Recomendados
Recomendados
Más contenido relacionado
Similar a Vanish: Increasing Data Privacy with Self-destructing Data
Similar a Vanish: Increasing Data Privacy with Self-destructing Data (20)
Último
Último (20)
Vanish: Increasing Data Privacy with Self-destructing Data
- 1. Increasing Data Privacy with Self-Destructing Data Roxana Geambasu, Amit Levy, Tadayoshi Kohno, Arvind Krishnamurthy, Henry M. Levy Andreas Georgiou
- 2. Outline Introduction Vanish Software Vanish Architecture Distributed Hash Tables (DHTs) Problems identified Final Thoughts
- 3. Introduction What is Vanish ? What are the Goals ? Threat Model
- 4. Vanish Software Firefox plug-in (FireVanish) & File Vanishing No Crypto Keys required No user action required
- 5. Vanish Software Encapsulate Vanish Data Object (VDO) = {C,L} Decapsulate
- 6. Vanish Software Encapsulate Timeout (hours/days) Vanish Data Object (VDO) = {C,L} Decapsulate
- 7. Vanish Software Encapsulate Vanish Data Object (VDO) = {C,L} Decapsulate
- 8. Vanish Software encrypted data Encapsulate Vanish Data Object (VDO) = {C,L} Decapsulate locator key
- 9. Vanish Software encrypted data Encapsulate Vanish Data Object (VDO) = {C,L} Decapsulate locator key
- 10. Vanish Software encrypted data Encapsulate Vanish Data Object (VDO) = {C,L} Decapsulate locator key
- 11. Vanish Architecture VDO via Email DHT VDO Creation {C, L, N, Threshold} VDO {C, L, N, Threshold} L : Locator Key L : Locator Key C= EK (Data) K : Random Enc Key Reconstruction Encryption Key Data = DK (C)
- 12. Distributed Hash Table (DHT) Decentralised P2P Network [Key, Value] Pairs Scale, Geo-Location & Reliability Multiple DHTs (OpenDHT & Vuze)
- 13. Identified Problems I No security before timeout Anyone can access to the VDO Legal issues (UK & US)
- 14. Identified Problems I No security before timeout All users have access to the VDO Legal issues
- 15. Identified Problems II Not Practical No commercial value. No user studies (interface/usability/confidence) No security (Sybil Attack)
- 16. Identified Problems II Not Practical No commercial value. "Defeating Vanish with Low-Cost Sybil Attacks Against Large DHTs" (2009) Scott Wolchok, Owen S. Hofmann, Nadia Heninger, Edward W. Felten, J. Alex Halderman, Christopher J. Rossbach, Brent Waters, Emmett Witchel No user studies (interface/usability/confidence) No security (Sybil Attack)
- 17. Final Thoughts Use of DHT in Information Security Followed the Scientific Method (Experiments) Most goals were accomplished Suggested solutions to weaknesses
- 18. Final Thoughts Use of DHT in Information Security Followed the Scientific Method (Experiments) Most goals were accomplished Suggested solutions to weaknesses
- 19. Thank You for Listening Andreas Georgiou 2014 andreas.georgiou.13@ucl.ac.uk
Notas del editor
- driveUniversity of Washington in 2009 A group of researchers in order to tackle the privacy issues related to sensitive data left on your hard disk they developed a system that
- Vanish : is a system that creates a key for the encrypted text. The generated key is stored in a distributed network called DHT. After an amount of time specified the key is dissolved in the network and there is no way to recover it.They claimed that, there is no feasible attack against their system. That the adversary will required to use an amount of resources that only a powerful organisation like nation agencies have.Goals : Destruction after Timeout, the software must ensure that data will be unrecoverable after timeout without any explicit action Accessible until timeout, ensure that the system can provide lifetime of VDO objects. They also tried to leverage existing infastructures , no special hardware. No connectivity required, either you are online or offline after midnight the data should be self destructed Introduce no other privacy issues.Threat Model :- In their thread model do not include local users, assuming that legitimate users only can have access to their personal machines. Does not include DDOs attacks on the network based on their assumptions that a distributed network is hard to be attacked.- They also did not take any consideration adversaries that are able to intercept future emails send between two parties or any adversary that can get hold of a warrant, stating that such an adversary has an arsenal of forensic tools in his disposal.
- Vansish research team implemented this technology by developing two applications, a firefoxplugin called FireVanish.They also tested a prototype that uses vanish technology to encrypt local word documents, by wrapping the contents of the File in a Vanish Data object and shredding the local file.The vanish software is easy to install. After installation the user is not required to use any password or Crypto keys to encrypt and decrypt messages.After timeout the data are self destructed without any action required by the user, software or any special hardware.
