Fwd: Protection mail at rest
I recently implemented SSARES directly in python and also added parallelism to the searching. We can now search the a large inbox (1000+) messages in about 2-4 minutes. Technically, this could be done on a large scale and be practical, since my implementation is not fully optimized nor free of bugs. The implementation is available on my web site, http://fling.seas.upenn.edu/~aviv/wiki/index.php?n=SSARESApp.SSARESApp as well as some current benchmarks. I am not a cryptographer (so implementation may not be perfect), nor do I guarantee that the code doesn't have bugs. This is grad-ware and for research purposes only. Yet, as a proof of concept, feel free to play around with it and let me know what you think. I can supply more python scripts for searching and what not if anyone wants. thanks, adam On Sun, Jun 1, 2008 at 8:09 PM, Angelos D. Keromytis <[EMAIL PROTECTED]> wrote: > A more recent version, which appeared at ACSAC in December 2007 can be found > at: > > http://www1.cs.columbia.edu/~angelos/Papers/2007/SSARES_ACSAC.pdf > > Since then, the student primarily working on this(*) has improved > performance to the point of being able to search a couple of email messages > per minute or so, with further scope for improvement. The very large storage > overhead remains, but can probably be reduced by half or so. > > (*) Adam Aviv; he was an undergrad at Columbia, now pursuing his Phd with > Matt Blaze at UPenn... > > -Angelos > > > On Jun 1, 2008, at 8:53 AM, Perry E. Metzger wrote: >> >> "Leichter, Jerry" <[EMAIL PROTECTED]> writes: >>> >>> Does anyone know of existing work in this area? >> >> "SSARES: Secure Searchable Automated Remote Email Storage" >> by Keromytis et al, >> http://www1.cs.columbia.edu/~angelos/Papers/2006/SSARES_short.pdf >> >> There is probably other work out there. In some small part, this also >> looks like the problem that Matt Blaze's CFS addressed, though in that >> case it was to deal with untrusted remote file servers rather than >> email servers. >> >> >> Perry > > - > The Cryptography Mailing List > Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED] > -- Adam Aviv Ph. D. Candidate Computer and Information Science University of Pennsylvania -- Adam Aviv Ph. D. Candidate Computer and Information Science University of Pennsylvania - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
Re: Fwd: Protection mail at rest
I agree with you, that this is not nearly fast enough. However, this is 10 times faster then our original results, where we were searching 100 emails in about the same amount of time. With production code, some more optimization, esp. client side optimizations (i.e. message caching when possible), and increased parallelism, it may just be possible to reach the 4x faster searches a heavy user like yourself would need. I am just not a good enough coder to write it myself, but I believe that it can be done. adam On Mon, Jun 2, 2008 at 10:42 PM, Greg Black <[EMAIL PROTECTED]> wrote: > On 2008-06-02, Adam Aviv wrote: > >> I recently implemented SSARES directly in python and also added >> parallelism to the searching. We can now search the a large inbox >> (1000+) messages in about 2-4 minutes. > > Not to rain on your parade, but 1,000 messages is *not* a large inbox > and 2 to 4 minutes is a very long time to wait. You'd need to make this > two orders of magnitude faster before it would have a hope of being > interesting. (And for me, it would have to be at least four orders of > magnitude faster before I could consider it to be useful.) > > Greg > -- Adam Aviv Ph. D. Candidate Computer and Information Science University of Pennsylvania - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
Re: Fwd: Protection mail at rest
[Moderator's note: Please don't top post. --Perry] Depending on the level of protection you want, you could just add a script to your .forward to encrypt your email before delivery using PGP/GPG. However, this will leave the headers in the clear, so you will likely want to create an entirely new envelope for the message with the original message encrypted as the body or an attachment. But then you will need a thunderbird extension to unwrap the encrypted original email out of the body, and store the message locally unencrypted so that you can search. The problem comes when you start accessing your email from multiple locations. At one place you have built up a large cache of unencrypted messages and you can use them in the normal way, but when you access from another machine or a blackberry, the lack of cache will greatly hinder your performance. This is the reason we wanted to not only have the client cache capability to searching, but also a server side mechanism to compensate when accessing from multiple locations. adam On Tue, Jun 3, 2008 at 11:34 AM, Nate Lawson <[EMAIL PROTECTED]> wrote: > Greg Black wrote: >> >> On 2008-06-02, Adam Aviv wrote: >> >>> I recently implemented SSARES