DOCSLIB.ORG

Oblivp2p: an Oblivious Peer-To-Peer Content Sharing System

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

OblivP2P: An Oblivious Peer-to-Peer Content Sharing System Yaoqi Jia, National University of Singapore; Tarik Moataz, Colorado State University and Telecom Bretagne; Shruti Tople and Prateek Saxena, National University of Singapore https://www.usenix.org/conference/usenixsecurity16/technical-sessions/presentation/jia This paper is included in the Proceedings of the 25th USENIX Security Symposium August 10–12, 2016 • Austin, TX ISBN 978-1-931971-32-4 Open access to the Proceedings of the 25th USENIX Security Symposium is sponsored by USENIX OBLIVP2P: An Oblivious Peer-to-Peer Content Sharing System 1 2 1 1 Yaoqi Jia ∗ Tarik Moataz ∗ Shruti Tople ∗ Prateek Saxena 1National University of Singapore jiayaoqi, shruti90, prateeks @comp.nus.edu.sg { } 2Colorado State University and Telecom Bretagne [email protected] Abstract sharing files on the Internet. More recently, peer-assisted Peer-to-peer (P2P) systems are predominantly used to CDNs such as Akamai Netsession [4] and Squirrel [5] distribute trust, increase availability and improve perfor- are gaining wide adoption to offload web CDN traffic to mance. A number of content-sharing P2P systems, for clients. The convenient access to various resources at- file-sharing applications (e.g., BitTorrent and Storj) and tract millions of users to join P2P networks, e.g., BitTor- more recent peer-assisted CDNs (e.g., Akamai Netses- rent has over 150 million active users per month [6] and sion), are finding wide deployment. A major security its file-sharing service contributes 3.35% of all world- concern with content-sharing P2P systems is the risk of wide bandwidth [7]. However, the majority of such P2P long-term traffic analysis — a widely accepted challenge applications are susceptible to long-term traffic analy- with few known solutions. sis through global monitoring; especially, analyzing the In this paper, we propose a new approach to protecting pattern of communication between a sender and a re- against persistent, global traffic analysis in P2P content- ceiver to infer information about the users. For exam- sharing systems. Our approach advocates for hiding ple, many copyright enforcement organizations such as data access patterns, making P2P systems oblivious. We IFPI, RIAA, MPAA, government agencies like NSA and propose OBLIVP2P— a construction for a scalable dis- ISP’s are reported to globally monitor BitTorrent traffic tributed ORAM protocol, usable in a real P2P setting. to identify illegal actors. Monitoring of BitTorrent traf- Our protocol achieves the following results. First, we fic has shown to reveal the data requested and sent by the show that our construction retains the (linear) scalability peers in the network [8–10]. Unfortunately, while detect- of the original P2P network w.r.t the number of peers. ing copyright infringements is useful, the same global Second, our experiments simulating about 16,384 peers monitoring is applicable to any user of the P2P network, on 15 Deterlab nodes can process up to 7 requests of and can therefore collect benign users’ data. Thus, users 512KB each per second, suggesting usability in mod- of such P2P systems are at a risk of leaking private infor- erately latency-sensitive applications as-is. The bottle- mation such as the resources they upload or download. necks remaining are purely computational (not band- To hide their online traces, users today employ anony- width). Third, our experiments confirm that in our con- mous networks as a solution to conceal their digital struction, no centralized infrastructure is a bottleneck — identities or data access habits. Currently, anonymous essentially, ensuring that the network and computational networks include Mix networks [11–13], and Onion overheads can be completely offloaded to the P2P net- routing/Tor-based systems [14–17], as well as other P2P work. Finally, our construction is highly parallelizable, anonymity systems [18–23]. Such systems allow the user which implies that remaining computational bottlenecks to be anonymous, so that the user is unidentifiable within can be drastically reduced if OBLIVP2P is deployed on a set of users [24]. a network with many real machines. Although above solutions provide an anonymity guar- antee, they are vulnerable to long-term traffic pattern 1 Introduction analysis attacks, which is an important threat for P2P sys- tems like BitTorrent [25–30]. Researchers have demon- Content sharing peer-to-peer (P2P) systems, especially strated attacks targeting BitTorrent users on top of Tor P2P file-sharing applications such as BitTorrent [1], that reveal information related to the resources uploaded Storj [2] and Freenet [3] are popular among users for or downloaded [31, 32]. Such attacks raise the question ∗Lead authors are alphabetically ordered. - is anonymizing users the right defense against traffic 1 USENIX Association 25th USENIX Security Symposium 945 pattern analysis in P2P content sharing systems? tributing the communication and computation