securing content sharing over icn
play

Securing Content Sharing over ICN Nikos Fotiou, George C. Polyzos - PowerPoint PPT Presentation

Dec 19, 2023 •312 likes •776 views

Securing Content Sharing over ICN Nikos Fotiou, George C. Polyzos fotiou@aueb.gr, polyzos@acm.org Mobile Multimedia Laboratory, Department of Informatics School of Information Sciences and Technology Athens University of Economics and Business

  1. Securing Content Sharing over ICN Nikos Fotiou, George C. Polyzos fotiou@aueb.gr, polyzos@acm.org Mobile Multimedia Laboratory, Department of Informatics School of Information Sciences and Technology Athens University of Economics and Business 113 62 Athens, Greece http://mm.aueb.gr/

  2. At a glance • We consider a network of storage nodes interconnected using an ICN network • Content owners store content items in storage nodes in order to share them with subscribers • We provide – Content confidentiality using Identity-Based Encryption – Low overhead per user using Proxy Re-Encryption – Protection against malicious proxies – Subscriber authentication and – A novel form of storage node authentication

  3. BACKGROUND

  4. Identity-Based Encryption • A public key encryption scheme in which an arbitrary string can be used as a public key • Keys are generated by a Private Key Generator (PKG) – Key escrow problem

  5. Identity-based encryption

  6. Identity-based encryption Master Secret Key (k) System Parameters (SP) Public!

  7. Identity-based encryption

  8. Identity-based encryption

  9. Identity-based encryption

  10. Identity-based encryption

  11. Proxy Re-Encryption • A semi-trusted proxy – is allowed to alter a ciphertext – encrypted with the public key of user A – in a way that another user B can decrypt it • The proxy learns nothing about the plaintext or the secret keys of the user

  12. Identity-based Proxy Re-Encryption* * Our system uses M. Green, G. Ateniese, “Identity-Based Proxy Re-encryption,” in Applied Cryptography and Network Security, Katz, J., Yung, M. (eds.), Lecture Notes in Computer Science, vol. 4521, pp. 288-306, 2007

  13. Identity-based proxy re-encryption

  14. Identity-based proxy re-encryption

  15. Identity-based proxy re-encryption

  16. SYSTEM DESIGN

  17. Entities Known

  18. First construction • Content owners encrypt items using symmetric encryption and a key K – Each item is encrypted with a different key • Each key is encrypted using IBE with the identity of the content owner as key

  19. First construction

  20. First construction

  21. First construction

  22. Content request

  23. Content request

  24. Content request

  25. Content request

  26. Content request

  27. Content request

  28. Content request

  29. We need trusted proxies • … a malicious proxy can use a re-encryption key no matter whether the user is authorized or not to access a content item

  30. Second construction • Content owners encrypt items using symmetric encryption and a key K – Each item is encrypted with a different key • Each key is encrypted using IBE with the name of the policy that protects the item as key

  31. Second construction

  32. Second construction

  33. Second construction

  34. Content request

  35. Content request

  36. Content request

  37. Content request

  38. Trust to proxies is relaxed • … a re-encryption key can be used only for authorized users

  39. Security properties Does Does NOT • Content confidentiality is • Authenticate subscribers protected -> May result in unnecessary transmissions, re-encryptions • If content confidentiality is • Authenticate the storage the only requirement then node no further mechanisms are -> Possible privacy risk required • Secure the communication – Even if a subscriber lies about his identity he won’t be able channel to decrypt the file -> Possible privacy risk

  40. Endpoints authentication and secure channel setup* • It leverages existing IBE mechanisms • It provides subscriber authentication • It enables the creation of an ephemeral symmetric encryption key • It provides a proof that a storage node is authorized to store a particular content item * High level description

  41. Endpoints authentication and secure channel setup • Let F be the name of a content item • Content owner generates SK F and stores it in the proxy • A subscriber encrypts using IBE and F as key, some D-H key exchange parameters • Only “authorized” nodes are able to decrypt the parameters and proceed with the D-H key establishment

