From announce at lists.nycbug.org Wed Jan 2 09:51:32 2008 From: announce at lists.nycbug.org (NYC*BUG Announcements) Date: Wed, 02 Jan 2008 09:51:32 -0500 Subject: [announce] NYCBUG January Meeting Message-ID: <477BA4F4.5040009@ceetonetechnology.com> Reminder: The regularly scheduled first of the month NYCBUG meeting will be held January 9th, NOT tonight. * * * * * SSARES Suspenders Restaurant, 6:30pm http://www.suspendersbar.com/location.php Please note that we our January meeting will be held January 9th instead of on January 2nd SSARES: Secure Searchable Automated Remote Email Storage - A usable, secure email system on a remote untrusted server secure email system on a remote untrusted server The increasing centralization of networked services places user data at considerable risk. For example, many users store email on remote servers rather than on their local disk. Doing so allows users to gain the benefi?t of regular backups and remote access, but it also places a great deal of unwarranted trust in the server. Since most email is stored in plaintext, a compromise of the server implies the loss of confi?dentiality and integrity of the email stored therein. Although users could employ an end-to-end encryption scheme (e.g., PGP), such measures are not widely adopted, require action on the sender side, only provide partial protection (the email headers remain in the clear), and prevent the users from performing some common operations, such as server-side search. To address this problem, we present Secure Searchable Automated Remote Email Storage (SSARES), a novel system that offers a practical approach to both securing remotely stored email and allowing privacy-preserving search of that email collection. Our solution encrypts email (the headers, body, and attachments) as it arrives on the server using public-key encryption. SSARES uses a combination of Identity Based Encryption and Bloom Filters to create a searchable index. This index reveals little information about search keywords and queries, even against adversaries that compromise the server. SSARES remains largely transparent to both the sender and recipient. However, the system also incurs significant costs, primarily in terms of expanded storage requirements. We view our work as a starting point toward creating privacy-friendly hosted services. Angelos Keromytis is an Associate Professor with the Department of Computer Science at Columbia University, and director of the Network Security Laboratory. He received his B.Sc. in Computer Science from the University of Crete, Greece, and his M.Sc. and Ph.D. from the Computer and Information Science (CIS) Department, University of Pennsylvania. He is the author and co-author of more than 100 papers on refereed conferences and journals, and has served on over 40 conference program committees. He is an associate editor of the ACM Transactions on Information and Systems Security (TISSEC). He recently co-authored a book on using graphics cards for security, and is a co-founder of StackSafe Inc. His current research interests revolve around systems and network security, and cryptography. The paper on this topic is at http://www1.cs.columbia.edu/~angelos/Papers/2007/SSARES_ACSAC.pdf From announce at lists.nycbug.org Sun Jan 6 21:41:11 2008 From: announce at lists.nycbug.org (NYC*BUG Announcements) Date: Sun, 06 Jan 2008 21:41:11 -0500 Subject: [announce] NYC*BUG: Wednesday January 9th Message-ID: <47819147.6060007@ceetonetechnology.com> Angelos Keromytis on SSARES Suspenders Restaurant, 6:30pm http://www.suspendersbar.com/location.php Please note that we our January meeting will be held January 9th instead of on January 2nd SSARES: Secure Searchable Automated Remote Email Storage - A usable, secure email system on a remote untrusted server The increasing centralization of networked services places user data at considerable risk. For example, many users store email on remote servers rather than on their local disk. Doing so allows users to gain the benefi?t of regular backups and remote access, but it also places a great deal of unwarranted trust in the server. Since most email is stored in plaintext, a compromise of the server implies the loss of confi?dentiality and integrity of the email stored therein. Although users could employ an end-to-end encryption scheme (e.g., PGP), such measures are not widely adopted, require action on the sender side, only provide partial protection (the email headers remain in the clear), and prevent the users from performing some common operations, such as server-side search. To address this problem, we present Secure Searchable Automated Remote Email Storage (SSARES), a novel system that offers a practical approach to both securing remotely stored email and allowing privacy-preserving search of that email collection. Our solution encrypts email (the headers, body, and attachments) as it arrives on the server using public-key encryption. SSARES uses a combination of Identity Based Encryption and Bloom Filters to create a searchable index. This index reveals little information about search keywords and queries, even against adversaries that compromise the server. SSARES remains largely transparent to both the sender and recipient. However, the system also incurs significant costs, primarily in terms of expanded storage requirements. We view our work as a starting point toward creating privacy-friendly hosted services. Angelos Keromytis is an Associate Professor with the Department of Computer Science at Columbia University, and director of the Network Security Laboratory. He received his B.Sc. in Computer Science from the University of Crete, Greece, and his M.Sc. and Ph.D. from the Computer and Information Science (CIS) Department, University of Pennsylvania. He is the author and co-author of more than 100 papers on refereed conferences and journals, and has served on over 40 conference program committees. He is an associate editor of the ACM Transactions on Information and Systems Security (TISSEC). He recently co-authored a book on using graphics cards for security, and is a co-founder of StackSafe Inc. His current research interests revolve around systems and network security, and cryptography. The paper on this topic is at http://www1.cs.columbia.edu/~angelos/Papers/2007/SSARES_ACSAC.pdf From announce at lists.nycbug.org Wed Jan 9 10:51:50 2008 From: announce at lists.nycbug.org (NYC*BUG Announcements) Date: Wed, 09 Jan 2008 10:51:50 -0500 Subject: [announce] Change: Tonight's Meeting Location Message-ID: <4784ED96.3040402@ceetonetechnology.com> Tonight's meeting on SSARES with Angelos will be moved to the Pilosoft conference room at 55 Broad Street. January 09, 2008, 6:30 pm SSARES Temporary Location Change We are going to be meeting at Pilosoft at 55 Broad Street directions from Suspenders: Walk south on Broadway toward Bowling Green Make a left onto Exchange Place Make a right onto Broad Street Entrance to 55 Broad Street is just before Starbucks on the left, just north of Beaver Street Tell security you`re going to Pilosoft in the basement (a flier with the map is attached in PDF) SSARES: Secure Searchable Automated Remote Email Storage - A usable, secure email system on a remote untrusted server The increasing centralization of networked services places user data at considerable risk. For example, many users store email on remote servers rather than on their local disk. Doing so allows users to gain the benefi?t of regular backups and remote access, but it also places a great deal of unwarranted trust in the server. Since most email is stored in plaintext, a compromise of the server implies the loss of confi?dentiality and integrity of the email stored therein. Although users could employ an end-to-end encryption scheme (e.g., PGP), such measures are not widely adopted, require action on the sender side, only provide partial protection (the email headers remain in the clear), and prevent the users from performing some common operations, such as server-side search. To address this problem, we present Secure Searchable Automated Remote Email Storage (SSARES), a novel system that offers a practical approach to both securing remotely stored email and allowing privacy-preserving search of that email collection. Our solution encrypts email (the headers, body, and attachments) as it arrives on the server using public-key encryption. SSARES uses a combination of Identity Based Encryption and Bloom Filters to create a searchable index. This index reveals little information about search keywords and queries, even against adversaries that compromise the server. SSARES remains largely transparent to both the sender and recipient. However, the system also incurs significant costs, primarily in terms of expanded storage requirements. We view our work as a starting point toward creating privacy-friendly hosted services. Angelos Keromytis is an Associate Professor with the Department of Computer Science at Columbia University, and director of the Network Security Laboratory. He received his B.Sc. in Computer Science from the University of Crete, Greece, and his M.Sc. and Ph.D. from the Computer and Information Science (CIS) Department, University of Pennsylvania. He is the author and co-author of more than 100 papers on refereed conferences and journals, and has served on over 40 conference program committees. He is an associate editor of the ACM Transactions on Information and Systems Security (TISSEC). He recently co-authored a book on using graphics cards for security, and is a co-founder of StackSafe Inc. His current research interests revolve around systems and network security, and cryptography. The paper on this topic is here. -------------- next part -------------- A non-text attachment was scrubbed... Name: 20070109-nycbug.pdf Type: application/pdf Size: 50888 bytes Desc: not available URL: From announce at lists.nycbug.org Mon Jan 28 15:34:11 2008 From: announce at lists.nycbug.org (NYC*BUG Announcements) Date: Mon, 28 Jan 2008 15:34:11 -0500 Subject: [announce] BSD Certification on the way Message-ID: <479E3C43.4040703@ceetonetechnology.com> The following is an email from Dru Lavigne about the status of the BSD Certification project. As noted recently on the NYCBUG talk list, the date for NYCBSDCon 2008 is October 11 and 12 at Columbia University. Keep an eye out for the call for papers. Also, a quick reminder that the next NYCBUG meeting is an "open meeting " February 6th on OpenSSH. Please let us know if you're interested in contributing your funky usages or hacks for OpenSSH. * * * I'm pleased to announce that the BSDA exam has finished its beta process and the psychometrician is setting the final format. This means the exam is almost "live". For 2008, the exam will be offered at technical conferences across the globe, in English only, and paper-based. This will provide the time needed to finish developing and testing the software based exam delivery system as well as plan for translated versions of the exam. SCALE in Los Angeles, FOSDEM in Brussels, and Linux-Tage in Chemnitz have already confirmed that the BSDA will be made available. We are working with the organizers for LinuxTag in Berlin, BSDCan in Ottawa, and NYCBSDCon in NYC to offer the exam at those conferences. If you're aware of any other conferences in your geographic area where you'd like to take the exam, mention it on the list and we'll try to contact the organizers and arrange for a proctor.