Twitter in Disaster Mode: Security Architecture Theus Hossmann Dominik Schatzmann Franck Legendre Paolo Carta ETH Zurich, ...
[email_address] Source: XKCD (http://xkcd.com/723/)
[email_address] Source: Twitter Blog (http://blog.twitter.com/2011/06/global-pulse.html)
Network Outage in Japan [email_address] Operator # inoperative BS NTT DoCoMo 6720 KDDI 3800 Softbank 3786
Your Smart Phone, the Emergency Kit <ul><li>Temporary GSM network </li></ul><ul><li>Wireless mesh network </li></ul><ul><l...
[email_address] Twimight <ul><li>Simple yet flexible </li></ul><ul><li>Wide spread    (200M users) </li></ul><ul><li>Wide ...
Opportunistic Spreading of Tweets <ul><li>Bluetooth communication </li></ul><ul><ul><li>Periodic Scanning (2min ± 20sec) <...
What about security? <ul><li>Problem: From centralized to distributed operation </li></ul><ul><ul><li>Authenticity & Integ...
The Twimight Disaster Server [email_address]
Step 1: Server-side User Identification <ul><li>Client obtains  OAuth  tokens from Twitter </li></ul><ul><li>Client sends ...
Step 2: Inter-client User Identification <ul><li>Client generates Key Pair (RSA, 2048Bit) </li></ul><ul><li>Client sends P...
Stolen/Lost device <ul><li>Revoke key on TDS </li></ul><ul><ul><li>TDS manages a revocation list (certificate’s serial num...
Additional benefits: Direct Messages <ul><li>Private unicast messages (Direct Messages) </li></ul><ul><li>Adapted to disas...
Summary [email_address]
<ul><li>Public release (Android Market) </li></ul><ul><ul><li>Bug fixes </li></ul></ul><ul><ul><li>Awareness </li></ul></u...
Thank You For Installing & Using Twimight   [email_address] http://code.google.com/p/twimight
Upcoming SlideShare
Loading in...5
×

Twitter in Disaster Mode: Security Architecture

674

Published on

Presented a

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
674
On Slideshare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
10
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • Motivation for Twitter and for Android.
  • Twitter in Disaster Mode: Security Architecture

