1 / 25

Vanish : Increasing Data Privacy with Self-Destructing Data

Vanish : Increasing Data Privacy with Self-Destructing Data. Presented by : Ahmed Qaid. Roxana Geambasu Tadayoshi Kohno Amit A. Levy Henry M. Levy. What is Vanish .

pearl
Download Presentation

Vanish : Increasing Data Privacy with Self-Destructing Data

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Vanish: Increasing Data Privacy with Self-Destructing Data Presented by : Ahmed Qaid • Roxana GeambasuTadayoshi Kohno Amit A. Levy Henry M. Levy

  2. What is Vanish “Vanish is a project developed at the University of Washington which “give the users the ability to determine the lifespan of their personal data stored in the web” [~wikipedia] Motivations / Challenges • Data live forever. (Emails, Google Doc). • Retroactive attacks.

  3. Data live forever Alice Bob Observations / problems! • Mail servers contain data in clear text. • Mails remain in mail servers for long time. • Multiple copies . Timeout @Gmail @Hotmail ISP ISP Mail Exchange Encryption (PGP) Destruction after Timeout (G1) Destruction after Timeout (G1)

  4. Alice PK Retroactive attack. Retroactive Attack M = D( C ,PK) Timeout Alice Bob @Gmail @Hotmail ISP ISP Mail Exchange What’s needed ! • Automatic data deletion after timeout • Protect against Retroactive attack. (timeout)

  5. Goals • Destruction after timeout. (G1) • Accessible until timeout. • Leverage existing infrastructures. (Vuze ) • No secure hardware. • No new privacy risks. Assumptions • Time-limited value. ( emails , trash bin) • Known timeout. • Internet connectivity. • Dispensability under attack.

  6. Candidate Approaches • Manual Delete data (cron). • Use a standard public key or symmetric encryption scheme. (PGP) • Steganography • . . . Internet multiple copies Assume attacker has access to Dec keys (subpoena) Hides data not delete , Hard to scale in many app

  7. DHT – Distributed Hash Tables “DHT = a table used in distributed P2P Computing that obviates the needs for central servers.”[p2p foundation] • get/put interface , operations :lookup ,get and store • (index, value) pairs • Each node stores part of the index name space. • Why DHT ? Vuze • Scalability ( over 1 million nodes for the Vuze DHT). • Availability ( check data after timeout) • Churn nature. (over 80% of the IPs change within 7 days)

  8. How does Vanish work ? • VDO –vanish data object -encapsulates the user’s data (such as a file or message) and prevents its contents from persisting Indefinitely and becoming a source of retroactive information leakage. • Regardless of whether the VDO is copied, it become unreadable after a predefined period of time. VDO = {L, C, n, threshold} L= random access key C = Cipher text n = number of shares Threshold= minimum number of shares to create the key K.

  9. Encapsulate Data to VDO VDO Alice Bob 1. Alice send Data and timeout to vanish 2. Vanish picks a random data key, K, and encrypts D with K to obtain a ciphertextC. Encapsulate (Data , Timeout) 3. Vanish splits the data key K into n pieces of shares K1, K2, K3…Kn. (Shamir's Secret) VDO = {L, C, n, threshold} 4.Vanish picks a random access key L, and selects a pseudorandom number generator “PRNG” keyed by L and derives n indices into the DHTI1,I2,I3…In. Then it sprinkles the N shares K1, . . . ,KN at these pseudorandom locations C = Ek(data) K1 K K2 K3 Vanish Daemon K4 Example n =3 Threshold = 2 Threshold ratio = 66% Kn L  PRNG =I1,l2,l3..ln DHT

  10. De capsulate VDO Alice Bob VDO = {L, C, n, threshold} 1. Vanish extracts the access key, L 2. Vanish seeds the PRNG with the access key L to retrieve n indices I1,I2,I3…In. L 3.Vanish retrieves the required number of shares as specified by the threshold, L  PRNG =I1,l2,l3..ln 2 threshold  2 shares K1 4.Vanish reconstructsKusing Shamir's Secret and decrypts C to obtain Data. K K2 Vanish Daemon K3 K4 Kn Data Dk(C) =Data DHT

  11. Shared Key distribution Vanish - Vuze Hash (index)  ID ID( IP , Port) location 1 2 Alice 20 Lookup ABC ID’s K1  Return 20 ID A K2 3 19 K3 Store 20  1 1 … 4 2 2 20 20 D B 3 … 3 19 1 2 … 4 … 4 20 C 3 19 … 4 P2P

  12. Shared Key distribution Vanish - Vuze He knows thethreshold = 2 Retrieved I1,l2 1 2 Bob 20 Hash (index)  ID K1 A Get value  3 19 1 1 … 4 2 2 20 20 K2 D B 3 … 3 19 1 Decapsulate VDO 2 … 4 … 4 20 K3 C 3 19 … 4 P2P

  13. Shared Key distribution Vanish - Vuze He knows thethreshold = 2 Retrieved I1,l2 1 2 Bob 1 node left - churn 20 Hash (index)  ID Get value  3 19 1 1 … 4 2 2 20 20 K2 D B 3 … 3 19 1 Decapsulate VDO 2 … 4 … 4 20 K3 C 3 19 … 4 P2P

  14. Shared Key distribution Vanish - Vuze He knows thethreshold = 2 Retrieved I1,l2 1 2 Bob 2 nodes left - churn 20 Hash (index)  ID Before 8 hours Get value  3 19 1 1 … 4 2 2 20 20 K2 D B 3 … 3 19 1 Decapsulate VDO – Fail ! 2 … 4 … 4 20 How to overcome ? 3 19 … 4 P2P

  15. Shared Key distribution Vanish - Vuze 1 2 Alice 20 K1 A Use Replication 3 19 1 1 … 4 2 2 20 20 K2 D B 3 … 3 19 1 2 … 4 … 4 20 K3 C 3 19 How is churn an advantage to Vanish ? Loss data instead of compromise privacy. … 4 Vuze- DHT

  16. Vanish Design • Sender send (Data , timeout) to Vanish Daemon • Vanish create VDO – distributes the shared keys • Receiver Encapsulate the message by retrieving the threshold keys. • If threshold < required. Can’t decapsulate VDO. • Vanish relays on key loss – Churn

  17. Vanish Applications • FireVanish – Firefox plug-in • Vanishing file system ( trash bin , Microsoft word auto save)

  18. Email Encapsulate /Decapsulate

  19. Experiment- Availability

  20. Experiment- Scalability • N = 50 and a threshold of 90% Are an excellent tradeoff of security and performance. Vuze improvement - Pre push

  21. Application Performance Based on file size • DHT store /get Files 10’s MB • Shamir Secret Sharing operation • Encryption / Decryption Files > 100 MB

  22. Security analysis • No new risks • Attacker cant read D without Vanish  He cant read D with Vanish • Retroactive attacks.

  23. Related topics • Unvanish– Defeating Vanish with Low-Cost Sybil Attacks Against Large DHTs • Hopping attack • SafeVanish • Sniffing attacks – RSA encryption • Hopping attack – mechanism increase share keys length

  24. Conclusion • Vanish introduced a new approach for protecting data privacy from retroactive attacks. • Vanished Data are not deleted , However Vanish claim its not accessible after predefined timeout .

  25. Thank you Questions !

More Related