docSecure content distribution using untrusted servers Kevin Fu
download 
Report Transcription
Secure content distribution using untrusted servers Kevin Fu
Secure content distribution using untrusted servers Kevin Fu MIT Computer Science and Artificial Intelligence Lab in collaboration with M. Frans Kaashoek (MIT), Mahesh Kallahalla (DoCoMo Labs), Seny Kamara (JHU), Yoshi Kohno (UCSD), David Mazières (NYU), Raj Rajagopalan (HP Labs), Ron Rivest (MIT), Ram Swaminathan (HP Labs) For Peter Szolovits January-April 2005 slide #1 How do we distribute content? For Peter Szolovits January-April 2005 slide #2 We pay services For Peter Szolovits January-April 2005 slide #3 We coerce friends For Peter Szolovits January-April 2005 slide #4 We coerce friends For Peter Szolovits January-April 2005 slide #4 We enlist volunteers For Peter Szolovits January-April 2005 slide #5 Fast content distribution, so what’s left? • • Clients want ◦ Authenticated content ◦ Example: software updates, virus scanners Publishers want ◦ Access control ◦ Example: online newspapers But what if • Servers are untrusted • Malicious parties control the network For Peter Szolovits January-April 2005 slide #6 Taxonomy of content Content Many-writer General purpose file systems Single-writer Many-reader Single-reader Content distribution Personal storage Public For Peter Szolovits Private January-April 2005 slide #7 Framework • Publishers ➜ • Clients ➜ • Untrusted servers ➜ File system ➜ • For Peter Szolovits write content, manage keys read/verify content, trust publisher replicate content protects data and metadata January-April 2005 slide #8 Contributions • • Authenticated content distribution ◦ Self-certifying File System Read-Only ◦ Public content distributed by untrusted servers ➜ • SFSRO Decentralized access control ◦ Private content distributed by untrusted servers ◦ Efficient client eviction ◦ Efficient key distribution Implementation and performance measurements For Peter Szolovits January-April 2005 slide #9 Contributions • ◦ Self-certifying File System Read-Only ◦ Public content distributed by untrusted servers SFSRO ➜ • Authenticated content distribution ➜ • Decentralized access control Chefs ◦ Private content distributed by untrusted servers ◦ Efficient client eviction ◦ Efficient key distribution Implementation and performance measurements For Peter Szolovits January-April 2005 slide #9 Contributions Self-certifying File System Read-Only ◦ Public content distributed by untrusted servers Decentralized access control Chefs ◦ Private content distributed by untrusted servers ◦ Efficient client eviction ➜ ◦ Efficient key distribution ➜ • ◦ SFSRO ➜ • Authenticated content distribution ➜ • Lazy revocation Key regression Implementation and performance measurements For Peter Szolovits January-April 2005 slide #9 Contributions Self-certifying File System Read-Only ◦ Public content distributed by untrusted servers Decentralized access control Chefs ◦ Private content distributed by untrusted servers ◦ Efficient client eviction ➜ ◦ Efficient key distribution ➜ Lazy revocation Key regression Implementation and performance measurements For Peter Szolovits January-April 2005 ➜ • ◦ SFSRO ➜ • Authenticated content distribution ➜ • It works too! slide #9 SFSRO For Peter Szolovits January-April 2005 slide #10 SFSRO challenges How can we authenticate content and also • Provide incremental updates? • Authenticate partial downloads? • Scale servers to many clients? For Peter Szolovits January-April 2005 slide #11 Signed software packages: part of your complete breakfast For Peter Szolovits January-April 2005 slide #12 Signed software packages: part of your complete breakfast For Peter Szolovits January-April 2005 slide #12 Signed software packages: part of your complete breakfast • Authenticated For Peter Szolovits January-April 2005 slide #12 Signed software packages: part of your complete breakfast • Authenticated • No revocation ✘ • No incremental updates ✘ • No integrity of file collections ✘ For Peter Szolovits January-April 2005 slide #12 Is your collection of software authentic? 3dchess 3ddesktop 3dwm-clock 3dwm-csgclient 3dwm-geoclient 3dwm-pickclient 3dwm-server 3dwm-texclient 3dwm-vncclient 44bsd-rdist 6tunnel 9menu 9wm a2ps a2ps-perl-ja aa3d aalib-bin aalib1 aalib1-dev aap aap-doc aatv abc2ps abcde abcm2ps abcmidi abcmidi-yaps abicheck abntex abook aboot-base aboot-cross acct ace-of-penguins acfax acheck acheck-rules acheck-rules-fr achilles acidlab acidlab-doc acidlab-mysql acidlab-pgsql acidwarp ack aclock.app acm acm4 aconnectgui acorn-fdisk acovea acovea-results acpi acpid acs ada-mode ada-reference-manual adabrowse adacgi addresses-goodies-for-gnustep addresses.framework addressmanager.app addressview.framework adduser-ng adduser-ng-doc adduser-ng-doc-devel adduser-plugin-bkdinit adduser-plugin-cvsaccess adduser-plugin-eximconf adduser-plugin-eximconf4 adduser-plugin-notifyjabber adduser-plugin-quota adduser-ui-cdk adjtimex admesh adonthell adonthell-data adtool advi adzapper aee aegis aegis-doc aegis-tk aegis-virus-scanner aegis-web aegis3 aegis3-doc aegis3-tk aegis3-web aeromail aewm aewm++ aewm++-goodies af afbackup afbackup-client afbackup-common affiche affix affix-common affix-headers affix-source afio aft agenda.app aget aggregate agistudio agsync agsync-dev aiksaurus aime aime-doc aircrack airsnort airstrike airstrike-common aish akregator akregator-i18n akregator-konq-plugin akregator-kontact-plugin aladin alamin-client alamin-doc alamin-mysql alamin-server alamin-smpp albert alcovebook-sgml alcovebook-sgml-doc ale aleph aleph-dev aleph-doc aleph-emacs alevt alevtd alex alexandria alicq alien allegro-demo allegro-demo-data allegro-examples alleyoop alsa-modules-2.4-386 alsa-modules-2.4-586tsc alsa-modules-2.4-686 alsa-modules-2.4-686-smp alsa-modules-2.4-k6 alsa-modules-2.4-k7 alsa-modules-2.4-k7-smp alsa-modules-2.4.27-2-386 alsa-modules-2.4.27-2-586tsc alsa-modules-2.4.27-2-686 alsa-modules-2.4.27-2-686-smp alsa-modules-2.4.27-2-k6 alsa-modules-2.4.27-2-k7 alsa-modules-2.4.27-2-k7-smp alsa-oss alsamixergui altgcc am-utils am-utils-doc amanda-client amanda-common amanda-server amap amaterus amavis-stats amavisd-new amavisd-new-milter amaya amd amd64-libs amd64-libs-dev ami amiga-fdisk-cross amor amphetamine amphetamine-data ample amrita ams amsn amsynth an anacron analog anarchism and angband-doc animal-dev animal0 animals animals-game anjuta anjuta-common annodex-tools annoyance-filter annoyance-filter-doc ant-phone anteater anthy anthy-el antiword ao40tlmview aolserver aolserver-dev aolserver-doc aolserver-nscache aolserver-nsencrypt aolserver-nsopenssl aolserver-nspostgres aolserver-nssha1 aolserver-nsvhr ap-utils apachetop apcalc apcalc-common apcalc-dev apcd apel apg aplus-fsf aplus-fsf-dev aplus-fsf-doc aplus-fsf-el apmd apollon apoo appunti-informatica-libera aprsd aprsdigi