overhead. In this paper, we investigate a new approach to solve the problem of persistent analysis of data communication Solution Overview. We start with a toy construction patterns. We advocate that data / resource access pattern (OBLIVP2P-0) which directly adapts ORAM to a P2P hiding is an important and necessary step to thwart leak- setting, and then present our main contribution which is age of users data in P2P systems. To this end, we present a more efficient solution (OBLIVP2P-1). a first candidate solution, OBLIVP2P— an oblivious pro- Centralized Protocol (OBLIVP2P-0): Our centralized tocol for peer-to-peer content sharing systems. Hiding protocol or OBLIVP2P-0, is a direct adaptation of data access patterns or making them oblivious unlinks ORAM in a P2P system. The peers in the network user’s identity from her online traces, thereby defending behave both like distributed storage servers as well as against long-term traffic monitoring. clients. They request a centralized, trusted tracker to ac- cess a particular resource. The tracker performs all the ORAM operations to fetch the resource from the net- 1.1 Approach work and returns it to the requesting peer. However, this variant of OBLIVP2P protocol has limited scalability as For hiding data access patterns between a trusted CPU it assigns heavy computation to the tracker, making it a and an untrusted memory, Goldreich and Ostrovsky pro- bottleneck. posed the concept of an Oblivious RAM (ORAM) [33]. Distributed Protocol (OBLIVP2P-1): As our main con- We envision providing similar obliviousness guarantees tribution, we present OBLIVP2P-1 which provides both in P2P systems, and therefore select ORAM as a start- obliviousness and scalability properties in a tracker- ing point for our solution. To the best of our knowledge, based P2P system. To attain scalability, the key idea OBLIVP2P is the first work that adapts ORAM to ac- is to avoid any single entity (say the tracker) as a bot- cesses in a P2P setting. However, directly employing tleneck. This requires distributing all the ORAM oper- ORAM to hide access patterns in a P2P system is chal- ations for fetching and sharing of resources among the lenging. We outline two key challenges in designing an peers in the network, while still maintaining oblivious- oblivious and a scalable P2P protocol using ORAM. ness guarantees. To realize such a distributed protocol, Obliviousness. The first challenge arises due to the dif- our main building block, which we call Oblivious Selec- ference in the setting of a standard ORAM as compared tion (OblivSel), is a novel combination of private infor- to a P2P content sharing system. Classical ORAM solu- mation retrieval with recent advances in ORAM. Obliv- tions consists of a single client which securely accesses ious Selection gives us a scalable way to securely dis- an untrusted storage (server), wherein the client is even- tribute the load of the tracker. Our construction is proven tually the owner and the only user of the data in the mem- secure in the honest-but-curious adversary model. Con- ory. In contrast, P2P systems consist of a set of trusted structions and proofs for arbitrarily malicious fraction of trackers managing the network, and multiple data own- peers is slated for future work. ers (peers) in the network. Each peer acts both as a client as well as a server in the network i.e., a peer can either request for a data or respond to other peer’s request with 1.2 System and Results the data stored on its machine. Hence, adversarial peers We provide a prototype implementation of both present in the network can see the plaintext and learn the OBLIVP2P-0 and OBLIVP2P-1 protocols in Python. data requested by other peers, a threat that does not exists Our source code is available online [34]. We experimen- in the traditional ORAM model where only encrypted tally evaluate our implementation on DeterLab testbed data is seen by the servers. with 15 servers simulating up to 214 peers in the network. Scalability. The second challenge lies in seeking an Our experiments demonstrate that OBLIVP2P-0 is lim- oblivious P2P system that 1) the throughput scales lin- ited in scalability with the tracker as the main bottleneck. early with the number of peers in the network, 2) has no The throughput for OBLIVP2P-1, in contrast, scales lin- centralized bottleneck and 3) can be parallelized with an early with increase in the number of peers in the network. overall acceptable throughput. In standard ORAM solu- It attains an overall throughput of 3.19 MBps for a net- tions, the (possibly distributed) server is responsible for work of 214 peers that corresponds to 7 requests per sec- serving all the data access requests from a client one-by- ond for a block size of 512 KB. By design, OBLIVP2P-1 one. In contrast, P2P systems operate on a large-scale is embarrassingly parallelizable over the computational with multiple peers (clients) requesting resources from capacity available in a real P2P network.
Recommended publications
  • Will Sci-Hub Kill the Open Access Citation Advantage and (At Least for Now) Save Toll Access Journals?