directly in python and also added >>> parallelism to the searching. We can now search the a large inbox >>> (1000+) messages in about 2-4 minutes. >> >> Not to rain on your parade, but 1,000 messages is *not* a large inbox >> and 2 to 4 minutes is a very long time to wait. You'd need to make this >> two orders of magnitude faster before it would have a hope of being >> interesting. (And for me, it would have to be at least four orders of >> magnitude faster before I could consider it to be useful.) > > Thunderbird, at least, downloads imap mail locally for searching. So all I > need is the automatic public key encryption on the server side (no > searching). Is there such an application already? > > -- > Nate > -- Adam Aviv Ph. D. Candidate Computer and Information Science University of Pennsylvania - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
Re: Protection mail at rest
On Tue, Jun 3, 2008 at 4:37 PM, Eric Cronin <[EMAIL PROTECTED]> wrote: > > On Jun 3, 2008, at 11:51 AM, Adam Aviv wrote: > >> Depending on the level of protection you want, you could just add a >> script to your .forward to encrypt your email before delivery using >> PGP/GPG. However, this will leave the headers in the clear, so you >> will likely want to create an entirely new envelope for the message >> with the original message encrypted as the body or an attachment. > > Does anybody have a recipe for this first mode handy? plain text e-mails > seem simple enough, but there needs to be a bit of MIME unwrapping and > rewrapping to correctly handle attachments so that the client sees/decrypts > them correctly I think. I've searched from time to time and never found a > good HowTo... > > Thanks, > Eric > I have written a script that does that in python, as part of the email handling for the project. It encrypts each message part separately and then construct a new email with each encrypted part as the payload of a new MIME multipart message. Contained within is also the encrypted session key, and necessary info to reconstruct. On the client side, the message can then be unwrap, decrypted, and the original email reconstructed. Or the client can request just the headers, the body, or any attachment (becomes iffy with a combination of 'text/plain' and 'text/html' content type) instead of the entire message. Depending on how you want to do the wrapping (if you want to meet some optimization like headers can be requested before the rest of the message), then the simplest approach is, if a MIME multipart message, to work with each part individually and encrypt. I decided to encrypt the headers for each part separatly from the payload, so that the client can see what the message contains before actually decrypting it. But, different approaches can be taken depending on the end goal (i.e. just encrypt the whole thing into a glob, and download the glob and decrypt it on the client directly into a mbox or maildir that is locally served). adam -- Adam Aviv Ph. D. Candidate Computer and Information Science University of Pennsylvania - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
Teaching Cryptography to 5th graders
I saw this post on Avi Rubin's blog today about his preparation for teaching a class of 5th graders cryptographic principles. http://avi-rubin.blogspot.com/2010/03/teaching-cryptography-to-5th-graders.html It is a nice post, and I thought the list would be interested despite the lack of eliptic curve cryptography in the lesson plan. I am at least excited to hear how it went. -- adam - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com
Fwd: Re: new tech report on easy-to-use IPsec
I think the list may get a kick out of this. The tech-report was actually posted on the list previously, which is where I found it. Link included for completeness. http://mice.cs.columbia.edu/getTechreport.php?techreportID=1433 Original Message Subject: Re: new tech report on easy-to-use IPsec Date: Wed, 28 Jul 2010 21:36:47 -0400 From: Steven Bellovin To: Adam Aviv On Jul 28, 2010, at 9:29 51PM, Adam Aviv wrote: > I couldn't help but notice this nugget of wisdom in your report: > > [quote] > > Public key infrastructures (PKIs) are surrounded by a great > mystique. Organizations are regularly told that they are complex, > require ultra-high security, and perhaps are best outsourced to > competent parties. Setting up a certifcate authority (CA) requires a > "ceremony", a term with a technical meaning [13] but nevertheless > redolent of high priests in robes, acolytes with censers, and > more. This may or may not be true in general; for most IPsec uses, > however, little of this is accurate. (High priests and censers are > defnitely not needed; we are uncertain about the need for acolytes > ...) Peter Gutmann told me privately that he thinks the alternate model involves human sacrifices and perhaps a goat... --Steve Bellovin, http://www.cs.columbia.edu/~smb - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com