apt-build apt-dpkg-ref apt-file apt-howto apt-howto-ca apt-howto-common apt-howto-de apt-howto-el apt-howto-en apt-howto-es apt-howto-fr apt-howto-it apt-howto-ja apt-howto-ko apt-howto-pl apt-howto-pt-br apt-howto-ru apt-howto-tr apt-listbugs apt-listchanges apt-move apt-rdepends apt-show-source apt-show-versions apt-spy apt-src apt-watch apt-zip aptconf aptitude aptitude-doc-cs aptitude-doc-en apwal aqmoney aqsis aqsis-libs aqsis-libs-dev arabtex aranym arc arch-buildpackage archivemail archway archzoom argus-client argus-server aria aribas arj ark arkhart arkrpg arla arla-dev arla-modules-source armagetron armagetron-common armagetron-server arpack++ arpd arping arptables arpwatch artist arts artwiz-cursor asc-music ascd ascdc ascii asciijump asclassic asclock asclock-themes ascpu asd4 asd4-clients ash asis-programs asiya24-vfont asmail asmem asmix asmixer asmon asmounter asn1-mode asp aspell-bn aspell-sl aspell-tl asr-manpages asterisk-chan-capi asterisk-prompt-de asterisk-prompt-fr astyle aswiki at at-spi at-spi-doc atanks atanks-data atari-fdisk-cross aterm aterm-ml atfs atfs-dev atftp atftpd athena-jot atitvout atlantik atlantik-dev atlas-doc atlas-test atlas2-3dnow atlas2-3dnow-dev atlas2-base atlas2-base-dev atlas2-headers atlas2-sse atlas2-sse-dev atlas2-sse2 atlas2-sse2-dev atlas3-3dnow atlas3-3dnow-dev atlas3-base atlas3-base-dev atlas3-doc atlas3-headers atlas3-sse atlas3-sse-dev atlas3-sse2 atlas3-sse2-dev atlas3-test atlc atlc-examples atm-dev atm-tools atom4 atool atop atp atris atsar aub auctex audacity audiolink audiooss august aumix aumix-gtk authbind auto-apt autobook autoclass autoconf autoconf-archive autoconf2.13 autodia autodns-dhcp autogen autoinstall autoinstall-common-source autoinstall-hppa autoinstall-i386 autolog automake1.4 automake1.6 automake1.7 automake1.8 autopilot autoproject autopsy autossh autotools-dev autotrace ava aview avr-libc avra avrp avrprog away awesfx awstats ax25-apps ax25-tools ax25-xtools ax25spyd axel axel-kapt axiom axiom-databases axiom-doc axiom-source axiom-test axiom-tex axkit axkit-examples axkit-language-htmldoc axkit-language-query axkit-xsp-webutils axp axyl axyl-doc axyl-lucene ayttm ayuda babygimp backup2l backupninja baken balsa bamboo bandersnatch bandersnatch-frontend barcode barrage base-files base-passwd bash3 bash3-doc basket bastet bastille battery-stats battfink battleball baycomepp baycomusb bb bbappconf bbdate bbdb bbkeys bblaunch bbmail bbpager bbpal bbppp bbsload bbtime bcc bchunk bclock bcm4400-source bcrypt bdfresize beancounter beast beav beaver beep beep-media-player beep-media-player-dev beepcore-c-dev beepcore-c0 beneath-a-steel-sky bf-utf-source bfbtester bfr bg5cc bg5ps bglibs-dev bglibs-doc bhl biabam bibclean bibcursed bibindex bible-kjv bible-kjv-text bibletime bibletime-i18n bibtex2html bibtool bibtool-dev bibview bicyclerepair bidentd bidiv biew biff big-cursor billard-gl billard-gl-data bin86 bincimap bincimap-run binclock bind9 bind9-doc bind9-host bindgraph binfmt-support bing binkd binstats binutils binutils-avr binutils-dev binutils-doc binutils-h8300-hms binutils-m68hc1x binutils-multiarch biomode bioperl bird birthday bison bison++ bison-1.35 bitchx bitchx-dev bitchx-gtk bitchx-ssl bitcollider bitcollider-plugins bitlbee bitmap-mule bitscope bittorrent bittorrent-gui bjam bk2site bl black-box blackbook blackbox blackbox-themes blacs-lam-dev blacs-lam-test blacs-mpich-dev blacs-mpich-test blacs-pvm-dev blacs-pvm-test blacs-test-common blacs1-lam blacs1-mpich blacs1-pvm blas blas-dev blas-doc blas-test blast blast2 bld bld-postfix bld-tools blender-ogrexml blinkd blitz++ blogtk bloksi blop blosxom blt blt-demo blt-dev bluefish bluez-hcidump bluez-pin bmconf bmv bnetd bnfc bnlib1 bnlib1-dev boa boa-constructor bobot++ bochs bochs-doc bochs-sdl bochs-svga bochs-term bochs-wx bochs-x bochsbios bock bogl-bterm bogofilter bogosort bombardier bomberclone bomberclone-data bombermaze bonnie++ bonobo bonobo-activation bonobo-conf bonsai bookmark-merge bookmarks bookview bool bootcd bootcd-hppa bootcd-i386 bootcd-ia64 bootcd-mkinitrd bootp bootparamd bootpc bopm bos bottlerocket boust boxes boxshade bozohttpd bpalogin bplay br2684ctl brag brahms brickos brickos-doc bridge-utils brightside bristol brltty brutefir bsdmainutils bsfilter bsign bsmtpd btyacc bubblefishymon bubblemon buffer buffy bug bug-buddy bugsquish bugsx bugzilla bugzilla-doc buici-clock build-essential buildtool buildtool-doc burgerspace burn busybox busybox-cvs busybox-cvs-static busybox-static buthead bvi bwbar bwbasic bwidget bwm bximage byacc bzflag bzflag-server c-cpp-reference c-sig c2050 c2hs c2html c2man c2n ca-certificates cabber cabextract caca-utils cadaver cadubi calamaris calc calcoo calctool calife cam camas came camediaplay cameleon cameleon-doc camera.app camlidl camlidl-doc camlp4-doc camorama camserv camserv-relay camstream camstream-doc canna canna-shion canna-utils cantus cantus3 capisuite cappuccino caps carpaltunnel caspar caspar-doc castle-combat castle-combat-data casu catalog catdoc catdvi caudium caudium-dev caudium-modules caudium-perl caudium-pixsl caudium-ultralog cbmconvert cbmlink cbmlink-cbmc2n cbmlink-cbmprg cbmlink-cbmutils cbrowser ccache ccal cccc cccd ccmalloc ccrypt ccze cd-circleprint cd-discid cdargs cdbackup cdcat cdcd cdcontrol cdcover cdd-common cdd-dev cdd-doc cdda2wav cddb cddb.bundle cdebconf cdebootstrap cdecl cdfs-src cdlabelgen cdparanoia cdrdao cdrecord cdrtoaster cdrtools-doc cdrw-taper cdtool cdw cdw-common cecilia cedet-common cedet-contrib celestia celestia-common celestia-glut celestia-gnome cenon-doc cenon.app cernlib cernlib-base cernlib-core cernlib-core-dev cernlib-extras cernlib-montecarlo cfdisk-utf8 cfe cfengine cfengine-doc cfengine2 cfengine2-doc cfgstoragemaker cfi-en cfi-sv cfingerd cflow cfortran cfs cftp cfv cgdb cgiemail cgiirc cgilib cgiwrap cgoban cgvg chaksem chameleon chan-capi changetrack charmap.app chase chasen chasen-cannadic chasen-dictutils chbg chdrvfont checkbot checkinstall checkmp3 checkpw checksecurity checkservice cheesetracker cheetah-common chemeq chemtool cheops cherrypy cherrypy-doc cherrypy-examples chiark-backup chiark-really chiark-rwbuffer chiark-scripts chiark-utils-bin chicken chicken-dev chill chill-2.95 chimera2 chinput chipcard-tools chipmunk-log chipmunk-log-doc chkrootkit chktex chmlib chmlib-bin chmlib-dev chos chpax chromium chromium-data chrony chrootuid chrpath cimg-dev cinepaint cinepaint-data cipe-common cipe-source circ-tex cjet cjk-latex cksfv cl-aima cl-ansi-tests cl-asdf cl-awk cl-base64 cl-binary-types cl-blowfish cl-cclan cl-cil cl-clue cl-clx-sbcl cl-csv cl-defsystem3 cl-environment cl-f2cl cl-ftp cl-gd cl-getopt cl-grt cl-html-template cl-hyperobject cl-inflate cl-integrate cl-interpol cl-irc cl-irc-logger cl-iterate cl-jpeg cl-lexer cl-lml cl-lml2 cl-mcclim cl-mcclim-doc cl-mcclim-examples cl-md5 