    Will Sci-Hub Kill the Open Access Citation Advantage and (At Least for Now) Save Toll Access Journals?

    Will Sci-Hub Kill the Open Access Citation Advantage and (at least for now) Save Toll Access Journals? David W. Lewis October 2016 © 2016 David W. Lewis. This work is licensed under a Creative Commons Attribution 4.0 International license. Introduction It is a generally accepted fact that open access journal articles enjoy a citation advantage.1 This citation advantage results from the fact that open access journal articles are available to everyone in the word with an Internet collection. Thus, anyone with an interest in the work can find it and use it easily with no out-of-pocket cost. This use leads to citations. Articles in toll access journals on the other hand, are locked behind paywalls and are only available to those associated with institutions who can afford the subscription costs, or who are willing and able to purchase individual articles for $30 or more. There has always been some slippage in the toll access journal system because of informal sharing of articles. Authors will usually send copies of their work to those who ask and sometime post them on their websites even when this is not allowable under publisher’s agreements. Stevan Harnad and his colleagues proposed making this type of author sharing a standard semi-automated feature for closed articles in institutional repositories.2 The hashtag #ICanHazPDF can be used to broadcast a request for an article that an individual does not have access to.3 Increasingly, toll access articles are required by funder mandates to be made publically available, though usually after an embargo period.
  • Piracy of Scientific Papers in Latin America: an Analysis of Sci-Hub Usage Data

    Piracy of Scientific Papers in Latin America: an Analysis of Sci-Hub Usage Data

    Developing Latin America Piracy of scientific papers in Latin America: An analysis of Sci-Hub usage data Juan D. Machin-Mastromatteo Alejandro Uribe-Tirado Maria E. Romero-Ortiz This article was originally published as: Machin-Mastromatteo, J.D., Uribe-Tirado, A., and Romero-Ortiz, M. E. (2016). Piracy of scientific papers in Latin America: An analysis of Sci-Hub usage data. Information Development, 32(5), 1806–1814. http://dx.doi.org/10.1177/0266666916671080 Abstract Sci-Hub hosts pirated copies of 51 million scientific papers from commercial publishers. This article presents the site’s characteristics, it criticizes that it might be perceived as a de-facto component of the Open Access movement, it replicates an analysis published in Science using its available usage data, but limiting it to Latin America, and presents implications caused by this site for information professionals, universities and libraries. Keywords: Sci-Hub, piracy, open access, scientific articles, academic databases, serials crisis Scientific articles are vital for students, professors and researchers in universities, research centers and other knowledge institutions worldwide. When academic publishing started, academies, institutions and professional associations gathered articles, assessed their quality, collected them in journals, printed and distributed its copies; with the added difficulty of not having digital technologies. Producing journals became unsustainable for some professional societies, so commercial scientific publishers started appearing and assumed printing, sales and distribution on their behalf, while academics retained the intellectual tasks. Elsevier, among the first publishers, emerged to cover operations costs and profit from sales, now it is part of an industry that grew from the process of scientific communication; a 10 billion US dollar business (Murphy, 2016).
  • Practical Anonymous Networking?