    1. 1. Twitter in Disaster Mode: Security Architecture Theus Hossmann Dominik Schatzmann Franck Legendre Paolo Carta ETH Zurich, Switzerland Christian Rohner Per Gunningberg Uppsala Universitet, Sweden
    2. 2. [email_address] Source: XKCD (http://xkcd.com/723/)
    3. 3. [email_address] Source: Twitter Blog (http://blog.twitter.com/2011/06/global-pulse.html)
    4. 4. Network Outage in Japan [email_address] Operator # inoperative BS NTT DoCoMo 6720 KDDI 3800 Softbank 3786
    5. 5. Your Smart Phone, the Emergency Kit <ul><li>Temporary GSM network </li></ul><ul><li>Wireless mesh network </li></ul><ul><li>Satellite communication </li></ul><ul><li>Opportunistic Communication </li></ul><ul><ul><li>DTN2 </li></ul></ul><ul><ul><li>Haggle </li></ul></ul><ul><ul><li>PodNet </li></ul></ul>[email_address] ✗ ✓ Goal: Enable disaster victims to tweet instantaneously <ul><li>Deployment, configuration, etc. </li></ul><ul><li>Requires experts </li></ul><ul><li>> 1-2 days </li></ul><ul><li>No expert skills required </li></ul><ul><li>Instantly ready </li></ul>
    6. 6. [email_address] Twimight <ul><li>Simple yet flexible </li></ul><ul><li>Wide spread (200M users) </li></ul><ul><li>Wide spread </li></ul><ul><li>Developer friendly </li></ul><ul><li>Disaster Mode (user enabled with a simple settings check-box) </li></ul><ul><li>✓ Opportunistic Communication </li></ul><ul><li>✓ Security  </li></ul><ul><li>Open source (Google Code) </li></ul>
    7. 7. Opportunistic Spreading of Tweets <ul><li>Bluetooth communication </li></ul><ul><ul><li>Periodic Scanning (2min ± 20sec) </li></ul></ul><ul><li>Power saving heuristic </li></ul><ul><ul><li>Reduced scanning interval at battery levels < 50% </li></ul></ul><ul><ul><li>No more scanning at levels below 30% </li></ul></ul><ul><li>Epidemic spreading (flooding) </li></ul><ul><ul><li>Small data volumes </li></ul></ul><ul><ul><li>FIFO buffer </li></ul></ul><ul><li>Publish tweets once connectivity is restored </li></ul>[email_address]
    8. 8. What about security? <ul><li>Problem: From centralized to distributed operation </li></ul><ul><ul><li>Authenticity & Integrity </li></ul></ul><ul><ul><li>Confidentiality </li></ul></ul><ul><li>Goal: Achieve Twitter-equivalent security in disaster operation </li></ul><ul><ul><li>Sign Tweets and Messages </li></ul></ul><ul><ul><li>Encrypt privat messages </li></ul></ul><ul><li>Our solution: The “Twimight Disaster Server” </li></ul><ul><ul><li>PKI, adapted for temporarily disconnected networks </li></ul></ul>[email_address] Key Idea: Prepare everything before it breaks! ! !
    9. 9. The Twimight Disaster Server [email_address]
    10. 10. Step 1: Server-side User Identification <ul><li>Client obtains OAuth tokens from Twitter </li></ul><ul><li>Client sends tokens (over HTTPS) to TDS </li></ul><ul><li>Server receives Twitter user ID using tokens </li></ul>[email_address] 1. Oauth 2. Send tokens 3. Get user ID
    11. 11. Step 2: Inter-client User Identification <ul><li>Client generates Key Pair (RSA, 2048Bit) </li></ul><ul><li>Client sends Public Key to TDS </li></ul><ul><li>Server sends certificate (signed with TDS key) to client </li></ul><ul><li>Client signs Tweets using its Private Key </li></ul><ul><li>Client attaches certificates to Tweets for verification </li></ul>[email_address] 1. Create keys 2. Send PK 3. Send certificate 4. Signed Tweets
    12. 12. Stolen/Lost device <ul><li>Revoke key on TDS </li></ul><ul><ul><li>TDS manages a revocation list (certificate’s serial number) </li></ul></ul><ul><ul><li>TDS distributes incremental list to devices </li></ul></ul><ul><li>Scalability?? </li></ul><ul><li>Key Idea: Shored-lived certificates (days-weeks) </li></ul><ul><li>Transmit and store only non-outdated records </li></ul>[email_address]
    13. 13. Additional benefits: Direct Messages <ul><li>Private unicast messages (Direct Messages) </li></ul><ul><li>Adapted to disaster opertation: Encrypt Direct Messages </li></ul><ul><li>TDS maintains list of followers </li></ul><ul><li>TDS sends followers’ keys </li></ul><ul><li>Client encrypts message with Public Key (and signs with Private Key) </li></ul>[email_address]
    14. 14. Summary [email_address]
    15. 15. <ul><li>Public release (Android Market) </li></ul><ul><ul><li>Bug fixes </li></ul></ul><ul><ul><li>Awareness </li></ul></ul><ul><li>Scalability! Geo-location to the rescue.. </li></ul><ul><ul><li>Geographically limited flooding </li></ul></ul><ul><ul><li>Smart tweet delivery </li></ul></ul><ul><ul><ul><li>Contact Graph based routing for Direct Messages </li></ul></ul></ul><ul><ul><ul><li>Interest matching for tweets </li></ul></ul></ul><ul><ul><li>Geographically limited key revocation </li></ul></ul><ul><li>New Twitter features (photos, lists, etc.) </li></ul>What’s next? [email_address]
    16. 16. Thank You For Installing & Using Twimight  [email_address] http://code.google.com/p/twimight
    1. A particular slide catching your eye?

      Clipping is a handy way to collect important slides you want to go back to later.

    ×