  42. DISCUSSION

  43. Performance considerations Python-based implementation in a single core of an Intel i5-4440 3.1 GHz processor and with 2GB of RAM with security equivalent to RSA 1024 bits and 128 bit symmetric keys Storage overhead Computational overhead – size of SP: 2048 bits – encryption of key: 40 ms – size of C ID (key): 2048 bits – re-encryption key creation: 20 ms – size of re-encryption key: 3027 bits – re-encryption of a ciphertext: 31 ms – decryption of a ciphertext: 28 ms

  44. Per user PKG vs. (almost) Global PKG Per user PKG Global PKG + When a private key is lost + No need for SP retrieval updating SP is enough + No need for SP storage + No key escrow - When a private key is lost - Need for SP storage identity needs to change - Need for SP resolution - Key escrow problem – some keys share the same SP, e.g., same owner keys

  45. Thank you fotiou@aueb.gr polyzos@acm.org

Recommend

SANS Securing The Human Training Department of Safety Securing the Human Training Web

SANS Securing The Human Training Department of Safety Securing the Human Training Web

SANS Securing The Human Training Department of Safety Securing the Human Training Web based Centrally Administrated Divisionally managed Consistent content Central reporting Ability to add custom content (Policy's)

761 views • 10 slides
Securing Secret Sharing Against Leakage and Tampering Ashutosh Kumar Based on joint works with

Securing Secret Sharing Against Leakage and Tampering Ashutosh Kumar Based on joint works with

Securing Secret Sharing Against Leakage and Tampering Ashutosh Kumar Based on joint works with Vipul Goyal, Raghu Meka, and Amit Sahai Secret Sharing secret s n s 1 s i Correctness: Any out of parties can

1.72k views • 144 slides
Floating Content: Infrastructure-less Information Sharing in Urban Environments Jussi

Floating Content: Infrastructure-less Information Sharing in Urban Environments Jussi

Floating Content: Infrastructure-less Information Sharing in Urban Environments Jussi Kangasharju, Jrg Ott, Ossi Karkulahti Esa Hyyti, Jorma Virtamo, Pasi Lassila Infrastructure-less Content Sharing Ad-hoc local social network-style

275 views • 14 slides
Floating Content: Infrastructure-less Information Sharing in Urban Environments Jussi

Floating Content: Infrastructure-less Information Sharing in Urban Environments Jussi

Floating Content: Infrastructure-less Information Sharing in Urban Environments Jussi Kangasharju, Jrg Ott, Ossi Karkulahti Esa Hyyti, Jorma Virtamo, Pasi Lassila Tobias Vaegs Infrastructure-less Content Sharing Ad-hoc local social

548 views • 16 slides
Floating Content: Information Sharing in Urban Areas Jussi Kangasharju Jrg Ott, Esa Hyyti,

Floating Content: Information Sharing in Urban Areas Jussi Kangasharju Jrg Ott, Esa Hyyti,

Aalto University School of Electrical Engineering Floating Content: Information Sharing in Urban Areas Jussi Kangasharju Jrg Ott, Esa Hyyti, Pasi Lassila Tobias Vaegs, Ossi Karkulahti Infrastructure-less Content Sharing Ad-hoc

446 views • 20 slides
SACM Social Media Agenda Content types Copy Photos Link sharing Pacing

SACM Social Media Agenda Content types Copy Photos Link sharing Pacing

SACM Social Media Agenda Content types Copy Photos Link sharing Pacing Sharing content Social Media Best Practices Content: 70-20-10 Rule 70% of posts should be brand building, but not promotional Show yourself as

373 views • 14 slides
HOW EFFECTIVE PEDAGOGY MAXIMIZES LEARNING OF CONTENT SUBJECTS IN ENGLISH: A SHARING OF GOOD

HOW EFFECTIVE PEDAGOGY MAXIMIZES LEARNING OF CONTENT SUBJECTS IN ENGLISH: A SHARING OF GOOD

HOW EFFECTIVE PEDAGOGY MAXIMIZES LEARNING OF CONTENT SUBJECTS IN ENGLISH: A SHARING OF GOOD PRACTICES Bette Li Course Instructor, The Hong Kong Polytechnic University Project Director, DOLACEE & ILLIPS 13 December 2014 Sharing good