cl-memoization cl-menusystem cl-meta cl-metering cl-modlisp cl-net-telent-date cl-odcl cl-paip cl-parse-number cl-pdf cl-pg cl-pipes cl-plus cl-png cl-postoffice cl-ppcre cl-ptester cl-pubmed cl-puri cl-quick-arrays cl-readline cl-regex cl-reversi cl-rlc cl-rsm-bitcomp cl-rsm-bool-comp cl-rsm-cache cl-rsm-delayed cl-rsm-filter cl-rsm-finance cl-rsm-fuzzy cl-rsm-gen-prog cl-rsm-genetic-alg cl-rsm-memo cl-rsm-mod cl-rsm-modal cl-rsm-mpoly cl-rsm-queue cl-rsm-rand cl-rsm-random cl-rsm-rsa cl-rsm-string cl-rss cl-rt cl-screamer cl-scribble cl-sdl cl-sdl-demos cl-sdl-img cl-sdl-mix cl-sdl-opengl cl-sdl-ttf cl-series cl-speech-dispatcher cl-split-sequence cl-sql cl-sql-aodbc cl-sql-mysql cl-sql-odbc cl-sql-postgresql cl-sql-postgresql-socket cl-sql-sqlite cl-sql-tests cl-sql-uffi cl-ssl cl-statistics cl-syslog cl-tclink cl-ubf cl-unit cl-units cl-who cl-xlunit cl-xmls cl-xptest clamav-data clamav-getfiles clanbomber clanbomber-data clanlib-doc clanlib-examples clara classpath-tools clc-intercal cle clearsilver-dev clif clig clipbook.app clips clips-common cloop-src cloop-utils clue clusterssh cmail cmail-icons cmake cmatrix cmatrix-xfont cmix cmml-tools cmt cmucl cmucl-clm cmucl-clx cmucl-defsystem cmucl-docs cmucl-graystream cmucl-hemlock cmucl-normal cmucl-safe cmucl-small cmucl-source cnews code2html codebreaker codegroup cogre coldsync colordiff colorize colormake colrconv comedi-source common-lisp-controller compartment compface compilercache config-manager configlet-frontends connect.app conquest conquest-data conquest-gl conquest-libs conquest-server cons console-cyrillic console-data console-log console-terminus console-tools console-tools-dev contact-lookup-applet contest convmv cook cook-doc cook-rsh cookietool coolmail coq coq-libs coq7-libs coqide coreutils corewars coriander corkscrew countrycodes courier-filter-perl couriergraph cowsay cpad-kernel-dev cpad-kernel-source cpanel cpbk cpio cpipe cplay cpmtools cpp cpp-2.95 cpp-2.95-doc cpp-3.2 cpp-3.2-doc cpp-3.3 cpp-3.3-doc cpp-doc cpphs cppunit cpqarrayd cproto cpu cpuburn cpudyn cpufreqd cpuid crack crack-attack crack-common crack-md5 cracklib-runtime cracklib2 cracklib2-dev craft crafted cramfsprogs crank crashmail crashme crawl cream createdisk creox cricket crimson crip crm114 cron-apt cronolog cronosii crossfire-client crossfire-client-gtk crossfire-client-images crossfire-client-sounds crossfire-client-x11 crossfire-doc crossfire-edit crossfire-maps crossfire-server crosshurd cruft crypt++el cryptcat cryptplug cryptplug-dev cryptsetup crywrap cscope cscvs csh csmash-demosong csound csound-doc css-mode cssc cstocs cstream cthumb ctie ctklight ctn ctn-dev ctn-doc ctrlproxy ctsim ctsim-athlon ctsim-doc ctsim-help ctsim-pentium4 cttex ctwm cu cup cups-pdf cupsomatic-ppd cupsys-driver-gimpprint cupsys-driver-gimpprint-data cupsys-pt curl curves cutils cutter cuyo cvm cvm-dev cvm-mysql cvm-pgsql cvs-autoreleasedeb cvs-buildpackage cvs-mailcommit cvs-syncmail cvs2cl cvs2html cvsbook cvsbook-ja cvsd cvsdelta cvsgraph cvsps cvstrac cvsutils cvsweb cw cwcdr cwcp cwdaemon cweb cweb-latex cwebx cwirc cyclades-serial-client cyphesis-cpp cyphesis-cpp-clients cyphesis-cpp-mason cyrus-admin cyrus-common cyrus-dev cyrus-imapd cyrus-news-spool cyrus-pop3d cyrus21-admin cyrus21-clients cyrus21-common cyrus21-dev cyrus21-doc cyrus21-imapd cyrus21-murder cyrus21-pop3d d-shlibs d4x daapd dacode dacode-doc dact dadadodo daemon dag2html dailystrips dancer-ircd dancer-ircd-doc dancer-services dansguardian dante-client dante-server dar dar-static darcs-load-dirs darkice darkstat dart-client dart-server dash dasher datefudge dazuko-source db2-doc db2latex-xsl db2latex-xsl-doc db3-doc db4.1-doc db4.1-util db4.2-doc db4.2-util dbbalancer dbench dbengine dbf2mysql dbishell dbmix dbs dbskkd-cdb dbview dcc-client dcc-common dcc-milter dcc-server dcd dcgui dchroot dclock dcmtk dcmtk-doc dcmtk-www dcoprss dcraw dctc ddclient ddd ddd-doc ddns3-client ddrescue ddrmat-source dds2tar ddskk ddtc debarchiver debaux debaux-debconf debbugs debbugs-el debfoster debian-builder debian-cd debian-edu-config debian-edu-install debian-el debian-goodies debian-history debian-history-ko debian-keyring debian-policy debian-reference debian-reference-common debian-reference-de debian-reference-en debian-reference-es debian-reference-fr debian-reference-it debian-reference-ja debian-reference-pl debian-reference-pt-br debian-reference-zh-cn debian-reference-zh-tw debian-zh-faq-s debian-zh-faq-t debiandoc-sgml-doc debiandoc-sgml-doc-pt-br debiandoc2dbxml debmake debmirror debnest debootstrap deborphan debpartial debrecipes-es debroster debsig-verify debsigs debsums debtags debtags-edit debview decafc deco decompyle dedit defendguin defendguin-data defoma defoma-doc defrag dejagnu deliver delo denemo dep.pl deroff desklaunch deskmenu desktop-base desktop-file-utils detachtty devel-protocols develock-el developers-reference developers-reference-fr devhelp devhelp-book-autotools devhelp-book-binutils devhelp-book-cvs devhelp-book-emacs devhelp-book-gdb devhelp-book-glibc devhelp-book-gtk2 devhelp-book-make devhelp-book-sdl devhelp-books devhelp-common device3dfx-source devilspie devscripts devscripts-el devtodo dfm dfontmgr dfsbuild dgipip dgpsip dh-buildinfo dh-kpatches dh-make dh-make-perl dhcp dhcp-client dhcp-dns dhcp-relay dhcp3-client dhcp3-common dhcp3-dev dhcp3-relay dhcp3-server dhcpcd dhcpdump dhcping dhelp dhid dhis-client dhis-dns-engine dhis-mx-sendmail-engine dhis-server dhis-tools-dns dhis-tools-genkeys di di-packages-build dia2code diald dialog diasce diasce2 diatheke dict dict-bouvier dict-de-en dict-devil dict-easton dict-elements dict-foldoc dict-freedict dict-freedict-afr-deu dict-freedict-cze-eng dict-freedict-dan-eng dict-freedict-deu-eng dict-freedict-deu-fra dict-freedict-deu-ita dict-freedict-deu-nld dict-freedict-deu-por dict-freedict-eng-deu dict-freedict-eng-fra dict-freedict-eng-hun dict-freedict-eng-iri dict-freedict-eng-ita dict-freedict-eng-lat dict-freedict-eng-nld dict-freedict-eng-por dict-freedict-eng-rus dict-freedict-eng-spa dict-freedict-eng-swe dict-freedict-eng-wel dict-freedict-fra-deu dict-freedict-fra-eng dict-freedict-fra-nld dict-freedict-hun-eng dict-freedict-iri-eng dict-freedict-ita-deu dict-freedict-jpn-deu dict-freedict-lat-deu dict-freedict-lat-eng dict-freedict-nld-deu dict-freedict-nld-eng dict-freedict-nld-fra dict-freedict-por-deu dict-freedict-por-eng dict-freedict-sco-deu dict-freedict-scr-eng dict-freedict-slo-eng dict-freedict-spa-eng dict-freedict-swa-eng dict-freedict-swe-eng dict-freedict-tur-deu dict-freedict-tur-eng dict-gazetteer dict-gazetteer2k dict-gazetteer2k-counties dict-gazetteer2k-places dict-gazetteer2k-zips dict-gcide dict-hitchcock dict-jargon dict-moby-thesaurus dict-vera dict-web1913 dict-wn dictd dictem dictfmt diction dictionary-el dictzip dietlibc dietlibc-dev dietlibc-doc