- Shamir's Secret Sharing is an algorithm in cryptography created by Adi Shamir. It is a form of secret sharing, where a secret is divided into parts, giving each participant its own unique part, where some of the parts or all of them are needed in order to reconstruct the secret.Secret Sharing : N : Number of shares, Threshold
- Is a class of decentralised distributed systems that provides a lookup service similar to a Hash Table; [Key, Value] pairs are stored randomly in any node in the network.Anyone participating in the network can perform the lookup operation and providing the key retrieve the value associatedIn order to understand this better, imagine how a Bittorent network works but instead of having a torrent tracker, you have hash tables stored in each node that provides a path for each key. Fault Tolerance (No Single point of failure) – It is resistant to DDoS attacks Scalable by the mean, is efficient either you run a network with 1,000 or 1,000,000 million. DHTs use 128-bit or 160-bit key space Here I will also like to point out that they put quite an effort to study how the number of nodes, secret shares and the threshold affects the system. By carrying out a set of experiments they manipulated these variable to discover what is their relationship to properties like availability, latency and security of the system.They concluded that the optimal configuration is N=50 threshold 90% provide a balance between performance and security160-bit Idbased on its IP and port, which determines the index ranges that it will store.To store an (index,value) pair in the DHT, a client looksup 20 nodes with Ids clos-est to the specified index and then sends store messages to them.
- e-discovery law : Preserving the original content and metadata for electronically stored information is required in order to eliminate claims of spoliation or tampering with evidence later in the litigation.
- Regulation of Investigatory Powers Act 2000, which states if the authorities want to access any protected information then you should hand them over the password. But what if you don’t remember the password or forgot it or you don’t even have the password, Then you should convince them that the password was self destruct a few hours ago, Good luck with that.
- In my opinion the software has many security flaws and is not practical to be used in the everyday life. For example when FireVanishTherefore it has no real commercial value and can not be used for further development or distribution.The did not carry out any formal user studies of how the user interface of the software should look like, what are the expectations of the users, if it does match the real needs of a user who wants to exchange sensitive information.It turned out that there is no security after all either before or after timeout and can be only used when a series of assumptions are valid.
- They did some strong assertions that their system is only vulnerable to adversaries that are willing to spend 860k (Amazon EC2 services) but this attack is measured that it will reach 59k dollars using arround 80-90k nodesUniversity of Texas & Michigan in 2009 published a paper that describes a feasible attack on the vanish system. Vanish authors claim it is exceptionally difficult for an eavesdropper to collect all the pieces of the key necessary to reassemble the key because it is never held in a single location.Adversary puts a small number of computers to join a network and act like is a very large number of computers by faking their identities.Unvanish shows how insecure vanish is by recovering parts of the key and decrypting the original message even after the timeout. [In the expirements they did, they were able almost close to 100% to recover the message.http://z.cs.utexas.edu/users/osa/unvanish/
- Distributed Hash Tables were an innovative idea and the use DHTs in a global scale of them in the information security field I found it quite interesting. It is an innovative idea, They followed they followed the scientific method strictly : Evaluated the capabilities of DHT networks in terms of performance and security Identify the research problem Specify purpose of research - Determine hypotheses/research question They stated their assumptions, conducted many experiments to locate the threshold of secret sharing that ensured availability and security. They provided with security evaluation of their prototype. Suggested solutions to increase confidentiality and defeat man in the middle attacks, like proposing the use of strong encryprtion algorithms like GPG or PGP. Although they failed to identify many of scheme’s weaknesses, I believe this paper should be accepted and published. Your judgement should not be biased with the today’s discoveries and progress, if I put myself back in 2005 when BitTorrent was
- Distributed Hash Tables were an innovative idea and the use of them in the information security field I found it quite interesting. It is an innovative idea, They followed they followed the scientific method strictly : Identify the research problem Specify purpose of research - Determine hypotheses/research question They stated their assumptions, conducted many experiments to locate the threshold of secret sharing that ensured availability and security. They provided with security evaluation of their prototype.Suggested solutions : De capsulation before timeout they suggested further encryption like PGP or GPG. Man in the Middle attack : set up a system of key exchange between nodes so they encrypt their communication between nodes Sybil attack : the economics of the attack make it not feasible but unvanish supports the opposite Although they failed to identify many of scheme’s weaknesses, I believe this paper should be accepted and published. Your judgement should not be biased with the today’s discoveries and progress, if
- Thank you for listening .Any Questions ?