|
Topic Name: Vanish : Self Destructing Digital Data
Category: Computer science & technology
Research persons: Henry M. Levy,Tadayoshi Kohno ,Roxana Geambasu,Amit Levy
Location: Washington DC, United States
Details
Computing and communicating through the Web makes it virtually impossible to
leave the past behind. College Facebook posts or pictures can resurface during a
job interview; a lost or stolen laptop can expose personal photos or messages;
or a legal investigation can subpoena the entire contents of a home or work
computer, uncovering incriminating or just embarrassing details from the past.
Vanish is a research system designed to give users control over the
lifetime of personal data stored on the web or in the cloud. Specifically, all
copies of Vanish encrypted data — even archived or cached copies — will become
permanently unreadable at a specific time, without any action on the
part of the user or any third party or centralized service.
For example, using the Firefox Vanish plugin, a user can create an
email, a Google Doc document, a Facebook message, or a blog comment — specifying
that the document or message should "vanish" in 8 hours. Before that 8-hour
timeout expires, anyone who has access to the data can read it; however after
that timer expires, nobody can read that web content — not the user, not Google,
not Facebook, not a hacker who breaks into the cloud service, and not even
someone who obtains a warrant for that data. That data — regardless of where
stored or archived prior to the timeout — simply self-destructs and becomes
permanently unreadable.
Motivation and Brief
Description:
An enormous amount of private data is now stored on the web or in the cloud,
outside the end-user's control. If you send a sensitive email to a close friend,
for example, you have no idea where that email will be stored or when it will be
deleted. Web-based email systems may back up the message, potentially forever,
even if you delete it. Similarly, when you send a message via Facebook or create
a Google Doc, you have no idea where and for how long copies of your data will
be stored.
Given this situation, users cannot control the lifetimes of their data stored
in the cloud. This amplifies privacy risks since private data (even thought to
be deleted) could be disclosed weeks, months, or years after that data was first
stored. There are known
examples of data remaining in the cloud long
after users explicitly request that data's deletion. Private data could be
exposed by accidental
misconfigurations on a web service, be
compromised by
hackers, or be used in legal proceedings. A
2004
news article says: Don't ever say
anything on e-mail or text messaging that you don't want to come back and bite
you.
We created self-destructing data to try to address this problem. Our
prototype system, called Vanish, shares some properties with existing
encryption systems like PGP, but there are also some major differences. First,
someone using Vanish to "encrypt/encapsulate" information, like an email, never
learns the encryption key. Second, there is a pre-specified timeout associated
with each encrypted/encapsulated messages. Prior to the timeout, anyone can read
the encrypted/encapsulated message. After the timeout, no one can read that
message, because the encryption key is lost due to a set of both natural and
programmed processes. It is therefore impossible for anyone to decrypt/decapsulate
that email after the timer expires.
Under the Hood:
Our technical paper, which will appear at the
18 th USENIX Security Symposium in August,
describes the concepts behind Vanish in detail. Briefly, as mentioned above, the
user never knows the encryption key. This means that there is no risk of the
user exposing that key at some point in the future, perhaps through coercion,
court order, or compromise. So what do we do with the key? We could escrow it
with a third party, but that raises serious trust issues (e.g., the case with
Hushmail).
Instead, we leverage an unusual storage media in a novel way: namely,
global-scale peer-to-peer networks. Vanish creates a secret key to encrypt a
user's data item (such as an email), breaks the key into many pieces and then
sprinkles the pieces across the P2P network. As machines constantly join and
leave the P2P network, the pieces of the key gradually disappear. By the time
the hacker or someone with a subpoena actually tries to obtain access to the
message, the pieces of the key will have permanently disappeared.
Our Vanish prototype uses the
Vuze Bittorrent Distributed Hash Table as the
underlying P2P network. Our prototype by default supports data timeouts of
8--9 hours, though longer timeouts are
possible.
In many ways Vanish begins to approximate the ephemeral nature of a phone
call. While our system is still a research prototype and we encourage people
treat it with a skeptical eye for now (like any new security system), one could
envision it or a derivative being used in corporate settings, when talking with
lawyers, or when conducting a variety of private matters online. For example,
many people pick up the phone instead of send an email for fear of leaving
breadcrumbs of digital forensic trails. But now there's Vanish.
Vanishing Beyond the Web:
While Vanish prototype is focused on empowering users to control the lifetime
of their web content, Vanish itself is much more broadly applicable than that.
We provide for download both the main Vanish application and a Firefox Vanish
plugin. The Firefox plugin uses the Vanish application as a client. Other
applications can similarly leverage the main Vanish application.
For example, one can create a Vanishing trash bin application. Users could
put data into the Vanish trash bin, and recover that data before the timer
expires. After the timer expires, however, the data self-destructs and is no
longer available. This self-destruction would even happen if the machine was
turned off prior to expiration and someone, perhaps at a
border crossing or with a warrant, were to
seize the computer and create an exact copy of the computer's disks before the
timeout occurs.
About the Researcher :
1. Henry M. Levy
Chairman and Wissner-Slivka
Chair
Department of Computer Science and Engineering
University of Washington
Henry M. Levy holds the Wissner-Slivka Chair in Computer Science
and Engineering at the University of Washington. Hank's research projects
focus on operating systems, distributed and parallel computing, the world-wide
web, and computer architecture.
2. Tadayoshi Kohno
Assistant Professor
Department of Computer Science and Engineering
University of Washington
3.
Roxana Geambasu:
Graduate Student
Computer Science and Engineering
University of Washington
4. Amit Levy
Undergraduate Student
Computer Science & Engineering
Economics
University of Washington
| Tags: |
Vanish - permanently unreadable - Firefox Vanish plugin - private data - |
| Research Documents: |
|
| Related research: |
Computer Program Traces Ancestry Using Anonymous DNA Samples, Computing and Monitoring System for Discovery BY UCoMS, EtherNet/IP Performance Test Tool Enables Manufacturers to Predict the Performance of Data Communication System Machines, How Small Can Computers Get? Computing In A Molecule, Innovative Computer Graphics Machine that Reduce the Computational Cost of Making Realistic Smoky and Foggy 3-D Images Using Ray Tracing Algorithms, Intel's New Breed of Chips: The chip maker tries to diversify with system-on-chip designs, Luftman presents correlations between information technology (IT)-business alignment in MIS Quarterly Executive, MIT Researchers develop lecture search engine to aid students, New tool transforms the Internet into seismologists, Rensselaer Researcher Gets Firsthand View of Behind-the-Scenes Military Technology, Researcher revealed that Internet users give up privacy in exchange for trust, Researchers has demonstrated a highly efficient add-drop filter using a three-dimensional photonic crystal, Researchers say Software can now analyze your e-mails, Robot Enlisted to Spot Rare Woodpecker, Software-Defined Networking, Theoritical solution of supercomputers problem, U of N Reported Impact of Human Values to the Enlargement of Innovative Computer Technology, U of R Researchers Successfully Compressed Music File 1,000 Times Smaller than MP3, UCLA mathematician works to make virtual surgery a viable technology
|
More Research
on web services, to develop ontology based agent for dynamic web service composition
Posted by: 31 July, 2009 14:19
|
