securing content sharing over icn
play

Securing Content Sharing over ICN Nikos Fotiou, George C. Polyzos - PowerPoint PPT Presentation

Dec 19, 2023 •312 likes •776 views

Securing Content Sharing over ICN Nikos Fotiou, George C. Polyzos fotiou@aueb.gr, polyzos@acm.org Mobile Multimedia Laboratory, Department of Informatics School of Information Sciences and Technology Athens University of Economics and Business

  1. Securing Content Sharing over ICN Nikos Fotiou, George C. Polyzos fotiou@aueb.gr, polyzos@acm.org Mobile Multimedia Laboratory, Department of Informatics School of Information Sciences and Technology Athens University of Economics and Business 113 62 Athens, Greece http://mm.aueb.gr/

  2. At a glance • We consider a network of storage nodes interconnected using an ICN network • Content owners store content items in storage nodes in order to share them with subscribers • We provide – Content confidentiality using Identity-Based Encryption – Low overhead per user using Proxy Re-Encryption – Protection against malicious proxies – Subscriber authentication and – A novel form of storage node authentication

  3. BACKGROUND

  4. Identity-Based Encryption • A public key encryption scheme in which an arbitrary string can be used as a public key • Keys are generated by a Private Key Generator (PKG) – Key escrow problem

  5. Identity-based encryption

  6. Identity-based encryption Master Secret Key (k) System Parameters (SP) Public!

  7. Identity-based encryption

  8. Identity-based encryption

  9. Identity-based encryption

  10. Identity-based encryption

  11. Proxy Re-Encryption • A semi-trusted proxy – is allowed to alter a ciphertext – encrypted with the public key of user A – in a way that another user B can decrypt it • The proxy learns nothing about the plaintext or the secret keys of the user

  12. Identity-based Proxy Re-Encryption* * Our system uses M. Green, G. Ateniese, “Identity-Based Proxy Re-encryption,” in Applied Cryptography and Network Security, Katz, J., Yung, M. (eds.), Lecture Notes in Computer Science, vol. 4521, pp. 288-306, 2007

  13. Identity-based proxy re-encryption

  14. Identity-based proxy re-encryption

  15. Identity-based proxy re-encryption

  16. SYSTEM DESIGN

  17. Entities Known

  18. First construction • Content owners encrypt items using symmetric encryption and a key K – Each item is encrypted with a different key • Each key is encrypted using IBE with the identity of the content owner as key

  19. First construction

  20. First construction

  21. First construction

  22. Content request

  23. Content request

  24. Content request

  25. Content request

  26. Content request

  27. Content request

  28. Content request

  29. We need trusted proxies • … a malicious proxy can use a re-encryption key no matter whether the user is authorized or not to access a content item

  30. Second construction • Content owners encrypt items using symmetric encryption and a key K – Each item is encrypted with a different key • Each key is encrypted using IBE with the name of the policy that protects the item as key

  31. Second construction

  32. Second construction

  33. Second construction

  34. Content request

  35. Content request

  36. Content request

  37. Content request

  38. Trust to proxies is relaxed • … a re-encryption key can be used only for authorized users

  39. Security properties Does Does NOT • Content confidentiality is • Authenticate subscribers protected -> May result in unnecessary transmissions, re-encryptions • If content confidentiality is • Authenticate the storage the only requirement then node no further mechanisms are -> Possible privacy risk required • Secure the communication – Even if a subscriber lies about his identity he won’t be able channel to decrypt the file -> Possible privacy risk

  40. Endpoints authentication and secure channel setup* • It leverages existing IBE mechanisms • It provides subscriber authentication • It enables the creation of an ephemeral symmetric encryption key • It provides a proof that a storage node is authorized to store a particular content item * High level description

  41. Endpoints authentication and secure channel setup • Let F be the name of a content item • Content owner generates SK F and stores it in the proxy • A subscriber encrypts using IBE and F as key, some D-H key exchange parameters • Only “authorized” nodes are able to decrypt the parameters and proceed with the D-H key establishment

