Presentation is loading. Please wait.

Presentation is loading. Please wait.

Lorrie Cranor AT&T Labs Avi Rubin AT&T Labs Marc Waldman

Similar presentations

Presentation on theme: "Lorrie Cranor AT&T Labs Avi Rubin AT&T Labs Marc Waldman"— Presentation transcript:

1 Publius A Robust, Tamper Evident, Censorship Resistant WWW Based Publishing System
Lorrie Cranor AT&T Labs Avi Rubin AT&T Labs Marc Waldman New York University

2 Publius Pen name used by authors of Federalist Papers
Federalist Papers influential in convincing NY voters to ratify US constitution.

3 Why Publish Anonymously?
Political Dissent “Whistleblowing” Radical Ideas

4 Related Work Connection Based Anonymity
Hide identity of requestor Anonymizing proxies (for example Freedom (Zero-Knowledge Systems) Crowds (AT&T Labs-Research) Location or Author Based Anonymity Hide identity of author or WWW server USENET Eternity System Freenet Intermemory Rewebber

5 Publius Design Goals Censorship Resistant Tamper Evident
Source Anonymous Updateable Host Content Deniability Fault tolerant Persistent Extensible Freely Available

6 Publius Overview Publishers Servers Retrievers
Publius Content – Static content (HTML, images, PDF, etc) Publishers – Post Publius content Servers – Host Publius content Retrievers – Browse Publius content

7 Publishing a Publius document
Publishers Servers Generate secret key and use it to encrypt document Use “secret splitting” to split key into n shares This technique has special property that only k out of n shares are needed to put the key back together Publish encrypted document and 1 share on each of n servers Generate special Publius URL that encodes the location of each share and encrypted document – example:

8 Retrieving a Publius document
Publishers Servers Retrievers Break apart URL to discover document locations Retrieve encrypted document and share from k locations Reassemble key from shares Decrypt retrieved document Check for tampering View in web browser

9 Publius proxies Publishers Servers Retrievers PROXY PROXY Publius proxies running on a user’s local machine or on the network handle all the publish and retrieve operations Proxies also allow publishers to delete and update content

10 Threats & Limitations Share deletion or corruption
Update file deletion or corruption Denial of service attacks Threats to publisher anonymity “Rubber-hose cryptanalysis”

11 Publius trial Trial began August 7 and will last at least two months
Over 40 individuals and organizations in several countries volunteered to host Publius servers Over a dozen public Publius proxies Complete source code for servers and proxies has been released Code has been configured to accept files no larger than 100K Users have given us lots of good suggestions for improvements; so far no major problems System designed for censorship resistance, but much current interest in intellectual property issues

12 For more information See the Publius web site
Download code and technical paper Read about Publius in the news Configure your browser to use a Publius proxy View sample Publius content

Download ppt "Lorrie Cranor AT&T Labs Avi Rubin AT&T Labs Marc Waldman"

Similar presentations

Ads by Google