1 / 31

Publius A Robust, Tamper Evident, Censorship Resistant WWW Based Publishing System

Publius A Robust, Tamper Evident, Censorship Resistant WWW Based Publishing System. Lorrie Cranor AT&T Research. Aviel Rubin AT&T Research. Marc Waldman NYU – CS Dept. Publius. Pen name used by authors of Federalist Papers

gage-newman
Download Presentation

Publius A Robust, Tamper Evident, Censorship Resistant WWW Based Publishing System

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. PubliusA Robust, Tamper Evident, Censorship Resistant WWW Based Publishing System Lorrie Cranor AT&T Research Aviel Rubin AT&T Research Marc Waldman NYU – CS Dept.

  2. Publius • Pen name used by authors of Federalist Papers • Federalist Papers influential in convincing NY state voters to ratify US constitution.

  3. Why Publish Anonymously? • Political Dissent • “Whistleblowing” • Radical Ideas • Human Rights Reports

  4. Publius Design Goals • Censorship Resistant • Tamper Evident • Source Anonymous • Updateable • Host Content Deniability • Persistent • Extensible • Freely Available

  5. Related Work • Connection Based Anonymity Hide identity of requestor • Location or Author Based Anonymity Hide identity of author or WWW server

  6. Connection Based Anonymity • Anonymizer HTTP proxy URL rewrite • Proxymate Formerly LPWA HTTP Proxy Pseudonym generation www.anonymizer.com www.proxymate.com

  7. Connection Based Anonymity • Onion Router Mix Network HTTP Proxy Developed • Crowds HTTP request via Crowd Dynamic Path generation www.onion-router.net www.research.att.com/projects/crowds

  8. Onion Routing Onion 1 Onion 2 Onion 3 Onion 4 “Hello World”

  9. Connection Based Anonymity • Freedom Similar to Onion Routing Implemented at transport layer Nym creation – allows multiple pseudonyms Supports HTTP, NNTP, POP3, Telnet , etc. http://www.freedom.net

  10. Location Based Anonymity • Rewebber (aka Janus) www.rewebber.de Author & Connection Based Tool HTTP Proxy URL Rewrite using public key crypto U=http://www.cs.nyu.edu/~waldman/publius.html Ek (M)=Encrypt message M with public key k http://www.rewebber.com/surf-encrypted/Ek(U)

  11. Location Based Anonymity • Taz & Rewebber Computers with public/private key pair Each runs HTTP proxy server Encryption similar to onion-routing TAZ servers translate name.taz to address Down server = document irretrievable www.firstserver.com:100/STOPREADINGTHISANDPAYATTENTIONTOTHESPEAKER

  12. Eternity Service • Ross Anderson (Univ. of Cambridge) • Network of servers – resists DOS attacks • Fee based • Files cannot be removed or updated • Digital Libraries

  13. Eternity Systems • Usenet Eternity Scaled Down Eternity System Usenet is storage medium Formatting using PGP, SHA1 Send to alt.anonymous.messages Server caches and performs updates Connect via WWW browser

  14. Eternity Inspired Systems • Freenet “Adaptive Network” Local caching Anonymous query, retrieval • Intermemory Self-replicating persistant RAM Donate hard disk space

  15. File Sharing Systems • Napster Peer-to-peer file sharing Peers can capture IP address or peer • Gnutella Anonymous query Peer to peer file transfer, IP capture

  16. Publius Overview Publius Content – Static content (HTML, images, PDF, etc) with desired properties. • Publishers – Post Publius content • Servers – Host Publius content • Retrievers – Browse Publius content

  17. Publius Servers Publius Server Table www.redcross.org whitehouse.gov whitehouse.gov www.redcross.org library.fr library.fr www.nyu.edu www.nyu.edu publius.uk publius.uk

  18. Publish Operation D = Document To Publish K=Key Shamir Secret Sharing K Share1 Share2 Share3 Share4 MD5 ( D . Sharei ) / Mod 5 = Index Into Server Table Index 0 = www.redcross.org Index 3 = www.nyu.edu Store D encrypted under K, and one Share on Server

  19. Publish Overview • Servers available to store content • Encrypt document with secret key K • Secret split key K into (m,k) shares (Shamir) • Store encrypted document and share on m servers • Form URL cryptographically tied to document • Distribute URL – Publius URL http://!publius!/1e6adsg673h0=hgj7889340=yareyoureadingthis=12asbnm8945

  20. Retrieve Overview • Break apart URL to discover document locations • Retrieve encrypted document and share from k locations • Reassemble Key K from shares • Decrypt retrieved document • Check for tampering • View in WWW browser

  21. http://!publius!/MD5(D.Share1 )MD5 (D.Share2)… http://!publius!/unReaDableUrL Index = MD5(D.Share1) Mod Table_Size From www.redcross.org Get Encrypted File, Share Key = combine Shares D = Decrypt File with Key Tamper Check = MD5(D.Share1) = value in URL Retrieve Operation

  22. Tradeoffs • N = # servers with Content & Share • K = # Shares needed to reconstruct the Key • Higher N Greater availability Harder to censor • Higher K Decreased performance Greater tamper protection Possibly Easier To Censor

  23. Update and Delete Operations • Update – “update” file, MD5(password.IP) • Delete – MD5(password .IP) • Threats – Place update file on server Brute force to delete files • URL contains update bit - Don’t accept updates • Publish Option – No Delete or Update

  24. Mutually Hyperlinked Content A B Publish B, Modify A, Publish A A B Publish B First – Invalid A Link Publish A First – Invalid B Link Problem: Content cryptographically tied to URL

  25. Hyperlinked Content Solution Hyperlink A AU Publish A, B Modify A, B Update Hyperlink Hyperlink Republish A,B B BU Update A,B Update

  26. User Interface Browser Based GUI Publius Proxy Internet http://!publius!/URL http://!publius!/PUBLISH http://!publius!/UPDATE http://!publius!/DELETE Store MIME type in first three bytes of file Send correct Content-Type to browser

  27. Threats & Limitations • Share Deletion or Corruption • Update File Deletion or Corruption • Denial of Service Attacks • Threats to Publisher Anonymity • “Rubber-Hose Cryptanalysis”

  28. 3 Week Server Recruitment Period • 100 Volunteers, Test Script distributed • 53 successfully installed test script • 44 successfully installed. • Proxy - server version of client, 9 volunteers • Must trust proxy – see file, password for Publish • Sees URL for retrieve • Over 550 client requests Live Trial (8/7/2000)

  29. Contributions & Availability • Automatic Tamper Checking Mechanism • Update / Delete Method • Publishing Mutually Hyperlinked Content • 1500 Lines of Perl • Uses Crypto++ 3.2 – Crypto Library (C++)

  30. Future Work • Remove dependence on server list - URL encodes locations, tamper check • Split content - Krawczyk – Information Dispersal • CPU payment scheme (Dwork, Naor) • Automatic replication across servers - Intermemory model

  31. Publius WWW Site Source Code & Technical Paper http://cs.nyu.edu/waldman/publius

More Related