Unvanishing Act

by Rich

Tuesday, September 22, 2009 at 07:07 PM EDT

Back in July, I posted a note about a new approach to ensuring the deletion of sensitive information on the Internet. Researchers at the University of Washington had developed an experimental software package called Vanish, which first encrypted sensitive data, and then stored the encryption keys on a public peer-to-peer [P2P] filesharing network, using a trick that would result in the keys’ effectively disappearing within a predictable time.

Now the New York Times has a report that another group of researchers, from the University of Texas at Austin, Princeton University, and the University of Michigan, has developed a was to defeat the Vanish system, and ensure that the data can be “un-Vanished”. The researchers claim that their technique is highly effective:

“In our experiments with Unvanish, we have shown that it is possible to make Vanish messages ‘reappear’ long after they should have ‘disappeared’ nearly 100 percent of the time,” the researchers wrote on a Web site that describes their experiment.

The Vanish system works, as I noted above, by encrypting a data object [VDO] with a secret encryption key generated by the Vanish system, and then breaks that key into a large number of pieces. The pieces are then stored in a distributed hash table [DHT] on a peer-to-peer file sharing network, Vuze. (A hash table is essentially a data base consisting of {name, value} pairs, like a list of user IDs and real names. A distributed hash table exists in sections on different networked machines.) The implementation of the Vuze DHT requires each node to store copies of data held by its “neighbor” nodes. The stored values are deleted after a defined time interval (usually eight hours) has passed. The Vanish approach relies on this deletion to make the encryption key “disappear” after a time; once the key is lost, the encrypted data is no longer readable.

The approach used in Unvanish is straightforward. It uses a small number of machines to masquerade as a much larger set of machines. By gaining access to the Vuze DHT, Unvanish software is able to read and store any {name,value} pairs that resemble Vanish keys

Unvanish reads the shares comprising a VDO’s encryption key at any time during the window between its creation and expiration. It then stores an archive version of the key outside of the DHT.

As long as the keys are still available, the original data object can be decrypted. As far as I can see, the Unvanish system can only work contemporaneously; that is, it cannot recover the keys for data objects that have already disappeared.

This kind of back-and-forth of claims and counter-claims is normal, and healthy, in the security field especially. It is the mechanism by which good systems are eventually found (if they are). It is more or less a truism that anyone can design a security system that he himself cannot break. But then, he’s not the one we’re worried about.