Deniability &amp;#x2014; an alibi for users in P2P networks

Hermoni, Ofer; Gilboa, Niv; Felstaine, Eyal; Shitrit, S.

doi:10.1109/comswa.2008.4554432

Cited by 5 publications

(9 citation statements)

References 29 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Plausible deniability has also been introduced in designing P2P networks [19] as well as file systems [20] [21] [22]. In the case of TrueCrypt [21], the deniability is provided by the "Hidden Volumes" functionality to hide the operating system and constructing the data in such a way that it appears to be nothing more than random data.…”

Section: B Plausible Deniabilitymentioning

confidence: 99%

JigDFS: A secure distributed file system

Bian

Seker

2009

2009 IEEE Symposium on Computational Intelligence in Cyber Security

View full text Add to dashboard Cite

Ubiquitous connectivity and availability of P2P resources creates opportunities for building new services. This paper describes Jigsaw Distributed File System (JigDFS) which can be used to securely store and retrieve files on a P2P network anonymously. JigDFS is designed to provide strong encryption and a certain level of plausible deniability. Files in JigDFS are sliced into small segments using an Information Dispersal Algorithm (IDA) and distributed onto different nodes recursively to increase fault tolerance against node failures. Moreover, layered encryption is applied to each file with keys produced by a hashed-key chain algorithm, so that data (file segments) and keys reside on different hosts. In such a scheme, if an attacker compromises a host and retrieves the data, the attacker will still need the correct key to decipher the data. Furthermore, recursive IDA and layered encryption ensure users' anonymity. It is difficult for an adversary to identify who owns a file, even who has retrieved a file in JigDFS. Often, a strong adversary may have the power to monitor the network or even force a user to give up the password. Design of JigDFS provides users with plausible deniability which enhances privacy. When being questioned, a JigDFS user can simply argue that he/she is merely a relaying node, rather than the file owner. Moreover, a user, when forced, can give up a valid, however, incorrect encryption key. There is no way for an adversary to verify either correctness of a key or the identity of file owner. JigDFS is developed using platform independent Java technologies and is envisioned to utilize mobile computing elements such as PDAs and smart phones.

show abstract

Section: B Plausible Deniabilitymentioning

confidence: 99%

JigDFS: A secure distributed file system

Bian

Seker

2009

2009 IEEE Symposium on Computational Intelligence in Cyber Security

View full text Add to dashboard Cite

show abstract

“…In the common law context, plausible deniability [41] refers to circumstances where a denial of responsibility or knowledge of wrongdoing cannot be proved as true or untrue due to a lack of evidence proving the allegation. Hermoni et al [13] defined deniability for the field of information security as the property that the user has if they can claim that their actions are legitimate. Ref.…”

Section: Attacks Against a Recommender Systemmentioning

confidence: 99%

“…Ref. [13] understands deniability as an absolute property that actors have by mixing up legitimate and not legitimate documents in the indexers. We introduce plausible deniability as the property that an actor achieves if he cannot make a probabilistic distinction between legitimate and not legitimate documents, or the process to make this distinction is too long and complex.…”

Section: Attacks Against a Recommender Systemmentioning

confidence: 99%

See 1 more Smart Citation

DocCloud: A document recommender system on cloud computing with plausible deniability

Vera-del-Campo

Pegueroles

Hernández-Serrano

et al. 2014

Information Sciences

View full text Add to dashboard Cite

Recommender systems select the most interesting products for costumers based on their interests. The move of a recommender system to a cloud faces many challenges from the perspective of the protection of the participants. Little work has been done regarding secure recommender systems or how to cope with the legal liability of the cloud provider and any virtual machine inside the cloud. We propose DocCloud, a recommender system that focused on the protection of all participants against legal attacks. We present the architecture of DocCloud and analyze the security mechanisms that the system includes. Specifically, we study the properties of plausible deniability and anonymity of the recommenders and intermediate nodes. This way, nodes can recommend products to the customers while deny any knowledge about the product they are recommending or their participation in the recommendation process.

show abstract

“…Peer-to-peer (P2P) systems have recently become more popular, as we use them to chat, talk, file share etc. Anonymous P2P systems have thus become an important area of research [1,3,4,5,7,8,13,14] and implementation [6]. Anonymity in P2P file sharing means that an adversary cannot link participating users to the content they share.…”

Section: Introductionmentioning

confidence: 99%

Rendezvous tunnel for anonymous publishing

Hermoni

Gilboa

Felstaine

et al. 2010

Proceedings of the 17th ACM Conference on Computer and Communications Security

Self Cite

View full text Add to dashboard Cite

Many anonymous peer-to-peer (P2P) file sharing systems have been proposed in recent years. One problem that remains open is how to protect the anonymity of all participating users, namely, reader, server and publisher. In this work we propose a novel solution for a P2P file sharing system. Our solution provides overall anonymity to all participating users. Servers in our system store shares of documents, and each share is reached through a rendezvous tunnel between the server and an address given by a hash of the document's name. To publish a document, the publisher first divides the document into shares, for each share finds the address of the entrance to the tunnel by hashing the document's name. Next, the publisher uses anonymous communication to reach the entrance of the rendezvous tunnel. We then use a random walk and an anonymous key exchange scheme to set keys along the rendezvous tunnel. The publisher finishes by inserting the shares into the servers through the rendezvous tunnels. A reader wanting to retrieve the document operates in a similar manner. The reader finds the address of the entrance to the rendezvous tunnels by hashing the document's name. Then, the reader uses anonymous communication to reach the entrance of the tunnels, retrieves the shares anonymously and reconstructs the document.The novelty of this work is threefold. First, we introduce an anonymous key exchange protocol secure against an honest but curious adversary. The anonymity of the protocol is proved on the basis of the Decisional Diffie Hellman (DDH) problem. Second, we propose two solutions to build the rendezvous tunnel: basic and advanced. The basic solution is *

show abstract

Deniability — an alibi for users in P2P networks

Cited by 5 publications

References 29 publications

JigDFS: A secure distributed file system

JigDFS: A secure distributed file system

DocCloud: A document recommender system on cloud computing with plausible deniability

Rendezvous tunnel for anonymous publishing

Contact Info

Product

Resources

About