742 views • 38 slides
OblivP2P: An Oblivious Peer-to- Peer Content Sharing System Yaoqi Jia, Tarik Moataz, Shruti Tople

OblivP2P: An Oblivious Peer-to- Peer Content Sharing System Yaoqi Jia, Tarik Moataz, Shruti Tople

OblivP2P: An Oblivious Peer-to- Peer Content Sharing System Yaoqi Jia, Tarik Moataz, Shruti Tople and Prateek Saxena National University of Singapore 1 Traffic Analysis in P2P Systems P2P content sharing systems 150 million users/month

417 views • 26 slides
Proof of Novelty A distributed consensus mechanism for securing content novelty Daniel Severo

Proof of Novelty A distributed consensus mechanism for securing content novelty Daniel Severo

Motivation Trustworthiness Proof of Novelty Take-away points Open Questions and Future Work Proof of Novelty A distributed consensus mechanism for securing content novelty Daniel Severo Independent Scientist Virtual Design Challenge The

720 views • 36 slides
Classroom Capture and Content Sharing Options: Why, What and How Understanding why recording

Classroom Capture and Content Sharing Options: Why, What and How Understanding why recording

Classroom Capture and Content Sharing Options: Why, What and How Understanding why recording classroom content helps a variety of student and learning needs Adam Gordon & George Preisinger What is classroom capture and why would you want

248 views • 4 slides
Controlled Sharing of Sensitive Content NDN Case Study Yingdi Yu UCLA 10/3/15 1

Controlled Sharing of Sensitive Content NDN Case Study Yingdi Yu UCLA 10/3/15 1

Controlled Sharing of Sensitive Content NDN Case Study Yingdi Yu UCLA 10/3/15 1 Content-based confidentiality Confidentiality stays with content independent from where the content is independent from how it is

647 views • 10 slides
IoT Security Image: xkcd How is securing IoT different from securing any other system? IoT

IoT Security Image: xkcd How is securing IoT different from securing any other system? IoT

IoT Security Image: xkcd How is securing IoT different from securing any other system? IoT is a system of systems, with A great deal of heterogeneity (sensing, computation, communication, energy) New types of devices appearing all

1.35k views • 65 slides
Securing Web Content Joakim Koskela, Nicholas Weaver, Andrei Gurtov and Mark Allman ReArch'09

Securing Web Content Joakim Koskela, Nicholas Weaver, Andrei Gurtov and Mark Allman ReArch'09

Securing Web Content Joakim Koskela, Nicholas Weaver, Andrei Gurtov and Mark Allman ReArch'09 Rome, December 1 s t 2009 2009-12-01 2009-12-01 How do we protect the user without dwarfing the web experience? Nature of the web has changed

464 views • 30 slides
Securing The Web Browser Keeping the Phish in the Sea What is Wrong With This? Where to Begin?

Securing The Web Browser Keeping the Phish in the Sea What is Wrong With This? Where to Begin?

Securing The Web Browser Keeping the Phish in the Sea What is Wrong With This? Where to Begin? Security indicator only in the content region Notice that it is used for personal data that should be secure No access to the location or

933 views • 21 slides
Building&Hacking modern iOS apps Wojciech Regua @_r3ggi wojciech.regula@securing.pl

Building&Hacking modern iOS apps Wojciech Regua @_r3ggi wojciech.regula@securing.pl

www.securing.pl Building&Hacking modern iOS apps Wojciech Regua @_r3ggi wojciech.regula@securing.pl @_r3ggi wojciech.regula@securing.pl www.securing.pl www.securing.pl WHOAMI -Senior IT Security Consultant @ SecuRing -Focused on

998 views • 67 slides
Different Spirals of Sameness: A Study of Content Sharing in Mainstream and Alternative Media