  42. DISCUSSION

  43. Performance considerations Python-based implementation in a single core of an Intel i5-4440 3.1 GHz processor and with 2GB of RAM with security equivalent to RSA 1024 bits and 128 bit symmetric keys Storage overhead Computational overhead – size of SP: 2048 bits – encryption of key: 40 ms – size of C ID (key): 2048 bits – re-encryption key creation: 20 ms – size of re-encryption key: 3027 bits – re-encryption of a ciphertext: 31 ms – decryption of a ciphertext: 28 ms

  44. Per user PKG vs. (almost) Global PKG Per user PKG Global PKG + When a private key is lost + No need for SP retrieval updating SP is enough + No need for SP storage + No key escrow - When a private key is lost - Need for SP storage identity needs to change - Need for SP resolution - Key escrow problem – some keys share the same SP, e.g., same owner keys

  45. Thank you fotiou@aueb.gr polyzos@acm.org

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

SANS Securing The Human Training Department of Safety Securing the Human Training Web

SANS Securing The Human Training Department of Safety Securing the Human Training Web

SANS Securing The Human Training Department of Safety Securing the Human Training Web based Centrally Administrated Divisionally managed Consistent content Central reporting Ability to add custom content (Policy's)

761 views • 10 slides
Securing Secret Sharing Against Leakage and Tampering Ashutosh Kumar Based on joint works with

Securing Secret Sharing Against Leakage and Tampering Ashutosh Kumar Based on joint works with

Securing Secret Sharing Against Leakage and Tampering Ashutosh Kumar Based on joint works with Vipul Goyal, Raghu Meka, and Amit Sahai Secret Sharing secret s n s 1 s i Correctness: Any out of parties can

1.72k views • 144 slides
Floating Content: Infrastructure-less Information Sharing in Urban Environments Jussi

Floating Content: Infrastructure-less Information Sharing in Urban Environments Jussi

Floating Content: Infrastructure-less Information Sharing in Urban Environments Jussi Kangasharju, Jrg Ott, Ossi Karkulahti Esa Hyyti, Jorma Virtamo, Pasi Lassila Infrastructure-less Content Sharing Ad-hoc local social network-style

275 views • 14 slides
Floating Content: Infrastructure-less Information Sharing in Urban Environments Jussi

Floating Content: Infrastructure-less Information Sharing in Urban Environments Jussi

Floating Content: Infrastructure-less Information Sharing in Urban Environments Jussi Kangasharju, Jrg Ott, Ossi Karkulahti Esa Hyyti, Jorma Virtamo, Pasi Lassila Tobias Vaegs Infrastructure-less Content Sharing Ad-hoc local social

548 views • 16 slides
Floating Content: Information Sharing in Urban Areas Jussi Kangasharju Jrg Ott, Esa Hyyti,

Floating Content: Information Sharing in Urban Areas Jussi Kangasharju Jrg Ott, Esa Hyyti,

Aalto University School of Electrical Engineering Floating Content: Information Sharing in Urban Areas Jussi Kangasharju Jrg Ott, Esa Hyyti, Pasi Lassila Tobias Vaegs, Ossi Karkulahti Infrastructure-less Content Sharing Ad-hoc

446 views • 20 slides
SACM Social Media Agenda Content types Copy Photos Link sharing Pacing

SACM Social Media Agenda Content types Copy Photos Link sharing Pacing

SACM Social Media Agenda Content types Copy Photos Link sharing Pacing Sharing content Social Media Best Practices Content: 70-20-10 Rule 70% of posts should be brand building, but not promotional Show yourself as

373 views • 14 slides
HOW EFFECTIVE PEDAGOGY MAXIMIZES LEARNING OF CONTENT SUBJECTS IN ENGLISH: A SHARING OF GOOD

HOW EFFECTIVE PEDAGOGY MAXIMIZES LEARNING OF CONTENT SUBJECTS IN ENGLISH: A SHARING OF GOOD

HOW EFFECTIVE PEDAGOGY MAXIMIZES LEARNING OF CONTENT SUBJECTS IN ENGLISH: A SHARING OF GOOD PRACTICES Bette Li Course Instructor, The Hong Kong Polytechnic University Project Director, DOLACEE & ILLIPS 13 December 2014 Sharing good

