Slashdot Mirror
Making Data Unvanish
sertsa writes "Earlier this year a group of researchers at the University of Washington came up with a scheme to use peer-to-peer networks to store and, ultimately, to forget the keys for encrypted messages, causing them to 'Vanish.' Now a group from researchers from UT Austin, Princeton, and the University of Michigan has come up with a way to break this approach, by making a single computer appear to be many nodes on the p2p network. 'In our experiments with Unvanish, we have shown that it is possible to make Vanish messages reappear long after they should have disappeared nearly 100 percent of the time...'"
In my opinion Vanish didn't really serve any purpose.
- As we all know (and what MPAA/RIIA hate), once you've got hold of the data you cannot "vanish" it. It's really easy to save a copy of it.
- If you wanted encryption with public/private keys, theres PGP and other solutions to do it.
So the only thing Vanish added was the impossible-to-archieve vanishing of data.
Along with that it distributes your secret content all over the p2p network, where one machine can act as thousands of clients like to article says. I'd rather skip that and send the message directly and tell the other party to delete it, because vanishing doens't work if both parties dont do it.
Any kind of security system that provides a limited lifetime or constrained redistribution rights for messages is, fundamentally, DRM. Therefore, it's subject to the same kinds of attacks that cause DRM to fail. Ultimately, unless you can build a trusted platform module with remote attestation that is tamper proof, there are gaps. This particular attack is, at a more abstract level, really about producing counterfeit trusted nodes. Without a TPM at each node and some way to authenticate independence through a trust hierarchy, there's no way for this to work.