Existing content aggregators provide fast and efficient access to large volumes of shared data and serve as critical centralized components of many peer-to-peer systems, including content discovery for BitTorrent. These aggregators' operators are tasked to spend significant human resources to manually vet uploaded data to ensure compliance with copyright laws. This task does not scale with today's increasing demand for such services. In this paper, we introduce Blindfold, a scheme to ensure that the operators of content aggregators are completely blind to the content that they are storing and serving, thereby eliminating the possibility to censor content at the servers. It works by partitioning the search and upload operations into a series of dependent key-value operations across servers under different administrative domains, with the connection between servers obfuscated using captchas. We have implemented a prototype of Blindfold to show that it is a simple, feasible, and efficient system for serving content that is opaque to the storage servers.
[1]
John Langford,et al.
CAPTCHA: Using Hard AI Problems for Security
,
2003,
EUROCRYPT.
[2]
Tal Malkin,et al.
Secure anonymous database search
,
2009,
CCSW '09.
[3]
Dawn Xiaodong Song,et al.
Practical techniques for searches on encrypted data
,
2000,
Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.
[4]
Hugo Krawczyk,et al.
Keying Hash Functions for Message Authentication
,
1996,
CRYPTO.
[5]
Peter Williams,et al.
Building castles out of mud: practical access pattern privacy and correctness on untrusted storage
,
2008,
CCS.
[6]
Michael K. Reiter,et al.
Protecting Privacy in Key-Value Search Systems
,
2006,
2006 22nd Annual Computer Security Applications Conference (ACSAC'06).
[7]
Mihir Bellare,et al.
Deterministic and Efficiently Searchable Encryption
,
2007,
CRYPTO.
[8]
Ian Clarke,et al.
Protecting Free Expression Online with Freenet
,
2002,
IEEE Internet Comput..