    Practical Anonymous Networking?

    gap – practical anonymous networking? Krista Bennett Christian Grothoff S3 lab and CERIAS, Department of Computer Sciences, Purdue University [email protected], [email protected] http://www.gnu.org/software/GNUnet/ Abstract. This paper describes how anonymity is achieved in gnunet, a framework for anonymous distributed and secure networking. The main focus of this work is gap, a simple protocol for anonymous transfer of data which can achieve better anonymity guarantees than many traditional indirection schemes and is additionally more efficient. gap is based on a new perspective on how to achieve anonymity. Based on this new perspective it is possible to relax the requirements stated in traditional indirection schemes, allowing individual nodes to balance anonymity with efficiency according to their specific needs. 1 Introduction In this paper, we present the anonymity aspect of gnunet, a framework for secure peer-to-peer networking. The gnunet framework provides peer discovery, link encryption and message-batching. At present, gnunet’s primary application is anonymous file-sharing. The anonymous file-sharing application uses a content encoding scheme that breaks files into 1k blocks as described in [1]. The 1k blocks are transmitted using gnunet’s anonymity protocol, gap. This paper describes gap and how it attempts to achieve privacy and scalability in an environment with malicious peers and actively participating adversaries. The gnunet core API offers node discovery, authentication and encryption services. All communication between nodes in the network is confidential; no host outside the network can observe the actual contents of the data that flows through the network. Even the type of the data cannot be observed, as all packets are padded to have identical size.
  • Mixminion: Design of a Type III Anonymous Remailer Protocol

    Mixminion: Design of a Type III Anonymous Remailer Protocol

    Mixminion: Design of a Type III Anonymous Remailer Protocol G. Danezis, R. Dingledine, N. Mathewson IEEE S&P 2003 Presented by B. Choi in cs6461 Computer Science Michigan Tech Motivation ● Anonymous email only – High latency vs. near real-time (onion routing) ● Anonymous email implementations – Type 1: Cypherpunk (80’s) ● vulnerable to replay attacks – Type 2: Mixmaster(92) ● message padding and pooling – Type 3: Mixminion (2003) ● Anonymous Replies! Reply block? ● Most or many systems support sender anonymity ● Pynchon Gate supports receiver anonymity in an interesting way (P2P file sharing: 2005) – Send everything to everywhere (everyone) ● Is receiver anonymity too hard to achieve? – First of all, receiver has to use pseudonyms ● Pseudonym policy: how many, valid period, ... Reply blocks ● Chaum(‘81), BABEL (‘96), Mixmaster (92) .. – Entire path is chosen by the sender ● Variations are possible ● BABEL RPI is invisible to passive external attackers ● BABEL RPI is visible to internal passive attackers (mix) – Can be used multiple times? ● Good for communication efficiency ● Bad for anonymity due to potential path information leaking ● Adversary could utilize the pattern of the same reply block Fundamental solution to the reply block problem? ● One way is to use single-use reply blocks (SURB) ● Reply messages are indistinguishable from forward messages even to mix nodes ● Effect: both reply and forward messages share the same anonymity set ● SURB ● How to design SURB? – Sender generates SURB – To defeat replay, each intermediate node
  • The Design, Implementation and Operation of an Email Pseudonym Server

    The Design, Implementation and Operation of an Email Pseudonym Server

    The Design, Implementation and Operation of an Email Pseudonym Server David Mazieres` and M. Frans Kaashoek MIT Laboratory for Computer Science 545 Technology Square, Cambridge MA 02139 Abstract Attacks on servers that provide anonymity generally fall into two categories: attempts to expose anonymous users and attempts to silence them. Much existing work concentrates on withstanding the former, but the threat of the latter is equally real. One particularly effective attack against anonymous servers is to abuse them and stir up enough trouble that they must shut down. This paper describes the design, implementation, and operation of nym.alias.net, a server providing untraceable email aliases. We enumerate many kinds of abuse the system has weath- ered during two years of operation, and explain the measures we enacted in response. From our experiences, we distill several principles by which one can protect anonymous servers from similar attacks. 1 Introduction Anonymous on-line speech serves many purposes ranging from fighting oppressive government censorship to giving university professors feedback on teaching. Of course, the availability of anonymous speech also leads to many forms of abuse, including harassment, mail bombing and even bulk emailing. Servers providing anonymity are particularly vulnerable to flooding and denial-of-service attacks. Concerns for the privacy of legitimate users make it impractical to keep usage logs. Even with logs, the very design of an anonymous service generally makes it difficult to track down attackers. Worse yet, attempts to block problematic messages with manually-tuned filters can easily evolve into censorship—people unhappy with anonymous users will purposefully abuse a server if by doing so they can get legitimate messages filtered.
  • Privacy-Enhancing Technologies for the Internet