diff-doc diffmon diffstat digikam digikamimageplugins digitaldj digitemp dillo dime ding diploma dircproxy dirdiff directoryassistant directvnc dirmngr dirvish disc-cover discover1 discover1-data discus diskless diskless-image-secure diskless-image-simple disktype display-dhammapada displaycalibrator.app dist distcc distccmon-gnome distmp3 diveintopython divxcomp djbdoc2man djtools djview djvulibre-bin djvulibre-plugin djvuserve dlint dlocate dlume dmake dnet-common dnet-progs dnotify dns-browse dnscvsutil dnsdoctor dnsdoctor-cgi dnsmasq dnstop dnstracer dnsutils dnswalk doc++ doc-base doc-central doc-debian doc-debian-es doc-debian-fr doc-debian-ja doc-debian-ko doc-es-misc doc-iana doc-linux-de doc-linux-es doc-linux-fr-html doc-linux-fr-text doc-linux-hr doc-linux-html-ko doc-linux-html-pt doc-linux-it doc-linux-it-text doc-linux-ja-html doc-linux-ja-text doc-linux-nl-html doc-linux-nl-text doc-linux-pl doc-linux-pl-html doc-linux-sv-html doc-linux-sv-text doc-linux-text-ko doc-linux-text-pt docbook docbook-defguide docbook-doc docbook-dsssl docbook-dsssl-doc docbook-ebnf docbook-html-forms docbook-jrefentry docbook-mathml docbook-simple docbook-slides docbook-slides-demo docbook-to-man docbook-utils docbook-website docbook-xml docbook-xsl docbook-xsl-stylesheets-ko docbook2x docdiff docker doclifter dog dome domesday donkey dopewars dosbox doscan doschk dosfstools dossizola dossizola-data doxygen doxygen-doc doxygen-gui doxymacs dpatch dpkg dpkg-awk dpkg-cross dpkg-dev dpkg-dev-el dpkg-doc dpkg-ftp dpkg-iasearch dpkg-multicd dpkg-repack dpkg-ruby dpkg-sig dpkg-www dpsyco dpsyco-base dpsyco-cfengine dpsyco-devel dpsyco-lib dpsyco-mysql dpsyco-patch dpsyco-samba dpsyco-skel dpsyco-ssh dpsyco-sudo dput drac drac-dev drawmap drgeo drgeo-doc driftnet dropbear drscheme drsync drupal dselect dsh dsniff dstat dtach dtaus dtmfdial duali duali-data dump dumpasn1 duplicity dupload durep dvb-dev dvb-driver-source dvb-utils dvbackup dvbstream dvbtune dvd+rw-tools dvdauthor dvdbackup dvdtape dvgrab dvhtool dvi2dvi dvi2ps-fontdata-a2n dvi2ps-fontdata-ja dvi2ps-fontdata-n2a dvi2ps-fontdata-ptexfake dvi2ps-fontdata-rsp dvi2ps-fontdata-tbank dvi2ps-fontdata-three dvi2ps-fontdesc-morisawa5 dvi2tty dvidvi dvifb dvilib2 dvilib2-dev dvilx dvipdfm-cjk dvipdfmx dvipng dvips-fontdata-n2bk dvipsk-ja dvisvga dviutils dvorak7min dwww dx dx-dev dx-doc dxpc dxsamples dynafont dynamite dzedit e16keyedit e16menuedit e2ps e2tools e2undel e3 eagle-usb-data eagle-usb-modules-source eagle-usb-utils ean13 easydiff.app easyfw eb-doc eb-utils eblook eboard eboard-extras-pack1 ebtables ebview ecamegapedal ecasound ecasound-el ecasound2.2 ecb echolot echoping eciadsl ecos ecos-doc ecosconfig ed edb edbrowse ede edenmath.app edict edict-el edict-fpw education-astronomy education-chemistry education-common education-desktop-gnome education-desktop-kde education-desktop-other education-electronics education-geography education-graphics education-language education-laptop education-logic-games education-main-server education-mathematics education-misc education-music education-networked education-physics education-services education-standalone education-standalone-extras education-tasks education-thin-client-server education-workstation ee eep24c efax effectv efingerd eflite efp eggdrop eggdrop-data egnome egoboo egoboo-data egroupware egroupware-addressbook egroupware-bookmarks egroupware-calendar egroupware-comic egroupware-core egroupware-developer-tools egroupware-email egroupware-emailadmin egroupware-etemplate egroupware-felamimail egroupware-filemanager egroupware-forum egroupware-ftp egroupware-fudforum egroupware-headlines egroupware-infolog egroupware-jinn egroupware-ldap egroupware-manual egroupware-messenger egroupware-news-admin egroupware-phpbrain egroupware-phpldapadmin egroupware-phpsysinfo egroupware-polls egroupware-projects egroupware-registration egroupware-sitemgr egroupware-skel egroupware-stocks egroupware-tts egroupware-wiki egtk eieio ekg eldav electric electric-fence electricsheep elfsh elfsign eli eli-doc eli-xtools elib elisp-manual elisp-manual-ja elk elkdoc elks-libc elmo elog elpoint elscreen elserv elvis elvis-common elvis-console elvis-tiny elvis-tools elza emacs-chess emacs-chess-pieces emacs-goodies-el emacs-goodies-extra-el emacs-intl-fonts emacs-lisp-intro emacs-lisp-intro-ja emacs-manual-ja emacsen-common email-reminder emcast emelfm emifreq-applet emil emms empire empire-hub empire-lafe emuga emwin enamdict encore enemies-of-carlotta enigma enigma-data enlightenment enlightenment-data enlightenment-theme-bluesteel enlightenment-theme-brushedmetal enlightenment-theme-ganymede enlightenment-theme-shinymetal ent entity entity-c entity-doc entity-gl entity-javascript entity-python entity-tcl eog eperl epic4 epic4-help epic4-script-hienoa epic4-script-lice epic4-script-light epic4-script-thirdeye epiphany epiphany-extensions epm epos epos-ktd epos-lpc epos-ptd epplets epstool epwutil epydoc-doc eql equivs erc erlang-doc-html erlang-manpages eruby es escm escputil esh eskuel esmtp esmtp-run esound esound-clients esound-common ess estic esvn esvn-doc etalk eterm eterm-themes etherboot etherboot-doc ethereal ethereal-common ethereal-dev etherwake ethiop ethstats ethstatus ethtool ettercap ettercap-common ettercap-gtk eudc eukleides euler euler-doc euro-support euro-support-console euro-support-x evilwm evms evms-cli evms-gui evms-ha evms-ncurses evolution evolution-data-server evolution-data-server-dev evolution-dev evolution-exchange evolver evolver-doc ewipe exdbm exif exiftags exiftran exim exim-doc exim-doc-html exim4-doc-html exim4-doc-info eximon exmh expat expect expect-dev expect5.24 expect5.24-dev expect5.31 expect5.31-dev expectk expectk5.24 expectk5.31 exrtools ext2resize extace extipl extipl-boot exuberant-ctags eyed3 eyesapplet ez-ipupdate ezmlm-browse ezpublish-src f2c facturalux facturalux-dev fai fai-kernels fake fakechroot fakepop falselogin fam faqomatic fastdep fastdnaml fastlink fastlink-doc faubackup fb-music-high fb-music-low fbb fbbdoc fbdesk fbgetty fbgrab fbi fbiterm fblogo fbpager fbpanel fbset fbtv fceu fcitx fcmp fcrackzip fcron fda fdclone fdflush fdupes fdutils feh felt felt-doc ferite ferite-doc ferm festival festival-dev festival-doc festival-freebsoft-utils festlex-cmu festlex-poslex festvox-kallpc16k festvox-kallpc8k festvox-kdlpc16k festvox-kdlpc8k fet feta fetchmail fetchmail-ssl fetchmailconf fetchyahoo ffingerd ffmpeg fftw-dev fftw-docs fftw2 fftw3 fftw3-dev fftw3-doc fgetty fhist fhist-doc fiaif fibusql fidelio fidogate fifteenapplet fig2ps fig2sty fig2sxd file file-kanji file-rc filelight filepp filerunner filetraq fileutils fillets-ng fillets-ng-data fillets-ng-data-cs filter filtergen filterproxy filters findimagedupes findutils finger-ldap firebird-dev firebird2-classic-server firebird2-dev firebird2-examples firebird2-server-common