Presentation is loading. Please wait.

Presentation is loading. Please wait.

Publius A Robust, Tamper Evident, Censorship Resistant WWW Based Publishing System Marc Waldman NYU – CS Dept. Lorrie Cranor AT&T Research Aviel Rubin.

Published byDaryl Mutter Modified over 9 years ago

Similar presentations

Presentation on theme: "Publius A Robust, Tamper Evident, Censorship Resistant WWW Based Publishing System Marc Waldman NYU – CS Dept. Lorrie Cranor AT&T Research Aviel Rubin."— Presentation transcript:

1 Publius A Robust, Tamper Evident, Censorship Resistant WWW Based Publishing System Marc Waldman NYU – CS Dept. Lorrie Cranor AT&T Research Aviel Rubin AT&T Research

2 Publius  Pen name used by authors of Federalist Papers  Federalist Papers influential in convincing NY state voters to ratify US constitution.

3 Why Publish Anonymously?  Political Dissent  “Whistleblowing”  Radical Ideas  Human Rights Reports

4 Publius Design Goals  Censorship Resistant  Tamper Evident  Source Anonymous  Updateable  Host Content Deniability  Persistent  Extensible  Freely Available

5 Related Work  Connection Based Anonymity Hide identity of requestor  Location or Author Based Anonymity Hide identity of author or WWW server

6 Connection Based Anonymity  Anonymizer HTTP proxy URL rewrite  Proxymate Formerly LPWA HTTP Proxy Pseudonym generation www.anonymizer.com www.proxymate.com

7 Connection Based Anonymity  Onion Router Mix Network HTTP Proxy Developed  Crowds HTTP request via Crowd Dynamic Path generation www.onion-router.net www.research.att.com/projects/crowds

8 Onion 1 Onion 2 Onion 3 Onion 4 “Hello World” Onion Routing

9 Connection Based Anonymity  Freedom Similar to Onion Routing Implemented at transport layer Nym creation – allows multiple pseudonyms Supports HTTP, NNTP, POP3, Telnet, etc. http://www.freedom.net

10 Location Based Anonymity  Rewebber (aka Janus) www.rewebber.de Author & Connection Based Tool HTTP Proxy URL Rewrite using public key crypto U=http://www.cs.nyu.edu/~waldman/publius.html E k (M)=Encrypt message M with public key k http://www.rewebber.com/surf-encrypted/E k (U)

11 Location Based Anonymity  Taz & Rewebber Computers with public/private key pair Each runs HTTP proxy server Encryption similar to onion-routing TAZ servers translate name.taz to address Down server = document irretrievable www.firstserver.com:100/STOPREADINGTHISANDP AYATTENTIONTOTHESPEAKER

12 Eternity Service  Ross Anderson (Univ. of Cambridge)  Network of servers – resists DOS attacks  Fee based  Files cannot be removed or updated  Digital Libraries

13 Eternity Systems  Usenet Eternity Scaled Down Eternity System Usenet is storage medium Formatting using PGP, SHA1 Send to alt.anonymous.messages Server caches and performs updates Connect via WWW browser

14 Eternity Inspired Systems  Freenet “Adaptive Network” Local caching Anonymous query, retrieval  Intermemory Self-replicating persistant RAM Donate hard disk space

15 File Sharing Systems  Napster Peer-to-peer file sharing Peers can capture IP address or peer  Gnutella Anonymous query Peer to peer file transfer, IP capture

16 Publius Overview Publius Content – Static content (HTML, images, PDF, etc) with desired properties.  Publishers – Post Publius content  Servers – Host Publius content  Retrievers – Browse Publius content

17 Publius Servers whitehouse.gov library.fr publius.uk www.redcross.org www.nyu.edu Publius Server Table publius.uk www.nyu.edu library.fr whitehouse.gov www.redcross.org

18 Publish Operation D = Document To Publish K=Key Shamir Secret Sharing Share 1 Share 2 Share 3 K Share 4 MD5 ( D. Share i ) / Mod 5 = Index Into Server Table Index 0 = www.redcross.org Index 3 = www.nyu.edu Store D encrypted under K, and one Share on Server

19 Publish Overview  Servers available to store content  Encrypt document with secret key K  Secret split key K into (m,k) shares (Shamir)  Store encrypted document and share on m servers  Form URL cryptographically tied to document  Distribute URL – Publius URL http://!publius!/1e6adsg673h0=hgj7889340=yareyou readingthis=12asbnm8945

20 Retrieve Overview  Break apart URL to discover document locations  Retrieve encrypted document and share from k locations  Reassemble Key K from shares  Decrypt retrieved document  Check for tampering  View in WWW browser

21 Retrieve Operation http://!publius!/MD5(D. Share 1 )MD5 (D. Share 2 )… http://!publius!/unReaDableUrL Index = MD5(D. Share 1 ) Mod Table_Size From www.redcross.org Get Encrypted File, Share Key = combine Shares D = Decrypt File with Key Tamper Check = MD5(D. Share 1 ) = value in URL

22 Tradeoffs  N = # servers with Content & Share  K = # Shares needed to reconstruct the Key  Higher N Greater availability Harder to censor  Higher K Decreased performance Greater tamper protection Possibly Easier To Censor

