On the Feasibility of a Censorship Resistant Decentralized Name System

Wachs, Matthias; Schanzenbach, Martin; Grothoff, Christian

doi:10.1007/978-3-319-05302-8_2

Cited by 15 publications

(15 citation statements)

References 7 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…An alternative to NameID is re-claimID (Schanzenbach et al, 2018), which uses the decentralized GNU Name System (GNS) (Wachs et al, 2014a;Wachs et al, 2014b). reclaimID allows users to be completely sovereign over their own identities and selectively authorize access to identity attributes using attribute-based encryption (ABE).…”

Section: Integrationmentioning

confidence: 99%

ZKlaims: Privacy-preserving Attribute-based Credentials using Non-interactive Zero-knowledge Techniques

Schanzenbach

Kilian

Schütte

et al. 2019

Proceedings of the 16th International Joint Conference on E-Business and Telecommunications

Self Cite

View full text Add to dashboard Cite

In this paper we present ZKlaims: a system that allows users to present attribute-based credentials in a privacypreserving way. We achieve a zero-knowledge property on the basis of Succinct Non-interactive Arguments of Knowledge (SNARKs). ZKlaims allow users to prove statements on credentials issued by trusted third parties. The credential contents are never revealed to the verifier as part of the proving process. Further, ZKlaims can be presented non-interactively, mitigating the need for interactive proofs between the user and the verifier. This allows ZKlaims to be exchanged via fully decentralized services and storages such as traditional peerto-peer networks based on distributed hash tables (DHTs) or even blockchains. To show this, we include a performance evaluation of ZKlaims and show how it can be integrated in decentralized identity provider services.

show abstract

Section: Integrationmentioning

confidence: 99%

ZKlaims: Privacy-preserving Attribute-based Credentials using Non-interactive Zero-knowledge Techniques

Schanzenbach

Kilian

Schütte

et al. 2019

Proceedings of the 16th International Joint Conference on E-Business and Telecommunications

Self Cite

View full text Add to dashboard Cite

show abstract

“…By manipulating the DNS, a censor can restrict access to sensitive content in an effective and scalable manner. Simply put, DNS queries for blacklisted sites can generate a range of responses [5]: an error, an incorrect IP address or an IP address to a non-existent server.…”

Section: B Domain Name Filteringmentioning

confidence: 99%

FilteredWeb: A framework for the automated search-based discovery of blocked URLs

Darer

Farnan

Wright

2017

2017 Network Traffic Measurement and Analysis Conference (TMA)

View full text Add to dashboard Cite

Abstract-Various methods have been proposed for creating and maintaining lists of potentially filtered URLs to allow for measurement of ongoing internet censorship around the world. Whilst testing a known resource for evidence of filtering can be relatively simple, given appropriate vantage points, discovering previously unknown filtered web resources remains an open challenge.We present a new framework for automating the process of discovering filtered resources through the use of adaptive queries to well-known search engines. Our system applies information retrieval algorithms to isolate characteristic linguistic patterns in known filtered web pages; these are then used as the basis for web search queries. The results of these queries are then checked for evidence of filtering, and newly discovered filtered resources are fed back into the system to detect further filtered content.Our implementation of this framework, applied to China as a case study, shows that this approach is demonstrably effective at detecting significant numbers of previously unknown filtered web pages, making a significant contribution to the ongoing detection of internet filtering as it develops.Our tool is currently deployed and has been used to discover 1355 domains that are poisoned within China as of Feb 2017-30 times more than are contained in the most widely-used public filter list. Of these, 759 are outside of the Alexa Top 1000 domains list, demonstrating the capability of this framework to find more obscure filtered content. Further, our initial analysis of filtered URLs, and the search terms that were used to discover them, gives further insight into the nature of the content currently being blocked in China.

show abstract

“…The GNU Name System [41] and a proposal by Tan and Sherr [40] use a Distributed Hash Table (DHT) maintained by users to mirror all peers' name records and mappings rendezvous points. DHTs, however, do not provide strong privacy protections; extensions that add anonymity to DHTs [3,42] generally rely on strong assumptions such as the absence of Sybil attacks [26] and provide only loose probabilistic guarantees for a single query, and unknown protection against longterm traffic analysis.…”

Section: Related Workmentioning

confidence: 99%

DP5: A Private Presence Service

Borisov

Danezis

Goldberg

2015

Proceedings on Privacy Enhancing Technologies

View full text Add to dashboard Cite

Users of social applications like to be notified when their friends are online. Typically, this is done by a central server keeping track of who is online and offline, as well as of all of the users' "buddy lists", which contain sensitive information. We present DP5, a cryptographic service that implements online presence indication in a privacy-friendly way. DP5 allows clients to register their online presence and query the presence of their list of friends while keeping this list secret. Besides presence, high-integrity status updates are supported, to facilitate key update and rendezvous protocols. While infrastructure services are required for DP5 to operate, they are designed to not require any long-term secrets and provide perfect forward secrecy in case of compromise. We provide security arguments for the indistinguishability properties of the protocol, as well as an evaluation of its scalability and performance.

show abstract

On the Feasibility of a Censorship Resistant Decentralized Name System

Cited by 15 publications

References 7 publications

ZKlaims: Privacy-preserving Attribute-based Credentials using Non-interactive Zero-knowledge Techniques

ZKlaims: Privacy-preserving Attribute-based Credentials using Non-interactive Zero-knowledge Techniques

FilteredWeb: A framework for the automated search-based discovery of blocked URLs

DP5: A Private Presence Service

Contact Info

Product

Resources

About