.P RAFUL P ARDHI.
Outline for today Structured overlay as infrastructures Survey of design solutions Analysis of designs.

Outline for today Structured overlay as infrastructures Survey of design solutions Analysis of designs.
Small-world Overlay P2P Network

Small-world Overlay P2P Network
Roberto Di Pietro, Luigi V. Mancini and Alessandro Mei.

Roberto Di Pietro, Luigi V. Mancini and Alessandro Mei.
 Key exchange o Kerberos o Digital certificates  Certificate authority structure o PGP, hierarchical model  Recovery from exposed keys o Revocation.

 Key exchange o Kerberos o Digital certificates  Certificate authority structure o PGP, hierarchical model  Recovery from exposed keys o Revocation.
Peer to Peer File Sharing Huseyin Ozgur TAN. What is Peer-to-Peer?  Every node is designed to(but may not by user choice) provide some service that helps.

Peer to Peer File Sharing Huseyin Ozgur TAN. What is Peer-to-Peer?  Every node is designed to(but may not by user choice) provide some service that helps.
Cryptography In Censorship Resistant Web Publishing Systems By Hema Hariharan Swati B Shah.

Cryptography In Censorship Resistant Web Publishing Systems By Hema Hariharan Swati B Shah.
P2P: Advanced Topics Filesystems over DHTs and P2P research Vyas Sekar.

P2P: Advanced Topics Filesystems over DHTs and P2P research Vyas Sekar.
Protecting Free Expression Online with Freenet Presented by Ho Tsz Kin I. Clarke, T. W. Hong, S. G. Miller, O. Sandberg, and B. Wiley 14/08/2003.

Protecting Free Expression Online with Freenet Presented by Ho Tsz Kin I. Clarke, T. W. Hong, S. G. Miller, O. Sandberg, and B. Wiley 14/08/2003.

Similar presentations

Ads by Google