firebird2-super-server firebird2-utils-classic firebird2-utils-super firedns fireflier-client-gtk fireflier-client-kde fireflier-client-qt fireflier-server firehol firestarter fisg fityk fixincludes fkiss flamethrower flashybrid flawfinder flex flex-doc flex-old flex-old-doc flexbackup flight-of-the-amazon-queen flim flin flip flite flite1-dev floatbg floater floppybackup floppyd flow-tools fltk1.1-doc fluid fluidsynth fluxbox flwm flying fmirror fml fml-doc fmtools fnfx-client fnfxd fnlib-data fnorb fnorb-doc focalinux-html focalinux-text fontconfig fonter fontforge fontforge-doc fonttools fonty fonty-dev fonty-rg foobillard fookb-plainx fookb-wmaker foomatic-db-gimp-print foomatic-db-hpijs foomatic-filters foomatic-filters-ppds foomatic-gui foremost forg fort fort77 fortune-zh fortunes-bg fortunes-bofh-excuses fortunes-br fortunes-cs fortunes-de fortunes-debian-hints fortunes-eo fortunes-eo-ascii fortunes-eo-iso3 fortunes-es fortunes-es-off fortunes-fr fortunes-ga fortunes-it fortunes-it-off fortunes-mario forutil fp-compiler fp-docs fp-units-base fp-units-db fp-units-fcl fp-units-gfx fp-units-gnome1 fp-units-gtk fp-units-misc fp-units-net fp-units-rtl fp-utils fpdns fping fpm fragroute fragrouter framerd francine free-java-sdk freebirth freebsd-buildutils freebsd-sendpr freecdb freecell-solver-bin freeciv freeciv-client-gtk freeciv-client-xaw3d freeciv-data freeciv-gtk freeciv-server freeciv-xaw3d freecraft freedoom freedroid freedroid-data freefem freefem-doc freefem-examples freefem3d freeglut3 freeglut3-dbg freeglut3-dev freej freenet6 freepats freepwing freeradius freeradius-dialupadmin freeradius-iodbc freeradius-krb5 freeradius-ldap freeradius-mysql freesci freesci-doc freeswan freeswan-modules-source freesweep freetable freetds-dev freetype1-tools freetype2 freetype2-demos freewnn-common freewnn-cserver freewnn-jserver freewnn-kserver freqtweak frotz frox frozen-bubble frozen-bubble-data fsh fsp fspanel fspd ftape-doc ftape-source ftape-util ftdi-eeprom fte fte-console fte-docs fte-terminal fte-xwindow ftgl-dev ftjam ftm ftp ftp-proxy ftp-ssl ftp-upload ftpd ftpd-ssl ftpgrab ftplib-dev ftplib3 ftpmirror ftpwatch fttools fujiplay funnelweb funnelweb-doc funny-manpages fuse-source fuse-utils fuzz fv fvwm fvwm-gnome fvwm-icons fvwm-shell fvwm1 fwanalog fwatch fwatch-modules-src fwbuilder fwbuilder-bsd fwbuilder-common fwbuilder-doc fwbuilder-linux fweb fweb-doc fwlogwatch fxload g++ g++-2.95 g++-3.2 g++-3.3 g3data g77 g77-2.95 g77-2.95-doc g77-3.2 g77-3.2-doc g77-3.3 g77-3.3-doc g77-doc gabber gaby gacc gadfly gaiksaurus galan galculator gallery galrey galternatives gambas gambas-doc gambas-gb-compress gambas-gb-db gambas-gb-db-mysql gambas-gb-db-postgresql gambas-gb-db-sqlite gambas-gb-debug gambas-gb-eval gambas-gb-net gambas-gb-net-curl gambas-gb-qt gambas-gb-qt-editor gambas-gb-qt-ext gambas-gb-sdl gambas-gb-vb gambas-gb-xml gambas-runtime gambit gambit-doc gamin gamix gandalf-dev gandalf-doc gandalf1 ganglia-monitor gap gap-character-tables gap-core gap-dev gap-doc gap-libs gap-matrix-schreiersims gap-online-help gap-prim-groups gap-small-groups gap-small-groups-extra gap-table-of-marks gap-trans-groups gaphor garlic garlic-doc gasql gato gatos gauche gauche-gtkgl gav gav-themes gawk gb gbase gbatnav gbib gbuffy gcal gcalctool gcb gcc gcc-2.95 gcc-2.95-doc gcc-3.2 gcc-3.2-base gcc-3.2-doc gcc-3.3 gcc-3.3-base gcc-3.3-doc gcc-avr gcc-doc gcc-h8300-hms gcc272 gcc272-docs gccchecker gcdw gch gcipher gcj gcj-3.3 gcl gcl-doc gclcvs gclcvs-doc gco gcombust gcompris gcompris-data gcompris-sound-da gcompris-sound-de gcompris-sound-en gcompris-sound-es gcompris-sound-fr gcompris-sound-it gcompris-sound-pt gcompris-sound-ru gconf gconf-editor gconf2 gcpegg gcrontab gcvs gda-mysql gda-odbc gda-postgres gda2-freetds gda2-mysql gda2-odbc gda2-postgres gda2-sqlite gdal-bin gdancer gdb gdb-m68hc1x gdeb gdeskcal gdesklets gdesklets-data gdis gdk-imlib1 gdk-imlib1-dev gdm gdm-themes gdtclft geant321 geant321-data geant321-doc geda geda-doc geda-examples geda-symbols gedit gedit-common geekcode geg geki2 geki3 gem gemdropx gems genders genesis genesis-data geneweb genext2fs gengetopt genisovh genparse genpower genromfs gentoo geoip-bin geomview gerbv geresh gerstensaft getmail gettext gettext-base gettext-doc gettext-el gfax gfc-examples gfontview gforge-theme-starterpack gfpoken gfslicer ggcov ggi-doc ghc-cvs ghc-cvs-doc ghc-cvs-hopengl ghc-cvs-libsrc ghc-cvs-prof ghdl ghemical ghex ghextris ghfaxviewer ghostcore giarpfanoa giblib-dev giblib1 gidentd gidic gif2png giflib-bin giflib3g giflib3g-dev gift giftcurs giftd giftrans giftui gij gij-3.3 gimageview gimp-cbmplugs gimp-data-extras gimp-dcraw gimp-dimage-color gimp-gap gimp-ufraw gimp2.0-quiteinsane gimpprint-doc gimpprint-locales ginac-tools gip gipsc git gjay gjiten gkdebconf gkdial gkdial-gnome gkermit gkrellkam gkrellm gkrellm-alltraxclock gkrellm-alltraxclock2 gkrellm-bfm gkrellm-common gkrellm-hdplop gkrellm-i8k gkrellm-ibam gkrellm-leds gkrellm-mailwatch gkrellm-mldonkey gkrellm-radio gkrellm-reminder gkrellm-snmp gkrellm-volume gkrellm-x86info gkrellmd gkrellmitime gkrellmms gkrellmoon gkrellmss gkrellmwho2 gkrellmwireless gkrellongrun gkrellshoot gkrellweather gl-117 gl-117-data glabels glade glade-common glade-doc glade-gnome glade-perl glademm glame glark glcpu gle-doc glfer glibc-doc glide2-bin glimmer gliv global glosstex glotski gltron glunarclock glut-doc glutg3 glutg3-dev gman gmanedit gmemusage gmessage gmetad gmfsk gmgaclock gmod gmoo gmp-ecm gmpc gmrun gmt gmt-coast-low gmt-doc gmt-doc-pdf gmt-doc-ps gmt-examples gmt-manpages gmt-tutorial gmt-tutorial-pdf gmt-tutorial-ps gnade-dev gnade-doc gnarwl gnat gnat-3.2 gnat-3.2-doc gnat-3.3 gnat-3.3-doc gnat-doc gnat-gdb gnat-gdb-doc gnat-glade gnat-glade-doc gnats gnats-user gnatsweb gngb gniall gnobog gnofin gnoise gnoise-gnome gnomad2 gnome gnome-about gnome-alsamixer gnome-applets gnome-applets-data gnome-applets-dev gnome-apt gnome-audio gnome-bin gnome-blog gnome-breakout gnome-commander gnome-common gnome-core gnome-core-devel gnome-cpufreq-applet gnome-cups-manager gnome-db gnome-db-doc gnome-desktop-data gnome-desktop-environment gnome-dev-doc gnome-devel gnome-doc-tools gnome-extra-icons gnome-fifth-toe gnome-find gnome-games gnome-games-data gnome-games-extra-data gnome-gpg gnome-gv gnome-iconedit gnome-jabber gnome-keyring gnome-libs-data gnome-lokkit gnome-media gnome-mime-data gnome-mud gnome-netstatus-applet gnome-nettool gnome-office gnome-panel gnome-panel-data gnome-photo-printer gnome-pilot gnome-pilot-conduits gnome-pkgview gnome-ppp gnome-randr-applet gnome-session gnome-spell gnome-swallow-applet gnome-system-monitor gnome-system-tools gnome-tasksel gnome-terminal gnome-think gnome-u2ps gnome-utils gnome-vfs-extfs gnome-xine gnome2-user-guide gnomeicu gnomeicu-common gnomekiss gnomermind gnomesword gnometab gnomoradio