[announce] Change: Tonight's Meeting Location
NYC*BUG Announcements
announce at lists.nycbug.org
Wed Jan 9 10:51:50 EST 2008
Tonight's meeting on SSARES with Angelos will be moved to the Pilosoft
conference room at 55 Broad Street.
January 09, 2008, 6:30 pm
SSARES
Temporary Location Change
We are going to be meeting at Pilosoft at 55 Broad Street
directions from Suspenders:
Walk south on Broadway toward Bowling Green
Make a left onto Exchange Place
Make a right onto Broad Street
Entrance to 55 Broad Street is just before Starbucks on the left, just
north of Beaver Street
Tell security you`re going to Pilosoft in the basement
(a flier with the map is attached in PDF)
SSARES: Secure Searchable Automated Remote Email Storage - A usable,
secure email system on a remote untrusted server
The increasing centralization of networked services places user data at
considerable risk. For example, many users store email on remote servers
rather than on their local disk. Doing so allows users to gain the
benefit of regular backups and remote access, but it also places a
great deal of unwarranted trust in the server. Since most email is
stored in plaintext, a compromise of the server implies the loss of
confidentiality and integrity of the email stored therein. Although
users could employ an end-to-end encryption scheme (e.g., PGP), such
measures are not widely adopted, require action on the sender side, only
provide partial protection (the email headers remain in the clear), and
prevent the users from performing some common operations, such as
server-side search.
To address this problem, we present Secure Searchable Automated Remote
Email Storage (SSARES), a novel system that offers a practical approach
to both securing remotely stored email and allowing privacy-preserving
search of that email collection. Our solution encrypts email (the
headers, body, and attachments) as it arrives on the server using
public-key encryption. SSARES uses a combination of Identity Based
Encryption and Bloom Filters to create a searchable index. This index
reveals little information about search keywords and queries, even
against adversaries that compromise the server. SSARES remains largely
transparent to both the sender and recipient. However, the system also
incurs significant costs, primarily in terms of expanded storage
requirements. We view our work as a starting point toward creating
privacy-friendly hosted services.
Angelos Keromytis is an Associate Professor with the Department of
Computer Science at Columbia University, and director of the Network
Security Laboratory. He received his B.Sc. in Computer Science from the
University of Crete, Greece, and his M.Sc. and Ph.D. from the Computer
and Information Science (CIS) Department, University of Pennsylvania. He
is the author and co-author of more than 100 papers on refereed
conferences and journals, and has served on over 40 conference program
committees. He is an associate editor of the ACM Transactions on
Information and Systems Security (TISSEC). He recently co-authored a
book on using graphics cards for security, and is a co-founder of
StackSafe Inc. His current research interests revolve around systems and
network security, and cryptography.
The paper on this topic is here.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 20070109-nycbug.pdf
Type: application/pdf
Size: 50888 bytes
Desc: not available
URL: <https://lists.nycbug.org:8443/pipermail/announce/attachments/20080109/ba482745/attachment.pdf>
More information about the announce
mailing list