Defeating Vanish With Low-Cost Sybil Attacks Against Large DHTs

Download Now Date Added: Sep 2009
Format: PDF

Researchers at the University of Washington recently proposed Vanish, a system for creating messages that automatically "Self-destruct" after a period of time. Vanish works by encrypting each message with a random key and storing shares of the key in a large, public Distributed Hash Table (DHT). Normally, DHTs expunge data older than a certain age. After they expire, the key is permanently lost, and the encrypted data is permanently unreadable. Vanish is an interesting approach to an important privacy problem, but, in its current form, it is insecure. In this paper, the authors defeat the deployed Vanish implementation; explain how the original paper's security analysis is flawed, and draw lessons for future system designs.