gnomp3 gnopernicus gnotepad+ gnotepad+-help gnotime gnu-efi gnu-standards gnubg gnubg-bearoffs gnubiff gnucap gnucash-docs gnucash-hbci gnuchess gnuchess-book gnudip gnue-common gnue-designer gnue-forms-wxgtk gnue-navigator gnue-reports gnugo gnuhtml2latex gnuift gnuift-doc gnuift-perl gnulib gnulpr gnumail.app gnumeric gnumeric-common gnumeric-doc gnumeric-plugins-extra gnupg-doc gnuplot gnuplot-doc gnuplot-mode gnuplot-nox gnuplot-x11 gnupod-tools gnurobbo gnus gnus-bonus-el gnuserv gnushogi gnusim8085 gnusound gnustep gnustep-antlr gnustep-back gnustep-base-common gnustep-base-doc gnustep-base-examples gnustep-core gnustep-core-devel gnustep-core-doc gnustep-devel gnustep-dl2 gnustep-examples gnustep-games gnustep-gd gnustep-gui-common gnustep-gui-doc gnustep-icons gnustep-make gnustep-make-doc gnustep-make-ogo gnustep-netclasses gnustep-ppd gnuwash.app goats gob gob2 gobjc gobjc-2.95 gobjc-3.2 gobjc-3.3 gocr gocr-doc gocr-gtk gocr-tk godbcconfig goldedplus golem gom gom-x gomoku.app goo goobox googlizer gopher gopherweblink gorm gosa gosa-schema gossip gotmail gozer gpa gpart gpc gpc-2.1-3.3 gpc-2.1-3.3-doc gpc-2.95 gpc-2.95-doc gpc-doc gpdf gpe-edit gpe-icons gpe-julia gpe-taskmanager gperf gperf-ace gperiodic gpgp gphoto2 gphotocoll gpm gpp gpppkill gpppon gpr gpredict gprolog gprolog-doc gps gpsd gpsd-clients gpsdrive gpsim gpsim-dev gpsim-doc gpsim-lcd gpsim-logic gpsk31 gpsman gpsmanshp gpstrans gputils gpw gq gqcam gql-shell gqmpeg gqview grace grace6 gradio gradm gradm2 gramadoir grande grandfatherclock grap graphviz graphviz-dev graphviz-doc grass grass-doc gravitywars grc grcm grdesktop greed greenwich grep grep-dctrl grepmail gretl gretl-common gretl-data gretl-doc greylistd gri gri-el gri-html-doc gri-ps-doc gridlock.app grip grmonitor groff groff-base groundhog grpn grub-splashimages grub2 gruftistats grun grunt grunt-uucp gs gs-common gs-esp gs-gpl gsasl gscanbus gsfonts gsfonts-wadalab-common gsfonts-wadalab-gothic gsfonts-wadalab-mincho gsfonts-x11 gsl-bin gsl-doc-pdf gsl-ref-html gsl-ref-psdoc gsm-utils gsmartcard gstreamer-editor gsumi gtalk gtans gtetrinet gtimer gtk-doc-tools gtk-engines-begtk gtk-engines-eazel gtk-engines-geramik gtk-engines-geramik-data gtk-engines-icegradient gtk-engines-lighthouseblue gtk-engines-mac2 gtk-engines-metal gtk-engines-mist gtk-engines-notif gtk-engines-pixmap gtk-engines-qtpixmap gtk-engines-raleigh gtk-engines-redmond95 gtk-engines-smooth gtk-engines-thingeramik gtk-engines-thingeramik-data gtk-engines-thinice gtk-engines-xenophilia gtk-gnutella gtk-imonc gtk-led-askpass gtk-shell gtk-smooth-themes gtk-theme-switch gtk2-engines-cleanice gtk2-engines-geramik gtk2-engines-gtk-qt gtk2-engines-magicchicken gtk2-engines-metal gtk2-engines-qtpixmap gtk2-engines-redmond95 gtk2-engines-smooth gtk2-engines-thingeramik gtk2-engines-wonderland gtk2-engines-xfce gtkam gtkam-gimp gtkatlantic gtkballs gtkcookie gtkdiskfree gtkeyboard gtkfontsel gtkglarea5 gtkglarea5-dev gtkgo gtkgrepmail gtkguitune gtkhtml gtkhtml3.0 gtkhtml3.1 gtkhtml3.2 gtkhx gtklookat gtklp gtkmorph gtkmorph-example gtkodbcconfig0 gtkpod gtkpool gtkrecover gtksee gtktalog gtkterm gtkwave gtm gtml gtoaster gtweakui gtypist guarddog gucharmap guessnet guidedog guikachu guikachu2rcp guile-1.6 guile-1.6-dev guile-1.6-doc guile-1.6-libs guile-1.6-slib guile-common guile-db guile-library guile-pg guile-simplesql guile1.4 guile1.4-doc guile1.4-slib guitar gup gupsc gvidm gwave gwc gweled gwget2 gwhois gworkspace-apps-wrappers gworkspace.app gworldclock gwremote.app gwtp gxedit gxine gxmms gxproc gxset gzip h5utils haddock halibut hamfax hamlib++-dev hamlib-dev hamlib-doc hamlib-utils hamlib3 hamlib3++ hamlib3-perl hamlib3-tcl hammerhead hamsoft hanterm-classic hanterm-xf hanzim happy happydigger harbour harden harden-clients harden-development harden-doc harden-environment harden-nids harden-remoteaudit harden-servers harden-surveillance harden-tools hardinfo hardware-monitor hasciicam hashalot hashcash haskell-devscripts haskell-doc haskell-mode haskell-utils haskell98-report haskell98-tutorial hat hat-ghc5 hat-ghc6 hat-nhc98 hbf-cns40-1 hbf-cns40-2 hbf-cns40-3 hbf-cns40-4 hbf-cns40-5 hbf-cns40-6 hbf-cns40-7 hbf-cns40-b5 hbf-jfs56 hbf-kanji48 hdf5-tools hdup headache hearse heartbeat heartbeat-dev hebcal heimdal-clients heimdal-clients-x heimdal-dev heimdal-docs heimdal-kdc heimdal-servers heimdal-servers-x helix-player hello hello-dbs hello-debhelper help2man helpviewer.app henplus hercules hermes1 hermes1-dev heroes-common heroes-data heroes-ggi heroes-sdl heroes-sound-effects heroes-sound-tracks hesiod hevea hex hexcat hexcurse hexedit hexer hexxagon hfsplus hfsutils hfsutils-tcltk hiki hindent hinfo hitop hlatex hlatex-fonts-base hlatex-fonts-extra hlfl hlins hmake hmmer hnb hodie honeyd honeyd-common host hostap-modules-2.4.27-2-386 hostap-modules-2.4.27-2-586tsc hostap-modules-2.4.27-2-686 hostap-modules-2.4.27-2-686-smp hostap-modules-2.4.27-2-k6 hostap-modules-2.4.27-2-k7 hostap-modules-2.4.27-2-k7-smp hostap-modules-2.6.8-2-386 hostap-modules-2.6.8-2-686 hostap-modules-2.6.8-2-686-smp hostap-modules-2.6.8-2-k7 hostap-modules-2.6.8-2-k7-smp hostap-source hostap-utils hostapd hostname hotsmtp hotswap hotswap-gui hotswap-text hotway howl-utils hp-ppd hp-search-mac hp2xx hp48cc hpijs hping2 hping3 hplip hplip-data hpoj hpoj-xojpanel hpsockd hsftp hspell hspell-gui ht htag htcheck htcheck-php htdig htdig-doc html-helper-mode html2ps html2text html2wml htmldoc htmlgen htop htp httping httptunnel httpush httrack httrack-doc hubcot hubcot-source hugs hunglish hunit-doc hunt hwdata hwinfo hwtools hx hybrid-dev hybserv hylafax-client hylafax-doc hylafax-server hyperlatex hypermail hyphen-show hztty i2c-2.4.27-2-386 i2c-2.4.27-2-586tsc i2c-2.4.27-2-686 i2c-2.4.27-2-686-smp i2c-2.4.27-2-k6 i2c-2.4.27-2-k7 i2c-2.4.27-2-k7-smp i2c-source i2e i810switch i8kutils iacd iamerican ibackup ibam ibcs-base ibcs-source-2.2 ibod ibp ibritish ibwebadmin ic35link icebreaker icecast-client icecast-server icecast2 iceconf icecream icemc iceme ices2 icewm icewm-common icewm-experimental icewm-gnome icewm-gnome-support icewm-lite icewm-themes ickle ickle-common ickle-control icmake icmpinfo icmpush icom icomlib-bin icomlib-doc icomlib1 icomlib1-dev icon-ipl iconc icont iconx icoutils icu icu-data icu-doc icu-i18ndata icu-locales iczech id-utils id3 id3ed id3ren id3tool id3v2 ident2 idesk idl-font-lock-el idle-python2.2 idle-python2.3 idle-python2.4 idn idswakeup iesperanto ifcico ifenslave ifenslave-2.4 ifenslave-2.6 ifgate ifhp ifile ifile-gnus-el ifmail ifmetric ifp-line ifplugd ifrename ifrench ifrench-gut ifscheme ifstat iftop ifupdown ifupdown-scripts-zg2 igaelic igal ihungarian iiimecf iiimf-htt-csconv iiimf-htt-le-canna iiimf-htt-le-indic iiimf-htt-le-newpy iiimf-htt-server iiimf-htt-xbe iiimgcf iirish iisemulator iitalian ijsgimpprint ike-scan ilisp ilisp-doc