1 / 12

cs.nyu/waldman/publius/

Publius A Robust, Tamper Evident, Censorship Resistant WWW Based Publishing System. http://cs.nyu.edu/waldman/publius/. Lorrie Cranor AT&T Labs. Avi Rubin AT&T Labs. Marc Waldman New York University. Publius. Pen name used by authors of Federalist Papers

wylie
Download Presentation

cs.nyu/waldman/publius/

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. PubliusA Robust, Tamper Evident, Censorship Resistant WWW Based Publishing System http://cs.nyu.edu/waldman/publius/ Lorrie Cranor AT&T Labs Avi Rubin AT&T Labs Marc Waldman New York University

  2. Publius • Pen name used by authors of Federalist Papers • Federalist Papers influential in convincing NY voters to ratify US constitution.

  3. Why Publish Anonymously? • Political Dissent • “Whistleblowing” • Radical Ideas

  4. Related Work • Connection Based Anonymity • Hide identity of requestor • Anonymizing proxies (for example Anonymizer.com) • Freedom (Zero-Knowledge Systems) • Crowds (AT&T Labs-Research) • Location or Author Based Anonymity • Hide identity of author or WWW server • USENET Eternity System • Freenet • Intermemory • Rewebber

  5. Publius Design Goals • Censorship Resistant • Tamper Evident • Source Anonymous • Updateable • Host Content Deniability • Fault tolerant • Persistent • Extensible • Freely Available

  6. Publius Overview Publishers Servers Retrievers • Publius Content – Static content (HTML, images, PDF, etc) • Publishers – Post Publius content • Servers – Host Publius content • Retrievers – Browse Publius content

  7. Publishing a Publius document Publishers Servers • Generate secret key and use it to encrypt document • Use “secret splitting” to split key into n shares • This technique has special property that only k out of n shares are needed to put the key back together • Publish encrypted document and 1 share on each of n servers • Generate special Publius URL that encodes the location of each share and encrypted document – example: http://!publius!/1e6adsg673h0==hgj7889340==345lsafdfg

  8. Retrieving a Publius document Publishers Servers Retrievers • Break apart URL to discover document locations • Retrieve encrypted document and share from k locations • Reassemble key from shares • Decrypt retrieved document • Check for tampering • View in web browser

  9. Publius proxies Publishers Servers Retrievers PROXY PROXY • Publius proxies running on a user’s local machine or on the network handle all the publish and retrieve operations • Proxies also allow publishers to delete and update content

  10. Threats & Limitations • Share deletion or corruption • Update file deletion or corruption • Denial of service attacks • Threats to publisher anonymity • “Rubber-hose cryptanalysis”

  11. Publius trial • Trial began August 7 and will last at least two months • Over 40 individuals and organizations in several countries volunteered to host Publius servers • Over a dozen public Publius proxies • Complete source code for servers and proxies has been released • Code has been configured to accept files no larger than 100K • Users have given us lots of good suggestions for improvements; so far no major problems • System designed for censorship resistance, but much current interest in intellectual property issues

  12. For more information • See the Publius web site http://cs.nyu.edu/waldman/publius/ • Download code and technical paper • Read about Publius in the news • Configure your browser to use a Publius proxy • View sample Publius content

More Related