742 views • 38 slides
OblivP2P: An Oblivious Peer-to- Peer Content Sharing System Yaoqi Jia, Tarik Moataz, Shruti Tople

OblivP2P: An Oblivious Peer-to- Peer Content Sharing System Yaoqi Jia, Tarik Moataz, Shruti Tople

OblivP2P: An Oblivious Peer-to- Peer Content Sharing System Yaoqi Jia, Tarik Moataz, Shruti Tople and Prateek Saxena National University of Singapore 1 Traffic Analysis in P2P Systems P2P content sharing systems 150 million users/month

417 views • 26 slides
Proof of Novelty A distributed consensus mechanism for securing content novelty Daniel Severo

Proof of Novelty A distributed consensus mechanism for securing content novelty Daniel Severo

Motivation Trustworthiness Proof of Novelty Take-away points Open Questions and Future Work Proof of Novelty A distributed consensus mechanism for securing content novelty Daniel Severo Independent Scientist Virtual Design Challenge The

720 views • 36 slides
Classroom Capture and Content Sharing Options: Why, What and How Understanding why recording

Classroom Capture and Content Sharing Options: Why, What and How Understanding why recording

Classroom Capture and Content Sharing Options: Why, What and How Understanding why recording classroom content helps a variety of student and learning needs Adam Gordon & George Preisinger What is classroom capture and why would you want

248 views • 4 slides
Controlled Sharing of Sensitive Content NDN Case Study Yingdi Yu UCLA 10/3/15 1

Controlled Sharing of Sensitive Content NDN Case Study Yingdi Yu UCLA 10/3/15 1

Controlled Sharing of Sensitive Content NDN Case Study Yingdi Yu UCLA 10/3/15 1 Content-based confidentiality Confidentiality stays with content independent from where the content is independent from how it is

647 views • 10 slides
IoT Security Image: xkcd How is securing IoT different from securing any other system? IoT

IoT Security Image: xkcd How is securing IoT different from securing any other system? IoT

IoT Security Image: xkcd How is securing IoT different from securing any other system? IoT is a system of systems, with A great deal of heterogeneity (sensing, computation, communication, energy) New types of devices appearing all

1.35k views • 65 slides
Securing Web Content Joakim Koskela, Nicholas Weaver, Andrei Gurtov and Mark Allman ReArch'09

Securing Web Content Joakim Koskela, Nicholas Weaver, Andrei Gurtov and Mark Allman ReArch'09

Securing Web Content Joakim Koskela, Nicholas Weaver, Andrei Gurtov and Mark Allman ReArch'09 Rome, December 1 s t 2009 2009-12-01 2009-12-01 How do we protect the user without dwarfing the web experience? Nature of the web has changed

464 views • 30 slides
Securing The Web Browser Keeping the Phish in the Sea What is Wrong With This? Where to Begin?

Securing The Web Browser Keeping the Phish in the Sea What is Wrong With This? Where to Begin?

Securing The Web Browser Keeping the Phish in the Sea What is Wrong With This? Where to Begin? Security indicator only in the content region Notice that it is used for personal data that should be secure No access to the location or

933 views • 21 slides
Building&Hacking modern iOS apps Wojciech Regua @_r3ggi wojciech.regula@securing.pl

Building&Hacking modern iOS apps Wojciech Regua @_r3ggi wojciech.regula@securing.pl

www.securing.pl Building&Hacking modern iOS apps Wojciech Regua @_r3ggi wojciech.regula@securing.pl @_r3ggi wojciech.regula@securing.pl www.securing.pl www.securing.pl WHOAMI -Senior IT Security Consultant @ SecuRing -Focused on

998 views • 67 slides
Different Spirals of Sameness: A Study of Content Sharing in Mainstream and Alternative Media

Different Spirals of Sameness: A Study of Content Sharing in Mainstream and Alternative Media