ilithuanian ilohamail im im-sdk-docs imagefs imageindex imagemagick imageviewer imanx imapfilter imapproxy imaptool imaze-lesstif imaze-sounds imaze-xaw imaze-xlabed imaze-xview imazesrv imcom imediff2 imgsizer imgvtopgm imhangul imhangul-status-applet imlib-base imlib-progs imlib1 imlib1-dev imlib11 imlib11-dev imp3 impose+ imwheel indent indent-doc inetutils-ftp inetutils-ftpd inetutils-inetd inetutils-ping inetutils-syslogd inetutils-talk inetutils-talkd inetutils-telnet inetutils-telnetd inetutils-tools info info2man info2www inform-mode ingerman initrd-netboot-tools initrd-tools initscripts initz inn inn2 inn2-dev inn2-inews inn2-ssl innfeed insight installwatch integrit intel2gas intercal interchange interchange-cat-foundation interchange-doc interchange-ui inti-examples intltool intltool-debian intuitively inventor-clients inventor-data inventor-demo inventor-dev inventor-doc iodbc iog iogerman ion2 ion2-dev ion2-doc ip2host ipac-ng ipautofw ipband ipcalc ipchains ipe iperf ipfm ipfwadm ipgrab ipip ipmasq ipmasqadm ipopd ipopd-ssl iportuguese ippl iprelay iprint iproute iproute-dev ipsc iptotal iptraf iptstate iputils-arping iputils-ping iputils-tracepath ipv6calc ipvsadm ipx ipxripd irb irb1.6 irb1.8 ircd ircd-hybrid ircd-irc2 ircd-ircu ircii ircmarkers ircp irda-utils ire ire-ed ire-rotj ire-the-flat iripdb irm irmp3 iroffer irqbalance irssi-scripts irssi-text irussian isag isakmpd isapnptools isdnbutton iselect isic iso-codes isoqlog ispanish ispell iswedish iswiss isync itagalog itcl3 itcl3-dev itcl3-doc itcl3.0 itcl3.0-dev itcl3.1 itcl3.1-dev itcl3.1-doc itk3 itk3-dev itk3-doc itk3.0 itk3.0-dev itk3.1 itk3.1-dev itk3.1-doc iukrainian ivi ivritex ivtools-bin ivtools-dev ivtools-interviews ivtools-unidraw iwidgets3.1 iwidgets3.1-doc iwidgets4 iwidgets4-doc ixbiff ja-trans jabber jabber-aim jabber-common jabber-dev jabber-irc jabber-jit jabber-jud jabber-msn jabber-muc jabber-yahoo jablicator jack jack-rack jack-tools jackeq jade jadetex jags jail jailer jailtool jam jargon jargon-text jasmin-sable java-common java2html javacc jaxml jazip jbibtex-base jbibtex-bin jbofihe jdresolve jed jed-common jed-extra jed-sl jedstate jered jesred jester jfbterm jflex jfsutils jftpgw jgraph jhcore jhead jigdo jigdo-file jigit jikes jikes-gij jikes-sablevm jitterbug jlatex209-base jlatex209-bin jless jlex jlint jlint-doc jmk jmon jmpost jnethack jnettop joe john jove joystick jpeginfo jpegpixi jpilot-backup jpilot-syncmal jsboard jsboard-theme-aicom-ko jsboard-theme-debian-ko jsboard-theme-diary-en jsboard-theme-diary-ko jsboard-theme-trash-en jsboard-theme-trash-ko jsboard-theme-wizz-ko jscalibrator jslaunch jtex-base jtex-bin juic juice juke jukebox-mercury juman juman-dic jumpnbump jumpnbump-levels junior-arcade junior-art junior-doc junior-games-card junior-games-gl junior-games-net junior-games-sim junior-games-text junior-gnome junior-internet junior-kde junior-math junior-programming junior-puzzle junior-sound junior-system junior-toys junior-typing junior-writing junit junit-doc junkfilter jvim-canna jvim-doc jwhois jython jython-doc jzip k3b-i18n k6fftwgel-dev k6fftwgel2 k7fftwgel-dev k7fftwgel2 kaffeine kaffeine-mozilla kakasi kakasi-dic kali kamera kanadic kanatest kanjidic kanjipad kappfinder kaptain kaquarium karamba karbon karpski kasteroids kate katomic katoob kbackgammon kbarcode kbattleship kbd kbd-compat kbear kbiff kblackbox kbounce kcalc kcc kcd kcdlabel kcemirror kcharselect kchart kcheckgmail kcmlinuz kcoloredit kcontrol kcpuload kcron kdat kdbg kdc2tiff kde kde-amusements kde-core kde-devel kde-devel-extras kde-extras kde-i18n-af kde-i18n-ar kde-i18n-bg kde-i18n-bn kde-i18n-bs kde-i18n-ca kde-i18n-cs kde-i18n-cy kde-i18n-da kde-i18n-de kde-i18n-el kde-i18n-engb kde-i18n-eo kde-i18n-es kde-i18n-et kde-i18n-eu kde-i18n-fa kde-i18n-fi kde-i18n-fr kde-i18n-gl kde-i18n-he kde-i18n-hi kde-i18n-hr kde-i18n-hsb kde-i18n-hu kde-i18n-is kde-i18n-it kde-i18n-ja kde-i18n-mn kde-i18n-ms kde-i18n-nb kde-i18n-nds kde-i18n-nl kde-i18n-nn kde-i18n-pa kde-i18n-pl kde-i18n-pt kde-i18n-ptbr kde-i18n-ro kde-i18n-ru kde-i18n-sk kde-i18n-sl kde-i18n-sr kde-i18n-sv kde-i18n-ta kde-i18n-tg kde-i18n-tr kde-i18n-uk kde-i18n-uz kde-i18n-zhcn kde-i18n-zhtw kde-icons-crystal kde-icons-noia kdeaccessibility kdeadmin kdeadmin-kfile-plugins kdeartwork kdeartwork-misc kdeartwork-style kdeartwork-theme-desktop kdeartwork-theme-icon kdeartwork-theme-window kdebase kdebase-bin kdebase-data kdebase-dev kdebase-doc kdebase-kio-plugins kdebindings-java kdegames kdegames-card-data kdegames-doc-html kdegraphics kdegraphics-dev kdegraphics-kfile-plugins kdelibs3-bin kdelirc kdenetwork kdenetwork-filesharing kdepasswd kdeprint kdesktop kdessh kdetoys kdetoys-doc-html kdeutils kdeutils-dev kdevelop kdevelop-data kdevelop-doc kdewallpapers kdewebdev kdewebdev-doc-html kdf kdict kdiff3 kdirstat kdm kdoc kdvi kedit keepalived kenolaba kerberos4kth-clients kerberos4kth-clients-x kerberos4kth-dev kerberos4kth-docs kerberos4kth-kdc kerberos4kth-kip kerberos4kth-servers kerberos4kth-servers-x kerberos4kth-services kerberos4kth-user kerberos4kth-x11 kerberos4kth1 kernel-build-2.4.27-2 kernel-doc-2.2.25 kernel-doc-2.4.27 kernel-doc-2.4.27-speakup kernel-doc-2.6.8 kernel-headers-2.4-386 kernel-headers-2.4-586tsc kernel-headers-2.4-686 kernel-headers-2.4-686-smp kernel-headers-2.4-k6 kernel-headers-2.4-k7 kernel-headers-2.4-k7-smp kernel-headers-2.4.27-2 kernel-headers-2.4.27-2-386 kernel-headers-2.4.27-2-586tsc kernel-headers-2.4.27-2-686 kernel-headers-2.4.27-2-686-smp kernel-headers-2.4.27-2-k6 kernel-headers-2.4.27-2-k7 kernel-headers-2.4.27-2-k7-smp kernel-headers-2.4.27-speakup kernel-headers-2.6-386 kernel-headers-2.6-686 kernel-headers-2.6-686-smp kernel-headers-2.6-amd64-generic kernel-headers-2.6-amd64-k8 kernel-headers-2.6-amd64-k8-smp kernel-headers-2.6-em64t-p4 kernel-headers-2.6-em64t-p4-smp kernel-headers-2.6-k7 kernel-headers-2.6-k7-smp kernel-headers-2.6.8-10 kernel-headers-2.6.8-10-amd64-generic kernel-headers-2.6.8-10-amd64-k8 kernel-headers-2.6.8-10-amd64-k8-smp kernel-headers-2.6.8-10-em64t-p4 kernel-headers-2.6.8-10-em64t-p4-smp kernel-headers-2.6.8-2 kernel-headers-2.6.8-2-386 kernel-headers-2.6.8-2-686 kernel-headers-2.6.8-2-686-smp kernel-headers-2.6.8-2-k7 kernel-headers-2.6.8-2-k7-smp kernel-image-2.4-386 kernel-image-2.4-586tsc kernel-image-2.4-686 kernel-image-2.4-686-smp kernel-image-2.4-k6 kernel-image-2.4-k7 kernel-image-2.4-k7-smp kernel-image-2.4.27-2-386 kernel-image-2.4.27-2-586tsc kernel-image-2.4.27-2-686 kernel-image-2.4.27-2-686-smp kernel-image-2.4.27-2-k6 kernel-image-2.4.27-2-k7 kernel-image-2.4.27-2-k7-smp kernel-image-2.4.27-speakup kernel-image-2.6-386 kernel-image-2.6-686 kernel-image-2.6-686-smp kernel-image-2.6-amd64-generic kernel-image-2.6-amd64-k8 kernel-image-2.6-amd64-k8-smp kernel-image-2.6-em64t-p4 kernel-image-2.6-em64t-p4-smp kernel-image-2.6-k7 