23 Update and Delete Operations  Update – “update” file, MD5(password. IP)  Delete – MD5(password. IP)  Threats – Place update file on server Brute force to delete files  URL contains update bit - Don’t accept updates  Publish Option – No Delete or Update

24 Mutually Hyperlinked Content Publish B, Modify A, Publish A Publish B First – Invalid A Link Publish A First – Invalid B Link Problem: Content cryptographically tied to URL

25 Hyperlinked Content Solution Publish A, B Modify A, B Republish A,B Update A,B Hyperlink Update

26 User Interface Internet Publius Proxy Browser Based GUI http://!publius!/URLhttp://!publius!/PUBLISH http://!publius!/UPDATEhttp://!publius!/DELETE Store MIME type in first three bytes of file Send correct Content-Type to browser

27 Threats & Limitations Share Deletion or Corruption Update File Deletion or Corruption Denial of Service Attacks Threats to Publisher Anonymity “Rubber-Hose Cryptanalysis”

28 Live Trial (8/7/2000) 3 Week Server Recruitment Period 100 Volunteers, Test Script distributed 53 successfully installed test script 44 successfully installed. Proxy - server version of client, 9 volunteers Must trust proxy – see file, password for Publish Sees URL for retrieve Over 550 client requests

29 Contributions & Availability Automatic Tamper Checking Mechanism Update / Delete Method Publishing Mutually Hyperlinked Content 1500 Lines of Perl Uses Crypto++ 3.2 – Crypto Library (C++)

30 Future Work  Remove dependence on server list - URL encodes locations, tamper check  Split content - Krawczyk – Information Dispersal  CPU payment scheme (Dwork, Naor)  Automatic replication across servers - Intermemory model

31 Publius WWW Site Source Code & Technical Paper http://cs.nyu.edu/waldman/publius

Download ppt "Publius A Robust, Tamper Evident, Censorship Resistant WWW Based Publishing System Marc Waldman NYU – CS Dept. Lorrie Cranor AT&T Research Aviel Rubin."

Similar presentations

Enabling Secure Internet Access with ISA Server

Enabling Secure Internet Access with ISA Server
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 22 World Wide Web and HTTP.

TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 22 World Wide Web and HTTP.
Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.

Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.
Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)

Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)
An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.

An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.
Lorrie Cranor AT&T Labs Avi Rubin AT&T Labs Marc Waldman

Lorrie Cranor AT&T Labs Avi Rubin AT&T Labs Marc Waldman
Publius: A robust, tamper-evident, censorship-resistant web publishing system By Waldman, Rubin, and Cranor Presented by Marco Barreno October 8th, 2003.

Publius: A robust, tamper-evident, censorship-resistant web publishing system By Waldman, Rubin, and Cranor Presented by Marco Barreno October 8th, 2003.
Modelling and Analysing of Security Protocol: Lecture 10 Anonymity: Systems.

Modelling and Analysing of Security Protocol: Lecture 10 Anonymity: Systems.
PART 6 Application Layer

PART 6 Application Layer
Censorship-Resistant Publishing Systems Marc Waldman Computer Science Department New York University.

Censorship-Resistant Publishing Systems Marc Waldman Computer Science Department New York University.
The Internet Useful Definitions and Concepts About the Internet.

The Internet Useful Definitions and Concepts About the Internet.
Cryptography In Censorship Resistant Web Publishing Systems By Hema Hariharan Swati B Shah.

Cryptography In Censorship Resistant Web Publishing Systems By Hema Hariharan Swati B Shah.
Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber 1 Regulating Online Speech.

Computers and Society Carnegie Mellon University Spring 2006 Cranor/Tongia/Farber 1 Regulating Online Speech.
CS 105 – Introduction to the World Wide Web  HTTP Request*  Domain Name Translation  Routing  HTTP Response*  Privacy and Cryptography  Adapted.

CS 105 – Introduction to the World Wide Web  HTTP Request*  Domain Name Translation  Routing  HTTP Response*  Privacy and Cryptography  Adapted.
Cornell CS502 Web Basics and Protocols CS 502 – 20020129 Carl Lagoze Acks to McCracken Syracuse Univ.

Cornell CS502 Web Basics and Protocols CS 502 – Carl Lagoze Acks to McCracken Syracuse Univ.
Privacy Policy, Law and Technology Carnegie Mellon University Fall 2007 Lorrie Cranor 1 Identity, Anonymity,

Privacy Policy, Law and Technology Carnegie Mellon University Fall 2007 Lorrie Cranor 1 Identity, Anonymity,
Anonymization and Privacy Services Infranet: Circumventing Web Censorship and Surveillance, Feamster et al, Usenix Security Symposium 2002.

Anonymization and Privacy Services Infranet: Circumventing Web Censorship and Surveillance, Feamster et al, Usenix Security Symposium 2002.
Freenet A Distributed Anonymous Information Storage and Retrieval System I Clarke O Sandberg I Clarke O Sandberg B WileyT W Hong.

Freenet A Distributed Anonymous Information Storage and Retrieval System I Clarke O Sandberg I Clarke O Sandberg B WileyT W Hong.
Application Layer  We will learn about protocols by examining popular application-level protocols  HTTP  FTP  SMTP / POP3 / IMAP  Focus on client-server.

Application Layer  We will learn about protocols by examining popular application-level protocols  HTTP  FTP  SMTP / POP3 / IMAP  Focus on client-server.
 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.

 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.

Similar presentations

Ads by Google