    Privacy-Enhancing Technologies for the Internet

    Privacy-enhancing technologies for the Internet Ian Goldberg David Wagner Eric Brewer University of California, Berkeley iang,daw,brewer ¡ @cs.berkeley.edu Abstract ing privacy issues on the Internet, and Section 3 provides some relevant background. We then discuss Internet pri- The increased use of the Internet for everyday activi- vacy technology chronologically, in three parts: Section 4 ties is bringing new threats to personal privacy. This pa- describes the technology of yesterday, Section 5 explains per gives an overview of existing and potential privacy- today’s technology, and Section 6 explores the technology enhancing technologies for the Internet, as well as moti- of tomorrow. Finally, we conclude in Section 7. vation and challenges for future work in this field. 2. Motivation 1. Introduction The threats to one’s privacy on the Internet are two-fold: your online actions could be (1) monitored by unauthorized Recently the Internet has seen tremendous growth, with parties and (2) logged and preserved for future access many the ranks of new users swelling at ever-increasing rates. years later. You might not realize that your personal infor- This expansion has catapulted it from the realm of academic mation has been monitored, logged, and subsequently dis- research towards new-found mainstream acceptance and in- closed; those who would compromise your privacy have no creased social relevance for the everyday individual. Yet incentive to warn you. this suddenly increased reliance on the Internet has the po- The threat of long-term storage and eventual disclosure tential to erode personal privacies we once took for granted. of personal information is especially acute on the Internet.
  • A Concept of an Anonymous Direct P2P Distribution Overlay System

    A Concept of an Anonymous Direct P2P Distribution Overlay System

    22nd International Conference on Advanced Information Networking and Applications A Concept of an Anonymous Direct P2P Distribution Overlay System Igor Margasiński, Michał Pióro Institute of Telecommunications, Warsaw University of Technology {I.Margasinski, M.Pioro}@tele.pw.edu.pl Abstract an anonymous network composed of nodes called Mixes that forward anonymous messages. The strength The paper introduces a peer-to-peer system called of the solution consists in: (i) a specific operation of P2PRIV (peer-to-peer direct and anonymous nodes which “mixes” forwarded messages, and (ii) an distribution overlay). Basic novel features of P2PRIV asymmetric encryption of messages exchanged are: (i) a peer-to-peer parallel content exchange between them. The purpose of such mixing is to hide architecture, and (ii) separation of the anonymization the correlation between received and forwarded process from the transport function. These features messages. In general, received data units are padded to allow a considerable saving of service time while a constant size length, encrypted, delayed for a batch preserving high degree of anonymity. In the paper we aggregation and then sent (flushed) in a random order. evaluate anonymity measures of P2PRIV (using a Anonymous messages are sent usually via a chain of normalized entropy measurement model) as well as its Mixes to eliminate presence of a trusted party and also traffic measures (including service time and network to omit single point of failure imposed by a single Mix. dynamics), and compare anonymity and traffic In Mix-net, each message is encrypted recursively with performance of P2PRIV with a well known system public keys of Mixes from a forwarding path.
  • Social Network Based Anonymous Communication in Tor Peng Zhou, Xiapu Luo, Ang Chen, and Rocky K

    Social Network Based Anonymous Communication in Tor Peng Zhou, Xiapu Luo, Ang Chen, and Rocky K

