[announce] NYC*BUG: Wednesday January 9th

NYC*BUG Announcements announce at lists.nycbug.org
Sun Jan 6 21:41:11 EST 2008

Angelos Keromytis on SSARES

Suspenders Restaurant, 6:30pm


Please note that we our January meeting will be held January 9th instead 
of on January 2nd

SSARES: Secure Searchable Automated Remote Email Storage - A usable, 
secure email system on a remote untrusted server

The increasing centralization of networked services places user data at 
considerable risk. For example, many users store email on remote servers 
rather than on their local disk. Doing so allows users to gain the 
benefit of regular backups and remote access, but it also places a 
great deal of unwarranted trust in the server. Since most email is 
stored in plaintext, a compromise of the server implies the loss of 
confidentiality and integrity of the email stored therein. Although 
users could employ an end-to-end encryption scheme (e.g., PGP), such 
measures are not widely adopted, require action on the sender side, only 
provide partial protection (the email headers remain in the clear), and 
prevent the users from performing some common operations, such as 
server-side search.

To address this problem, we present Secure Searchable Automated Remote 
Email Storage (SSARES), a novel system that offers a practical approach 
to both securing remotely stored email and allowing privacy-preserving 
search of that email collection. Our solution encrypts email (the 
headers, body, and attachments) as it arrives on the server using 
public-key encryption. SSARES uses a combination of Identity Based 
Encryption and Bloom Filters to create a searchable index. This index 
reveals little information about search keywords and queries, even 
against adversaries that compromise the server. SSARES remains largely 
transparent to both the sender and recipient. However, the system also 
incurs significant costs, primarily in terms of expanded storage 
requirements. We view our work as a starting point toward creating 
privacy-friendly hosted services.

Angelos Keromytis is an Associate Professor with the Department of 
Computer Science at Columbia University, and director of the Network 
Security Laboratory. He received his B.Sc. in Computer Science from the 
University of Crete, Greece, and his M.Sc. and Ph.D. from the Computer 
and Information Science (CIS) Department, University of Pennsylvania. He 
is the author and co-author of more than 100 papers on refereed 
conferences and journals, and has served on over 40 conference program 
committees. He is an associate editor of the ACM Transactions on 
Information and Systems Security (TISSEC). He recently co-authored a 
book on using graphics cards for security, and is a co-founder of 
StackSafe Inc. His current research interests revolve around systems and 
network security, and cryptography.

The paper on this topic is at 

More information about the announce mailing list