Unvanish: The Remarkable Peristence of Bits

نویسندگان

  • Owen S. Hofmann
  • Christopher J. Rossbach
  • Emmett Witchel
چکیده

The television show Mission Impossible began with Jim Phelps receiving instructions from a recording that subsequently self-destructs. This communication has strong privacy guarantees, but is not invulnerable to attack. The instructions can be overheard and even recorded. Instructions were often recieved in obscure locations, but it would be possible for someone other than Jim Phelps to listen to them. The strongest guarantee of the Mission Impossible instructions is that after Jim Phelps hears his instructions, no one else will hear them. Were it to exist, a technology capable of reconstructing the instructions from the smoking remnants of the recording would jeopardize the success of tasks given to the Impossible Mission Force. Vanish is a system that purports to provide guarantees similar to those of the Mission Impossible instructions for digital data like email, photographs, and video [7]. Users transform their data into a Vanish data object (VDO), which is encrypted with a randomly generated key whose only persistent copy is stored in a distributed hash table (DHT). The key is randomly generated from a large space, so it is difficult to guess. The user specifies an expiration time for the VDO. The DHT has a policy to delete data after 8 hours. To implement any expiration time greater than 8 hours, the Vanish system must refresh the key by reading it out of the DHT and storing it back. Because the key becomes permanently unavailable after the DHT expires it, expiration of the key should make it impossible to decrypt the VDO. The most important guarantee provided by Vanish is that any VDO obtained after its expiration time should not be readable. This paper demonstrates a system, called Unvanish, that violates the Vanish guarantee. Anyone obtaining a VDO after its expiration time can decrypt it using Unvanish. Unvanish requires a constant, but modest investment in processing and storage. The security of the Vanish system hinges crucially on one important assumption: that an attacker (without governmentscale resources) will not be able to crawl or scrape the majority of the data stored on the underlying DHT. If an attacker were able to collect and store (almost) all of the data on the DHT, then data meant to “vanish” would be persistent. One could simply consult the stored DHT to decrypt a VDO after the timeout period. Assuming that scraping a DHT is prohibitively difficult is potentially problematic for two reasons.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Investigation of Some Attacks on GAGE (v1), InGAGE (v1), (v1.03), and CiliPadi (v1) Variants

In this paper, we present some attacks on GAGE, InGAGE, and CiliPadi which are candidates of the first round of the NIST-LWC competition. GAGE and InGAGE are lightweight sponge based hash function and Authenticated Encryption with Associated Data (AEAD), respectively and support different sets of parameters. The length of hash, key, and tag are always 256, 128, and 128 bits, respec...

متن کامل

On the computational complexity of finding a minimal basis for the guess and determine attack

Guess-and-determine attack is one of the general attacks on stream ciphers. It is a common cryptanalysis tool for evaluating security of stream ciphers. The effectiveness of this attack is based on the number of unknown bits which will be guessed by the attacker to break the cryptosystem. In this work, we present a relation between the minimum numbers of the guessed bits and uniquely restricted...

متن کامل

A Low Complexity Forward Error Correction for PAPR reduction in OFDM Systems

In this paper, a Peak to Average Power Ratio (PAPR) reduction technique in Orthogonal Frequency Division Multiplexing (OFDM) systems is proposed. This technique uses error correction capability of channel coding to reduce the PAPR.The coded bits at the input of OFDM modulator are separated into two groups of the Most Significant Bits (MSB) and the LeastSignificant Bits (LSB). The bits are mappe...

متن کامل

The Effect of Sucking Ice Bits on Nausea and Vomiting During Chemotherapy in Patients with Breast Cancer

Objective Cancer disease and its treatment methods affect the quality of life of those suffering from breast cancer. Nausea and vomiting are frequent side-effects of chemotherapy. Nowadays, complementary therapies are used along with routine treatments to control this disease. This study aimed to evaluate the effect of sucking ice bits with plain water on nausea and vomiting during chemotherapy...

متن کامل

Impossible Differential Cryptanalysis of Reduced-Round Midori64 Block Cipher (Extended Version)

Impossible differential attack is a well-known mean to examine robustness of block ciphers. Using impossible differ- ential cryptanalysis, we analyze security of a family of lightweight block ciphers, named Midori, that are designed considering low energy consumption. Midori state size can be either 64 bits for Midori64 or 128 bits for Midori128; however, both vers...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2009