Search Mailing List Archives
[liberationtech] Auto expiring document/files & 'rights to be forgotten'
yoshi at cs.washington.edu
Thu Jan 26 13:21:33 PST 2012
Thanks Steve! Yes, sounds like Vanish (also originally with Roxana Geambasu, Amit Levy, and Hank Levy). The attack was very effective against our original research prototype, largely because our prototype relied on the Vuze DHT as the underlying substrate but the Vuze DHT had properties that made it weak for our purposes (as the other work shows). If people are still interested in this space, I would suggest looking at this new paper instead: <http://www.cs.columbia.edu/~roxana/research/projects/vanish/vanish-extensions-techreport11.pdf>. I've included the abstract below:
This paper seeks to advance the state of the art in practical
self-destructing data systems that secure sensitive data from
disclosure in our highly mobile, social-networked, cloud-computing
world. Our work facilitates the automatic, timed, and simultaneous
destruction of all copies of a self-destructing data object (such as
a message or file) without any explicit action by the user and
without relying on any single trusted third party.
We make three contributions to the study of self-destructing data.
First, we present Cascade, an extensible framework for integrating
multiple key-storage mechanisms into a single self-destructing data
system. Cascade enhances resistance to attack by combining the
security advantages of a diverse set of key-storage approaches.
Second, we introduce Tide, a new key-storage system for
self-destructing data that leverages the ubiquity and easy
deployment of Apache Web servers throughout the Internet. Third,
based on our earlier work on Vanish and in light of recent attacks
against the Vuze DHT, we demonstrate how to significantly harden
Vuze and other DHTs against Sybil data-harvesting attacks, making
DHTs applicable as key-storage systems under Cascade.
To validate our approach, we designed, implemented, deployed, and
measured these systems. We prototyped the extensible Cascade system
with support for Tide, Vuze, and OpenDHT. We prototyped the Tide
key-storage system on Apache, deployed it on over 400 PlanetLab
nodes in the Internet, and demonstrated that the structure is highly
immune to attack. Finally, we designed and deployed a set of
defenses to Sybil data-harvesting attacks in the live Vuze P2P
system and measured them at full scale in the million-node DHT; our
results demonstrate that these defenses provide a
three-order-of-magnitude improvement over the original Vuze DHT,
rendering data-harvesting attacks extremely impractical.
On Jan 26, 2012, at 11:39 AM, Steve Weis wrote:
> You might be thinking of Vanish by Yoshi Kohno et al.:
> Ed Felten, Alex Halderman, Brent Waters, et al. have a Sybil attack against
> it here:
> Regardless of the attack, Vanish does not prevent local copies of the data.
> As people have already pointed out, if you let someone view static content
> on their own hardware, they can copy it. You can make it inconvenient and
> perhaps lossy, but can't prevent it completely.
> On Thu, Jan 26, 2012 at 11:18 AM, Tom Ritter <tom at ritter.vg> wrote:
>> There was a technology (that didn't work for realistic threat models)
>> that took a document and split among a number of servers. Over time,
>> these pieces would decay and be removed until you were no longer able
>> to reassemble the document. That sounds similar to what you're after.
>> It doesn't work for all the reasons already mentioned, but it was a
>> concrete open source implementation of an attempt. If only I could
>> remember its name...
>> liberationtech mailing list
>> liberationtech at lists.stanford.edu
>> Should you need to change your subscription options, please go to:
>> If you would like to receive a daily digest, click "yes" (once you click
>> above) next to "would you like to receive list mail batched in a daily
>> You will need the user name and password you receive from the list
>> moderator in monthly reminders.
>> Should you need immediate assistance, please contact the list moderator.
>> Please don't forget to follow us on http://twitter.com/#!/Liberationtech
> liberationtech mailing list
> liberationtech at lists.stanford.edu
> Should you need to change your subscription options, please go to:
> If you would like to receive a daily digest, click "yes" (once you click above) next to "would you like to receive list mail batched in a daily digest?"
> You will need the user name and password you receive from the list moderator in monthly reminders.
> Should you need immediate assistance, please contact the list moderator.
> Please don't forget to follow us on http://twitter.com/#!/Liberationtech
More information about the liberationtech