    1 STor: Social Network based Anonymous Communication in Tor Peng Zhou, Xiapu Luo, Ang Chen, and Rocky K. C. Chang Department of Computing, The Hong Kong Polytechnic University, Hunghom, Hong Kong cspzhouroc,csxluo,csachen,csrchang @comp.polyu.edu.hk f g Abstract—Anonymity networks hide user identities with the help of relayed anonymity routers. However, the state-of-the-art anonymity networks do not provide an effective trust model. As a result, users cannot circumvent malicious or vulnerable routers, thus making them susceptible to malicious router based attacks (e.g., correlation attacks). In this paper, we propose a novel social network based trust model to help anonymity networks circumvent malicious routers and obtain secure anonymity. In particular, we design an input independent fuzzy model to determine trust relationships between friends based on qualitative and quantitative social attributes, both of which can be readily obtained from existing social networks. Moreover, we design an algorithm for propagating trust over an anonymity network. We integrate these two elements in STor, a novel social network based Tor. We have implemented STor by modifying the Tor’s source code and conducted experiments on PlanetLab to evaluate the effectiveness of STor. Both simulation and PlanetLab experiment results have demonstrated that STor can achieve secure anonymity by establishing trust-based circuits in a distributed way. Although the design of STor is based on Tor network, the social network based trust model can be adopted by other anonymity networks. Index Terms—Social Network, Anonymous Communication, Tor, Fuzzy Model F 1 INTRODUCTION alone can be easily bypassed by an attacker.
  • Resource-Sharing Computer Communications Networks

    Resource-Sharing Computer Communications Networks

    PROCEEDISGS OF THE IEEE, VOL. 60, NO. 11, NOVEMBER 1972 1397 ington. D. C.: Spartan, 1970, pp. 569-579. [47] L. G. Roberts and B. Wessler, “The ARP.4 computer network de- [34] D. Klejtman,“Methods of investigatingconnectivity of large velopmentto achieve resource sharing, in Spring Joint Compztfer graphs, IEEE Trans.Circuit Theory (Corresp.),vol. CT-16, pp. Conf., AFIPS Conf. Proc., 1970, pp. 543-519. 232-233, May 1969. [48] --, “The ARPA computer network,” in Computer Communication [35] P. Krolak, IV. Felts,and G. Marble,“A man-machine approach Networks, F. Kuo and X. .‘\bramson, Eds.Iiew York: Prentice- towardsolving the traveling salesman problem,’! Commun.Ass. Hall, 1973, to be published. Comput. Mach., vol. 14, pp. 327-335, May 1971. [49] B. Rothfarb and M. Goldstein, ‘The one terminal Telpak problem,” [36] S. Lin,“Computer solutions of thetraveling salesman problem,” Oper. Res., vol. 19, pp. 156-169, Jan.-Feb. 1971. Bell Sysf. Tech. J., vol. 44, pp. 2245-2269, 1965. [SO] R. L. Sharma and M.T. El Bardai, “Suboptimal communications [37] T. Marilland L. G. Roberts, “Toward a cooperative netwotk of network synthesis,” in Proc. Int. Conf. Communications, vol. 7, pp. time-shared computers,” in Fall Joint Computer Conf.?AFIPS Conf. 19-11-19-16, 1970. Proc. Washington, D.C.: Spartan, 1966. ..[Sl] K. Steiglitz, P. Weiner, and D.J. Kleitman, “The design of minimum [38] B. Meister,H. R. Muller, and H. R.Rudin, “Sew optimization cost survivable networks,’! IEEE Trans. Circuit Theory, vol. CT-16, criteriafor message-switching networks,’ IEEE Trans.Commun. pp. 455-260, Nov.
  • Measuring Freenet in the Wild: Censorship-Resilience Under Observation

    Measuring Freenet in the Wild: Censorship-Resilience Under Observation

    Measuring Freenet in the Wild: Censorship-resilience under Observation Stefanie Roosy, Benjamin Schillerz, Stefan Hackerz, Thorsten Strufey yTechnische Universität Dresden, <firstname.lastname>@tu-dresden.de zTechnische Universität Darmstadt, <lastname>@cs.tu-darmstadt.de Abstract. Freenet, a fully decentralized publication system designed for censorship-resistant communication, exhibits long delays and low success rates for finding and retrieving content. In order to improve its perfor- mance, an in-depth understanding of the deployed system is required. Therefore, we performed an extensive measurement study accompanied by a code analysis to identify bottlenecks of the existing algorithms and obtained a realistic user model for the improvement and evaluation of new algorithms. Our results show that 1) the current topology control mechanisms are suboptimal for routing and 2) Freenet is used by several tens of thousands of users who exhibit uncharacteristically long online times in comparison to other P2P systems. 1 Introduction Systems that allow users to communicate anonymously, and to publish data without fear of retribution, have become ever more popular in the light of re- cent events1. Freenet [1–3] is a widely deployed completely decentralized system focusing on anonymity and censorship-resilience. In its basic version, the Open- net mode, it provides sender and receiver anonymity but establishes connections between the devices of untrusted users. In the Darknet mode, nodes only con- nect to nodes of trusted parties. Freenet aims to achieve fast message delivery over short routes by arranging nodes in routable small-world network. However, Freenet’s performance has been found to be insufficient, exhibiting long delays and frequent routing failures [4].
  • Sharing Music Files: Tactics of a Challenge to the Industry Brian Martin University of Wollongong, Bmartin@Uow.Edu.Au