Different Spirals of Sameness: A Study of Content Sharing in Mainstream and Alternative Media

Different Spirals of Sameness: A Study of Content Sharing in Mainstream and Alternative Media Benjamin D. Horne , Jeppe Nrregaard, and Sibel Adali Rensselaer Polytechnic Institute, Technical University of Denmark Primary focus of this work is

548 views • 29 slides
E Learning Spectrum: Different Models of Content/Course Sharing in K 12 Capital District

E Learning Spectrum: Different Models of Content/Course Sharing in K 12 Capital District

E Learning Spectrum: Different Models of Content/Course Sharing in K 12 Capital District Educational Technology Group June 4, 2013 What is NERIC? Provides advanced technology services Partners with seven (7) BOCES Covers 12

505 views • 11 slides
Privacy-Enhanced Sharing of Personal Content on the Web Mohammad Mannan and P . C. van Oorschot

Privacy-Enhanced Sharing of Personal Content on the Web Mohammad Mannan and P . C. van Oorschot

IMPECS WWW Presentation- April 24, 2008 Privacy-Enhanced Sharing of Personal Content on the Web Mohammad Mannan and P . C. van Oorschot Carleton University, Canada M. Mannan April 24, 2008 1 IMPECS The need for sharing is real People

422 views • 19 slides
Objectives Sharing of Key Programmes Sharing of Assessment Structure Collection of Feedback to

Objectives Sharing of Key Programmes Sharing of Assessment Structure Collection of Feedback to

Objectives Sharing of Key Programmes Sharing of Assessment Structure Collection of Feedback to improve current programmes/systems Outline of Briefing Content tent Detail ils Key Programmes PAL, CCE, 7 Habits, MDB Part 1 Assessment P2

278 views • 26 slides
oEmbed sharing content made easy by B. Podlewski for Liip Techday 2010 twitter: podlebar blog:

oEmbed sharing content made easy by B. Podlewski for Liip Techday 2010 twitter: podlebar blog:

oEmbed sharing content made easy by B. Podlewski for Liip Techday 2010 twitter: podlebar blog: blog.robocode.ch oEmbed is an open format designed to allow embedding content from a website into another page. Benefits & Visions Embed

906 views • 28 slides
Amanpreet Singh & Anirudh Ganesh Reddit Reddit is a social content sharing and

Amanpreet Singh & Anirudh Ganesh Reddit Reddit is a social content sharing and

Amanpreet Singh & Anirudh Ganesh Reddit Reddit is a social content sharing and discussion platform which was founded by Steve Huffman and Alexis Ohanian in 2005 now worth $1.8 billion. Users submit links, discussion topics, images

447 views • 13 slides
FOSP Towards a Federated Object Sharing Protocol that Unifies Operations on Social Content Felix

FOSP Towards a Federated Object Sharing Protocol that Unifies Operations on Social Content Felix

FOSP Towards a Federated Object Sharing Protocol that Unifies Operations on Social Content Felix Maurer | June 16, 2014 FORSCHUNGSGRUPPE DEZENTRALE SYSTEME UND NETZDIENSTE www.kit.edu KIT University of the State of Baden-Wuerttemberg and

849 views • 27 slides
Micro-Blog: Sharing and Querying Content Through Mobile Phones and Social Participation

Micro-Blog: Sharing and Querying Content Through Mobile Phones and Social Participation

Micro-Blog: Sharing and Querying Content Through Mobile Phones and Social Participation Presented by Paul Ksiazek Motivation Sensor Networks Inexpensive Gather data over large area Mobile phones Virtual Information

455 views • 17 slides
PIC PAC Pic Pac Alpaca An anonymous location based image sharing community for iOS Channel for

PIC PAC Pic Pac Alpaca An anonymous location based image sharing community for iOS Channel for

PIC PAC Pic Pac Alpaca An anonymous location based image sharing community for iOS Channel for relevant news: local and Public feed content is from both IRL friends current events and other sources relevant to user in app content rating

417 views • 3 slides

More recommend