Lorrie Cranor AT&T Labs Avi Rubin AT&T Labs Marc Waldman

Slides:

Advertisements

Similar presentations

The Internet and the Web

Advertisements

Hypertext Transfer PROTOCOL ----HTTP Sen Wang CSE5232 Network Programming.

HiveMind Distributed File Storage Using JavaScript Botnets Copyright 2013 Sean T. Malone.

CHAPTER 15 WEBPAGE OPTIMIZATION. LEARNING OBJECTIVES How to test your web-page performance How browser and server interactions impact performance What.

Building web applications on top of encrypted data using Mylar Presented by Tenglu Liang Tai Liu.

Publius A Robust, Tamper Evident, Censorship Resistant WWW Based Publishing System Marc Waldman NYU – CS Dept. Lorrie Cranor AT&T Research Aviel Rubin.

Publius: A robust, tamper-evident, censorship-resistant web publishing system By Waldman, Rubin, and Cranor Presented by Marco Barreno October 8th, 2003.

Censorship-Resistant Publishing Systems Marc Waldman Computer Science Department New York University.

Crowds: Anonymity for Web Transactions Paper by: Michael K. Reiter and Aviel D. Rubin, Presented by Eric M. Busse Portions excerpt from Crowds: Anonymity.

Cryptography In Censorship Resistant Web Publishing Systems By Hema Hariharan Swati B Shah.

Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber 1 Regulating Online Speech.

OCT1 Principles From Chapter One of “Distributed Systems Concepts and Design”

Week 2 IBS 685. Static Page Architecture The user requests the page by typing a URL in a browser The Browser requests the page from the Web Server The.

Privacy Policy, Law and Technology Carnegie Mellon University Fall 2007 Lorrie Cranor 1 Identity, Anonymity,

Anonymization and Privacy Services Infranet: Circumventing Web Censorship and Surveillance, Feamster et al, Usenix Security Symposium 2002.

Freenet A Distributed Anonymous Information Storage and Retrieval System I Clarke O Sandberg I Clarke O Sandberg B WileyT W Hong.

Internet – Part II. What is the World Wide Web? The World Wide Web is a collection of host machines, which deliver documents, graphics and multi-media.

Active Protocols for Agile Censor-Resistant Networks Robert Ricci Jay Lepreau University of Utah May 22, 2001.

 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.

Christopher M. Pascucci Basic Structural Concepts of.NET Browser – Server Interaction.

+ Connecting to the Web Week 7, Lecture A. + Midterm Basics Thursday February 28 during Class The lab Tuesday, February 26 is optional review Class on.

Freenet: A Distributed Anonymous Information Storage and Retrieval System Presentation by Theodore Mao CS294-4: Peer-to-peer Systems August 27, 2003.

Lecturer: Ghadah Aldehim

Internet Business Foundations © 2004 ProsoftTraining All rights reserved.

Configuring a Web Server. Overview Overview of IIS Preparing for an IIS Installation Installing IIS Configuring a Web Site Administering IIS Troubleshooting.

Privacy Protecting Technologies. Technology: Value Neutral? Does technology, on average, help or hinder personal privacy?

CSCI 5234 Web Security1 Privacy & Anonymity in the WWW Ch. 12, Oppliger.

APT29 HAMMERTOSS Jayakrishnan M.

Chapter 1: Introduction to Web

CP476 Internet Computing Lecture 5 : HTTP, WWW and URL 1 Lecture 5. WWW, HTTP and URL Objective: to review the concepts of WWW to understand how HTTP works.

Internet Basics A management-level overview of the Internet, its architecture, capabilities, and protocols. Copyright 2011 SPMI / Online Development.

Privacy Policy, Law and Technology Carnegie Mellon University Fall 2004 Lorrie Cranor 1 Anonymity and Privacy Enhancing.

World Wide Web Hypertext model Use of hypertext in World Wide Web (WWW) WWW client-server model Use of TCP/IP protocols in WWW.

Adrian Crenshaw. Darknets  There are many definitions, but mine is “anonymizing private networks ”  Use of encryption.

CSU - DCE Internet Security... Privacy Overview - Fort Collins, CO Copyright © XTR Systems, LLC Setting Up & Using a Site Security Policy Instructor:

How P3P Works Lorrie Faith Cranor P3P Specification Working Group Chair AT&T Labs-Research 4 February 2002

Freenet: A Distributed Anonymous Information Storage and Retrieval System Presenter: Chris Grier ECE 598nb Spring 2006.

Secure Distributed Document Sharing System Dukyun Nam, Seunghyun Han, CDS&N Lab. ICU.

CSCE 201 Web Browser Security Fall CSCE Farkas2 Web Evolution Web Evolution Past: Human usage – HTTP – Static Web pages (HTML) Current: Human.

Mr. Justin “JET” Turner CSCI 3000 – Fall 2015 CRN Section A – TR 9:30-10:45 CRN – Section B – TR 5:30-6:45.

Kingdom of Saudi Arabia Ministry of Higher Education Al-Imam Muhammad Ibn Saud Islamic University College of Computer and Information Sciences Chapter.

