Upload
branxton
View
45
Download
3
Embed Size (px)
DESCRIPTION
The Eternity Service. Threat model Service characteristic Design highlights Overall Service structure Protocols used Servers Implementation. http://www.mail.kolej.mff.cuni.cz/~eternity/index.html. Threat model. Blunt influences - natural disasters, vandals, thieves - PowerPoint PPT Presentation
Citation preview
04/20/23
1
The Eternity Service
• Threat model• Service characteristic• Design highlights• Overall Service structure• Protocols used• Servers• Implementation
http://www.mail.kolej.mff.cuni.cz/~eternity/index.html
04/20/23
2
Threat model
• Blunt influences - natural disasters, vandals, thieves
• Amateur opponent - moderate to good knowledge, restricted resources
• Professional opponent - excellent knowledge, high motivation, skilled stuff, sufficient resources
• Authorities - law enforcement, global influence
04/20/23
3
Service characteristics
• Services: store data for agreed period, retrieve specified information
• World-wide system
• High reliability and availability
• Anonymity
• Fully distributed design
• No autentization, no privacy
04/20/23
4
Design goals
• Unlimited availability• High resistance• Extendibility• Fully distributed
design• Portability and
reusability
• In service upgrade• Terseness and
simplicity• Separation of
cryptography• Good habits
04/20/23
5
Design guidelines
• Flat structure• High ES protection• Auxiliary servers• Passive behaviour
• Randomness, concealing
• Two-layered implementation
• Freedom principle
04/20/23
6
Overall Service structure
M ix
M ixM ix
M ix
M ix
M ix
E SE S
E S
E P X
C M
A C S
w w w
C lien tsA d ve rtisedse rve rs
C o ncea ledse rve rs
04/20/23
7
Server types - Eternity Server
• Each ES represents an entry point
• Provides data storage capacity
• Assures information retrieval
• Automatically discards expired data
• Time synchronization
• Communication with banks
04/20/23
8
Server types - Mix server
• Padding traffic generation
• Supports erm message transfer
• Represents simple and cheap way to grow the system size
04/20/23
9
Server types - AC server
• Assures first contact with Service
• Collects certificates of servers
• Provides ES access certificates and Mix certificates to all subjects
04/20/23
10
Server types - EPX server
• Simple easy to use interface for amateur users without the need of a top quality protection
• Additional functions - secret splitting, privacy enhancement,
• Local cache for quicker access to frequently requested data
04/20/23
11
Access certificate
SignMiscTmaxTexp ||||
|}}|{||{|||2/2
011212/2/1
Kpbl
ASASASn
KpblKpbln
…
04/20/23
12
Eternity Routing Mechanism
…
…
……
……
04/20/23
13
ES internal structure
T C BE S G MC o n so le
T im e r
S to rag eIn co m .
m sgS leep .
tranO u tg .m sg
M ix in te rface
04/20/23
14
ES data storage
S lo t 1 S lo t 2 S lo t nn o n c e
S lo t 1 S lo t 2 S lo t nn o n c e
S lo t 1 S lo t 2 S lo t nn o n c e
F ileC lu s te rs
04/20/23
15
Implementation
Platform:• Posix• FreeBSD Unix• RSAref + Blowfish• gcc
Current state:• ES with sw-based
TCB• MX, ACS• Client module
(alpha versions)