    Sharing Music Files: Tactics of a Challenge to the Industry Brian Martin University of Wollongong, [email protected]

    University of Wollongong Research Online Faculty of Arts - Papers (Archive) Faculty of Law, Humanities and the Arts 2010 Sharing music files: tactics of a challenge to the industry Brian Martin University of Wollongong, [email protected] Christopher L. Moore Deakin University, [email protected] Colin Salter McMaster University, [email protected] Publication Details Martin, B., Moore, C. L. & Salter, C. 2010, 'Sharing music files: tactics of a challenge to the industry', First Monday, vol. 15, no. 12. Research Online is the open access institutional repository for the University of Wollongong. For further information contact the UOW Library: [email protected] First Monday, Volume 15, Number 12 - 6 December 2010 HOME ABOUT LOG IN REGISTER SEARCH CURRENT ARCHIVES SUBMISSIONS Home > Volume 15, Number 12 - 6 December 2010 > Martin The sharing of music files has been the focus of a massive struggle between representatives of major record companies and artists in the music industry, on one side, and peer–to–peer (p2p) file–sharing services and their users, on the other. This struggle can be analysed in terms of tactics used by the two sides, which can be classified into five categories: cover–up versus exposure, devaluation versus validation, interpretation versus alternative interpretation, official channels versus mobilisation, and intimidation versus resistance. It is valuable to understand these tactics because similar ones are likely to be used in ongoing struggles between users of p2p services and representatives of the content industries. Contents Introduction The backfire model Cover–up versus exposure Devaluation versus validation Interpretation struggles Official channels versus mobilisation Intimidation versus resistance Levels of strategy Conclusion Introduction Until the 1990s, the music industry played a leading role in the distribution of recorded music.
  • El Gamal Mix-Nets and Implementation of a Verifier

    El Gamal Mix-Nets and Implementation of a Verifier

    KTH Royal Institute of Technology School of Computer Science and Communication El Gamal Mix-Nets and Implementation of a Verifier SA104X Degree Project in Engineering Physics Erik Larsson ([email protected]) Carl Svensson ([email protected]) Supervisor: Douglas Wikstr¨om Abstract A mix-net is a cryptographic protocol based on public key cryptography which enables untraceable communication through a collection of nodes. One important application is electronic voting where it enables the construction of systems which satisfies many voting security requirements, including veri- fiability of correct execution. Verificatum is an implementation of a mix-net by Douglas Wikstr¨om. This report concerns the implementation of a verifier and evaluation of the implementation manual for the Verificatum mix-net. The purpose of the document is to enable third parties to convince themselves that the mix- net has behaved correctly without revealing any secret information. This implementation is a simple version of the verifier using the document and some test vectors generated by the mix-net. The document contains all information but there are still some possibilities for further clarification in order to make it comprehensible to a larger audience. Contents 1 Introduction 2 1.1 Verificatum . 2 1.2 Goals and Scope . 3 2 Background 3 2.1 El Gamal Cryptography . 3 2.1.1 Definition . 4 2.1.2 Security . 4 2.1.3 Properties . 5 2.2 Cryptographic Primitives . 6 2.2.1 Hash functions . 6 2.2.2 Pseudo Random Generators . 6 2.2.3 Random Oracles . 7 2.3 Mix Networks . 7 2.3.1 Overview . 7 2.3.2 El Gamal Mix-Nets .