Different Spirals of Sameness: A Study of Content Sharing in Mainstream and Alternative Media Benjamin D. Horne , Jeppe Nrregaard, and Sibel Adali Rensselaer Polytechnic Institute, Technical University of Denmark Primary focus of this work is

548 views • 29 slides
CITY OF HOMEWOOD STATE OF THE CITY ADDRESS SCOTT MCBRAYER, MAYOR CHIEF JOHN A. BRESNAN FINAL

CITY OF HOMEWOOD STATE OF THE CITY ADDRESS SCOTT MCBRAYER, MAYOR CHIEF JOHN A. BRESNAN FINAL

CITY OF HOMEWOOD STATE OF THE CITY ADDRESS SCOTT MCBRAYER, MAYOR CHIEF JOHN A. BRESNAN FINAL CALL JANUARY 10, 2020 The City began the year with an approved budget that had revenues equaling expenditures; therefore, no planned use of

423 views • 11 slides
Doug Hauer Tom Clark Mintz Levin Arthur J. Gallagher Bruce Rosetto Greenberg Traurig

Doug Hauer Tom Clark Mintz Levin Arthur J. Gallagher Bruce Rosetto Greenberg Traurig

INSURANCE PRODUCTS IN EB-5 David Souders Mark Freitas Todd Associates Mark Edwards Partners Doug Hauer Tom Clark Mintz Levin Arthur J. Gallagher Bruce Rosetto Greenberg Traurig PRESENTED BY: 1 No legal advice is being provided;

403 views • 13 slides
Paycheck Protection Program: the latest updates on forgiveness, change in ownership and audits,

Paycheck Protection Program: the latest updates on forgiveness, change in ownership and audits,

Paycheck Protection Program: the latest updates on forgiveness, change in ownership and audits, and whats next October 29, 2020 Disclaimer All information, content, and materials contained in this publication/program are for informational

483 views • 23 slides
R Recent Developments in the t D l t i th Continuity of Proprietary Interest R Requirement i

R Recent Developments in the t D l t i th Continuity of Proprietary Interest R Requirement i

R Recent Developments in the t D l t i th Continuity of Proprietary Interest R Requirement i t District of Columbia Bar Association Taxation Section District of Columbia Bar Association Taxation Section Corporate Tax Committee January 31,

1.2k views • 57 slides
the construction industry in Russia 1 First response 1 Getting hold of the situation and how

the construction industry in Russia 1 First response 1 Getting hold of the situation and how

Impact of COVID-19 on the construction industry in Russia 1 First response 1 Getting hold of the situation and how it might escalate 2 Prioritizing projects, stages of construction and delivery 3 Developing a plan for the industry 2

1.53k views • 14 slides
Should a Pastor Purchase a Home? Chris Bouchard Director, C2FM The American Dream Is it right

Should a Pastor Purchase a Home? Chris Bouchard Director, C2FM The American Dream Is it right

Should a Pastor Purchase a Home? Chris Bouchard Director, C2FM The American Dream Is it right for you at this time? The Dream Control Do what you want with your living space Mortgage is fixed, rent can go up You decide when to

633 views • 20 slides
T-IBE-T Identity-Based Encryption for Inter-Tile Communication 12th European Workshop on Systems

T-IBE-T Identity-Based Encryption for Inter-Tile Communication 12th European Workshop on Systems

T-IBE-T Identity-Based Encryption for Inter-Tile Communication 12th European Workshop on Systems Security (EuroSec 19) 2019-03-25, Dresden, Germany Alexander Wrstlein, Wolfgang Schrder-Preikschat Friedrich-Alexander-Universitt

440 views • 14 slides
UK IPv4 Transfer Market January 22, 2015 Sandra

UK IPv4 Transfer Market January 22, 2015 Sandra

UK IPv4 Transfer Market January 22, 2015 Sandra Brown sandrabrown@ipv4marketgroup.com 716 348 6768 1 Agenda 1. IntroducLon 2. IPv4 Purchase

342 views • 12 slides

More recommend