Forgot your password?
typodupeerror
Encryption Privacy Technology

Making Data Unvanish 34

Posted by kdawson
from the sybil-attack dept.
sertsa writes "Earlier this year a group of researchers at the University of Washington came up with a scheme to use peer-to-peer networks to store and, ultimately, to forget the keys for encrypted messages, causing them to 'Vanish.' Now a group from researchers from UT Austin, Princeton, and the University of Michigan has come up with a way to break this approach, by making a single computer appear to be many nodes on the p2p network. 'In our experiments with Unvanish, we have shown that it is possible to make Vanish messages reappear long after they should have disappeared nearly 100 percent of the time...'"
This discussion has been archived. No new comments can be posted.

Making Data Unvanish

Comments Filter:
  • by sopssa (1498795) * <sopssa@email.com> on Tuesday September 22, 2009 @02:40PM (#29507235) Journal

    In my opinion Vanish didn't really serve any purpose.

    - As we all know (and what MPAA/RIIA hate), once you've got hold of the data you cannot "vanish" it. It's really easy to save a copy of it.
    - If you wanted encryption with public/private keys, theres PGP and other solutions to do it.

    So the only thing Vanish added was the impossible-to-archieve vanishing of data.

    Along with that it distributes your secret content all over the p2p network, where one machine can act as thousands of clients like to article says. I'd rather skip that and send the message directly and tell the other party to delete it, because vanishing doens't work if both parties dont do it.

  • Possible! (Score:1, Insightful)

    by Anonymous Coward on Tuesday September 22, 2009 @02:53PM (#29507389)

    Vanish is possible with something like a web service which simply sends back the decrypted data.
    However, the decryption key would have to stored only in memory and strictly deleted when done.

    Vanish is completely worthless though because when I have the decrypted data I can do what I want with it.

  • Like DRM (Score:5, Insightful)

    by bzzfzz (1542813) on Tuesday September 22, 2009 @02:54PM (#29507395)
    Any kind of security system that provides a limited lifetime or constrained redistribution rights for messages is, fundamentally, DRM. Therefore, it's subject to the same kinds of attacks that cause DRM to fail. Ultimately, unless you can build a trusted platform module with remote attestation that is tamper proof, there are gaps. This particular attack is, at a more abstract level, really about producing counterfeit trusted nodes. Without a TPM at each node and some way to authenticate independence through a trust hierarchy, there's no way for this to work.
  • Sybil! (Score:1, Insightful)

    by Anonymous Coward on Tuesday September 22, 2009 @04:13PM (#29508315)

    Unmodified Kademlia is vulnerable to Sybil attacks. *yawn* We kind of already knew that. There are various mitigations you can put in place. For example, if you've got the same IP address appearing twice in the routing tables, you have a major problem.

    That doesn't mean that I think the general idea of Vanish is a sound one - it's rather silly, and a trusted client problem like all DRM techniques to which it is a close analog, so it's doomed from the start to some extent. All you have to do to defeat it is log the keys, which is completely undetectable and provides no disadvantage to you. And the advantage of a logging node is clearly and immediately obvious, so if it ever became "real", it's a game everyone would cheat in.

    A nice toy, but a thoroughly pointless construct.

One picture is worth 128K words.

Working...