Publius a robust tamper evident censorship resistant www based publishing system
Sponsored Links
This presentation is the property of its rightful owner.
1 / 31

Publius A Robust, Tamper Evident, Censorship Resistant WWW Based Publishing System PowerPoint PPT Presentation

  • Uploaded on
  • Presentation posted in: General

Publius A Robust, Tamper Evident, Censorship Resistant WWW Based Publishing System. Lorrie Cranor AT&T Research. Aviel Rubin AT&T Research. Marc Waldman NYU – CS Dept. Publius. Pen name used by authors of Federalist Papers

Download Presentation

Publius A Robust, Tamper Evident, Censorship Resistant WWW Based Publishing System

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript

PubliusA Robust, Tamper Evident, Censorship Resistant WWW Based Publishing System

Lorrie Cranor

AT&T Research

Aviel Rubin

AT&T Research

Marc Waldman

NYU – CS Dept.


  • Pen name used by authors of Federalist Papers

  • Federalist Papers influential in convincing NY state voters to ratify US constitution.

Why Publish Anonymously?

  • Political Dissent

  • “Whistleblowing”

  • Radical Ideas

  • Human Rights Reports

Publius Design Goals

  • Censorship Resistant

  • Tamper Evident

  • Source Anonymous

  • Updateable

  • Host Content Deniability

  • Persistent

  • Extensible

  • Freely Available

Related Work

  • Connection Based Anonymity

    Hide identity of requestor

  • Location or Author Based Anonymity

    Hide identity of author or WWW server

Connection Based Anonymity

  • Anonymizer

    HTTP proxy

    URL rewrite

  • Proxymate

    Formerly LPWA

    HTTP Proxy

    Pseudonym generation

Connection Based Anonymity

  • Onion Router

    Mix Network

    HTTP Proxy Developed

  • Crowds

    HTTP request via Crowd

    Dynamic Path generation

Onion Routing

Onion 1

Onion 2

Onion 3

Onion 4

“Hello World”

Connection Based Anonymity

  • Freedom

    Similar to Onion Routing

    Implemented at transport layer

    Nym creation – allows multiple pseudonyms

    Supports HTTP, NNTP, POP3, Telnet , etc.

Location Based Anonymity

  • Rewebber (aka Janus)

    Author & Connection Based Tool

    HTTP Proxy

    URL Rewrite using public key crypto


    Ek (M)=Encrypt message M with public key k

Location Based Anonymity

  • Taz & Rewebber

    Computers with public/private key pair

    Each runs HTTP proxy server

    Encryption similar to onion-routing

    TAZ servers translate name.taz to address

    Down server = document irretrievable

Eternity Service

  • Ross Anderson (Univ. of Cambridge)

  • Network of servers – resists DOS attacks

  • Fee based

  • Files cannot be removed or updated

  • Digital Libraries

Eternity Systems

  • Usenet Eternity

    Scaled Down Eternity System

    Usenet is storage medium

    Formatting using PGP, SHA1

    Send to alt.anonymous.messages

    Server caches and performs updates

    Connect via WWW browser

Eternity Inspired Systems

  • Freenet

    “Adaptive Network”

    Local caching

    Anonymous query, retrieval

  • Intermemory

    Self-replicating persistant RAM

    Donate hard disk space

File Sharing Systems

  • Napster

    Peer-to-peer file sharing

    Peers can capture IP address or peer

  • Gnutella

    Anonymous query

    Peer to peer file transfer, IP capture

Publius Overview

Publius Content – Static content (HTML, images, PDF, etc) with desired properties.

  • Publishers – Post Publius content

  • Servers – Host Publius content

  • Retrievers – Browse Publius content

Publius Servers

Publius Server Table

Publish Operation

D = Document To Publish K=Key

Shamir Secret Sharing






MD5 ( D . Sharei ) / Mod 5 = Index Into Server Table

Index 0 = Index 3 =

Store D encrypted under K, and one Share on Server

Publish Overview

  • Servers available to store content

  • Encrypt document with secret key K

  • Secret split key K into (m,k) shares (Shamir)

  • Store encrypted document and share on m servers

  • Form URL cryptographically tied to document

  • Distribute URL – Publius URL


Retrieve Overview

  • Break apart URL to discover document locations

  • Retrieve encrypted document and share from k locations

  • Reassemble Key K from shares

  • Decrypt retrieved document

  • Check for tampering

  • View in WWW browser

http://!publius!/MD5(D.Share1 )MD5 (D.Share2)…


Index = MD5(D.Share1) Mod Table_Size

From Get Encrypted File, Share

Key = combine Shares

D = Decrypt File with Key

Tamper Check = MD5(D.Share1) = value in URL

Retrieve Operation


  • N = # servers with Content & Share

  • K = # Shares needed to reconstruct the Key

  • Higher N

    Greater availability

    Harder to censor

  • Higher K

    Decreased performance

    Greater tamper protection

    Possibly Easier To Censor

Update and Delete Operations

  • Update – “update” file, MD5(password.IP)

  • Delete – MD5(password .IP)

  • Threats – Place update file on server

    Brute force to delete files

  • URL contains update bit - Don’t accept updates

  • Publish Option – No Delete or Update

Mutually Hyperlinked Content



Publish B, Modify A, Publish A



Publish B First – Invalid A Link

Publish A First – Invalid B Link

Problem: Content cryptographically tied to URL

Hyperlinked Content Solution




Publish A, B

Modify A, B




Republish A,B



Update A,B


User Interface

Browser Based GUI

Publius Proxy




Store MIME type in first three bytes of file

Send correct Content-Type to browser

Threats & Limitations

  • Share Deletion or Corruption

  • Update File Deletion or Corruption

  • Denial of Service Attacks

  • Threats to Publisher Anonymity

  • “Rubber-Hose Cryptanalysis”

  • 3 Week Server Recruitment Period

  • 100 Volunteers, Test Script distributed

  • 53 successfully installed test script

  • 44 successfully installed.

  • Proxy - server version of client, 9 volunteers

  • Must trust proxy – see file, password for Publish

  • Sees URL for retrieve

  • Over 550 client requests

Live Trial (8/7/2000)

Contributions & Availability

  • Automatic Tamper Checking Mechanism

  • Update / Delete Method

  • Publishing Mutually Hyperlinked Content

  • 1500 Lines of Perl

  • Uses Crypto++ 3.2 – Crypto Library (C++)

Future Work

  • Remove dependence on server list

    - URL encodes locations, tamper check

  • Split content

    - Krawczyk – Information Dispersal

  • CPU payment scheme (Dwork, Naor)

  • Automatic replication across servers

    - Intermemory model

Publius WWW Site

Source Code & Technical Paper

  • Login