What does WWW stand for? And following abbreviations? HTTP: Hyper Text Transfer Protocol HTML: Hyper Text Mark-up Language URL: Uniform Resource Locator.

Privacy Policy, Law and Technology Carnegie Mellon University Fall 2005 Lorrie Cranor 1 Identity, Anonymity, and.

Module 7: Advanced Application and Web Filtering.

● A system of Internet servers that support specially formatted documents. The documents are formatted in a markup language called HTML. What is the World.

Solutions using Microsoft Content Management Server 2002 Connector for SharePoint Technologies Sue Corke Mark Harrison Microsoft UK.

Freenet “…an adaptive peer-to-peer network application that permits the publication, replication, and retrieval of data while protecting the anonymity.

11 MANAGING INTERNET EXPLORER CONNECTIONS AND SECURITY Chapter 12.

27.1 Chapter 27 WWW and HTTP Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

ASP.NET User Controls. User Controls In addition to using Web server controls in your ASP.NET Web pages, you can create your own custom, reusable controls.

Computer Networks with Internet Technology William Stallings Chapter 04 Modern Applications 4.1 Web Access - HTTP.

Freenet: Anonymous Storage and Retrieval of Information

One-way indexing for plausible deniability in censorship resistant storage Eugene Vasserman, Victor Heorhiadi, Nicholas Hopper, and Yongdae Kim.

Session 11: Cookies, Sessions ans Security iNET Academy Open Source Web Development.

ANONYMOUS STORAGE AND RETRIEVAL OF INFORMATION Olufemi Odegbile.

Free Powerpoint Templates Page 1 Free Powerpoint Templates CHAPTER 1 LAB 1.1 Web Server.

Tutorial 1 Getting Started with Adobe Dreamweaver CS5.

Web Page Design The Basics. The Web Page A document (file) created using the HTML scripting language. A document (file) created using the HTML scripting.

CISC103 Web Development Basics: Web site:

NETWORK SECURITY Cryptography By: Abdulmalik Kohaji.

Evolution of Internet.

Microsoft FrontPage 2003 Illustrated Complete

Internet Protocol Mr. Paulk.

CISC103 Web Development Basics: Web site:

04 | Web Applications Gerry O’Brien | Technical Content Development Manager Paul Pardi | Senior Content Publishing Manager.

Objectives To understand the about types of computer network

The Internet and Electronic Mail

Hyper Text Transfer Protocol

Electronic Payment Security Technologies

Presentation transcript:

Publius A Robust, Tamper Evident, Censorship Resistant WWW Based Publishing System Lorrie Cranor AT&T Labs Avi Rubin AT&T Labs Marc Waldman New York University http://cs.nyu.edu/waldman/publius/

Publius Pen name used by authors of Federalist Papers Federalist Papers influential in convincing NY voters to ratify US constitution.

Why Publish Anonymously? Political Dissent “Whistleblowing” Radical Ideas

Related Work Connection Based Anonymity Hide identity of requestor Anonymizing proxies (for example Anonymizer.com) Freedom (Zero-Knowledge Systems) Crowds (AT&T Labs-Research) Location or Author Based Anonymity Hide identity of author or WWW server USENET Eternity System Freenet Intermemory Rewebber

Publius Design Goals Censorship Resistant Tamper Evident Source Anonymous Updateable Host Content Deniability Fault tolerant Persistent Extensible Freely Available

Publius Overview Publishers Servers Retrievers Publius Content – Static content (HTML, images, PDF, etc) Publishers – Post Publius content Servers – Host Publius content Retrievers – Browse Publius content

Publishing a Publius document Publishers Servers Generate secret key and use it to encrypt document Use “secret splitting” to split key into n shares This technique has special property that only k out of n shares are needed to put the key back together Publish encrypted document and 1 share on each of n servers Generate special Publius URL that encodes the location of each share and encrypted document – example: http://!publius!/1e6adsg673h0==hgj7889340==345lsafdfg

Retrieving a Publius document Publishers Servers Retrievers Break apart URL to discover document locations Retrieve encrypted document and share from k locations Reassemble key from shares Decrypt retrieved document Check for tampering View in web browser

Publius proxies Publishers Servers Retrievers PROXY PROXY Publius proxies running on a user’s local machine or on the network handle all the publish and retrieve operations Proxies also allow publishers to delete and update content

Threats & Limitations Share deletion or corruption Update file deletion or corruption Denial of service attacks Threats to publisher anonymity “Rubber-hose cryptanalysis”

Publius trial Trial began August 7 and will last at least two months Over 40 individuals and organizations in several countries volunteered to host Publius servers Over a dozen public Publius proxies Complete source code for servers and proxies has been released Code has been configured to accept files no larger than 100K Users have given us lots of good suggestions for improvements; so far no major problems System designed for censorship resistance, but much current interest in intellectual property issues

For more information See the Publius web site http://cs.nyu.edu/waldman/publius/ Download code and technical paper Read about Publius in the news Configure your browser to use a Publius proxy View sample Publius content