Abstract | ||
---|---|---|
Researchers at the University of Washington recently pro- posed Vanish (20), a system for creating messages that au- tomatically "self-destruct" after a period of time. Vanish works by encrypting each message with a random key and storing shares of the key in a large, public distributed hash table (DHT). DHTs expunge data older than a certain age; after this happens to the key shares, the key is permanently lost, and the encrypted data is permanently unreadable. Van- ish is an interesting approach to an important privacy prob- lem, but, in its current form, it is insecure. In this paper, we defeat the deployed Vanish implementation, explain how the original paper's security analysis is flawed, and draw lessons for future system designs. We present two Sybil attacks against the current Van- ish implementation, which stores its encryption keys in the million-node Vuze BitTorrent DHT. These attacks work by continuously crawling the DHT and saving each stored value before it ages out. They can efficiently recover keys for more than 99% of Vanish messages. We show that the dominant cost of these attacks is network data transfer, not memory us- age as the Vanish authors expected, and that the total cost is two orders of magnitude less than they estimated. While we consider potential defenses, we conclude that public DHTs like Vuze probably cannot provide strong security for Vanish. |
Year | Venue | Keywords |
---|---|---|
2010 | NDSS | distributed hash table,data transfer,security analysis,bittorrent,system design |
Field | DocType | Citations |
Internet privacy,Crawling,Computer security,Computer science,Encryption,Security analysis,Network data,BitTorrent,Total cost,Distributed hash table | Conference | 46 |
PageRank | References | Authors |
1.82 | 33 | 8 |
Name | Order | Citations | PageRank |
---|---|---|---|
Scott Wolchoky | 1 | 46 | 1.82 |
Owen S. Hofmanny | 2 | 46 | 1.82 |
Nadia Heninger | 3 | 885 | 50.78 |
Edward W. Felten | 4 | 3603 | 462.44 |
J. Alex Halderman | 5 | 2301 | 149.67 |
Christopher J. Rossbach | 6 | 472 | 28.33 |
Brent Waters | 7 | 14792 | 541.54 |
Emmett Witchel | 8 | 1609 | 223.76 |