kernel-image-2.6-k7-smp kernel-image-2.6.8-10-amd64-generic kernel-image-2.6.8-10-amd64-k8 kernel-image-2.6.8-10-amd64-k8-smp kernel-image-2.6.8-10-em64t-p4 kernel-image-2.6.8-10-em64t-p4-smp kernel-image-2.6.8-2-386 kernel-image-2.6.8-2-686 kernel-image-2.6.8-2-686-smp kernel-image-2.6.8-2-k7 kernel-image-2.6.8-2-k7-smp kernel-image-netbootable kernel-internals-guide kernel-kbuild-2.6-3 kernel-package kernel-patch-2.2.25-m68k kernel-patch-2.4-bluez kernel-patch-2.4-cobalt kernel-patch-2.4-grsecurity kernel-patch-2.4-i2c kernel-patch-2.4-kgdb kernel-patch-2.4-lowlatency kernel-patch-2.4-preempt kernel-patch-2.4-supermount-ng kernel-patch-2.4.19-arm kernel-patch-2.4.27-hppa kernel-patch-2.4.27-ia64 kernel-patch-2.4.27-m68k kernel-patch-2.4.27-s390 kernel-patch-2.6-bluez kernel-patch-2.6-reiser4 kernel-patch-2.6.8-hppa kernel-patch-2.6.8-m68k kernel-patch-2.6.8-s390 kernel-patch-2.6.9-hppa kernel-patch-adamantix kernel-patch-adeos kernel-patch-atopacct kernel-patch-atopcnt kernel-patch-badram kernel-patch-cryptoloop kernel-patch-ctx kernel-patch-debian-2.4.27 kernel-patch-debian-2.6.8 kernel-patch-device-mapper kernel-patch-evms kernel-patch-freeswan kernel-patch-gcov kernel-patch-grsecurity2 kernel-patch-kdb kernel-patch-lowlatency-2.4 kernel-patch-ltt kernel-patch-misdn kernel-patch-mppe kernel-patch-nfs-ngroups kernel-patch-powerpc-2.4.27 kernel-patch-ppscsi-2.4 kernel-patch-ppscsi-2.6 kernel-patch-preempt-2.4 kernel-patch-psd kernel-patch-quota kernel-patch-relayfs kernel-patch-scripts kernel-patch-skas kernel-patch-speakup kernel-patch-systrace kernel-patch-tekram-dc3x5 kernel-patch-time kernel-patch-ttl kernel-patch-usagi kernel-patch-wrr kernel-pcmcia-modules-2.4-386 kernel-pcmcia-modules-2.4-586tsc kernel-pcmcia-modules-2.4-686 kernel-pcmcia-modules-2.4-686-smp kernel-pcmcia-modules-2.4-k6 kernel-pcmcia-modules-2.4-k7 kernel-pcmcia-modules-2.4-k7-smp kernel-pcmcia-modules-2.4.27-2-386 kernel-pcmcia-modules-2.4.27-2-586tsc kernel-pcmcia-modules-2.4.27-2-686 kernel-pcmcia-modules-2.4.27-2-686-smp kernel-pcmcia-modules-2.4.27-2-k6 kernel-pcmcia-modules-2.4.27-2-k7 kernel-pcmcia-modules-2.4.27-2-k7-smp kernel-source-2.2.25 kernel-source-2.4.27 kernel-source-2.6.8 kernel-tree-2.4.27 kernel-tree-2.6.8 kernel-wedge kernellab kerneltop ketm ketm-data keyanalyze keybled keyboards-rg keychain keylaunch keylookup keynote kfax kfilereplace kfind kfish kflog kfloppy kfocus kformula kforth kfouleggs kftgt kftgtd kgamma kget kghostview kgoldrunner kgpg khelpcenter khexedit kicker kiconedit kid3 kile kile-i18n kimagemapeditor kimdaba kimwitu kimwitu++ kimwitu++-doc kimwitu-doc kinput2-canna kinput2-canna-wnn kinput2-common kinput2-wnn kipina kipina-dev-doc kismet kiss kivio kivio-data kjc kjots kjscmd kjumpingcube klaptopdaemon klic klic-doc klickety klines klinkstatus klipper klog klogd klogic kmag kmahjongg kmenuedit kmerlin kmilo kmines kmldonkey kmoon kmousetool kmouth kmrml kmymoney2 knapster2 knetload knews knewsticker knl knockd knocker knoda knutclient koalamud kobodeluxe kodo kodos koffice koffice-data koffice-dev koffice-doc-html koffice-i18n-af koffice-i18n-bg koffice-i18n-br koffice-i18n-ca koffice-i18n-cs koffice-i18n-cy koffice-i18n-da koffice-i18n-de koffice-i18n-el koffice-i18n-engb koffice-i18n-eo koffice-i18n-es koffice-i18n-et koffice-i18n-fa koffice-i18n-fi koffice-i18n-fr koffice-i18n-he koffice-i18n-hsb koffice-i18n-hu koffice-i18n-it koffice-i18n-ja koffice-i18n-lo koffice-i18n-mt koffice-i18n-nb koffice-i18n-nl koffice-i18n-nn koffice-i18n-pl koffice-i18n-pt koffice-i18n-ptbr koffice-i18n-ru koffice-i18n-se koffice-i18n-sk koffice-i18n-sl koffice-i18n-sr koffice-i18n-sv koffice-i18n-tg koffice-i18n-th koffice-i18n-tr koffice-i18n-ven koffice-i18n-xh koffice-i18n-zhcn koffice-i18n-zhcngb2312 koffice-i18n-zhtw koffice-i18n-zhtwbig5 koffice-i18n-zu koffice-libs kolf kolf-dev kolourpaint komba2 komi kommander kommander-dev kompose kon2 konfont konq-speaker konqueror konqueror-nsplugins konquest konserve konsole konversation konwert konwert-dev konwert-filters kooka kopete koshell koth koules kover kpackage kpager kpat kpdf kpersonalizer kpf kphone kpoker kpovmodeler kppp kpresenter kprof kpsk kq kq-data krb4-config krb5-admin-server krb5-clients krb5-config krb5-doc krb5-ftpd krb5-kdc krb5-rsh-server krb5-telnetd krb5-user krdc krecord kregexpeditor kreversi krfb kronolith kruler krusader ksame kscreensaver kscreensaver-xsavers kseg ksensors kshisen ksim ksimus ksimus-boolean ksimus-datarecorder ksimus-dev ksimus-floatingpoint ksirc ksirtet ksmiletris ksmserver ksnake ksnapshot ksociograma ksocrat ksocrat-data ksokoban kspaceduel ksplash kspread kstreamripper ksvg ksymoops ksynaptics ksysguard ksysguardd ksysv ktalkd kteatime kterm ktexmaker2 ktimer ktimetrace ktip ktron ktuberling ktux kudzu kudzu-dev kugar kuickshow kuipc kuser kuvert kvdr kview kviewshell kvirc kvirc-data kvirc-dev kvirc-doc kwalletmanager kwartz kwavecontrol kweather kwifimanager kwin kwin-baghira kwin4 kword kworldclock kxmleditor kxsldbg kxterm l2tpns labrea lacheck ladcca-bin ladcca-dev ladcca2 ladccad ladspa-sdk lakai lam-mpidoc lam-runtime lam4 lam4-dev lambdacore lambdamoo lambdamoo-docs lampython langband-data langband-engine langband-vanilla langband-zterm langdrill language-env lapack lapack-dev lapack-doc lapack-pic lapack-test lapack3 lapack3-dev lapack3-doc lapack3-pic lapack3-test lapack99 lapack99-dev lapispuzzle.app laptop-mode-tools laptop-net laptop-net-doc laptop-netconf larswm latd late late-data latex-beamer latex-bridge latex-ucs latex-ucs-contrib latex-ucs-dev latex-ucs-doc latex-ucs-uninames latex-xcolor latex-xft-fonts latex.service latex209-base latex209-bin latex209-src latex2rtf latex2rtf-doc latrine launcher launchtool lavaps lbdb lbreakout2 lbreakout2-data lbt lcab lcap lcdf-typetools lcdproc ld.so.preload-manager ldap-account-manager ldap-utils ldap2dns ldapdiff ldapdns ldapvi lde ldirectord ldp-docbook-dsssl ldp-docbook-xsl ldp-es ldp-es-garl ldp-es-glup ldp-es-lipp ldp-es-lipp2 ldso le le-dico-de-rene-cougnenc leafnode leaktracer leave ledcontrol ledcontrol-gtk ledit ledstats leksbot lessdisks lessdisks-cloner-server lessdisks-cloner-terminal lessdisks-doc lessdisks-easydialog lessdisks-terminal lessdisks-xterminal lesstif-bin lesstif-dev lesstif-doc lesstif1 lesstif2 lesstif2-dev levee lexmark7000linux lfm lft lftp lg-all lg-base lg-issue01to08 lg-issue09 lg-issue10 lg-issue100 lg-issue101 lg-issue102 lg-issue103 lg-issue104 lg-issue105 lg-issue106 lg-issue107 lg-issue108 lg-issue109 lg-issue11 lg-issue110 lg-issue12 lg-issue13 lg-issue14 lg-issue15 lg-issue16 lg-issue17 lg-issue18 lg-issue19 lg-issue20 lg-issue21 lg-issue22 lg-issue23 lg-issue24 lg-issue25 lg-issue26 lg-issue27 lg-issue28 lg-issue29 lg-issue30 lg-issue31 lg-issue32 lg-issue33 lg-issue34 lg-issue35 lg-issue36 lg-issue37 lg-issue38 lg-issue39 lg-issue40 lg-issue41 lg-issue42 lg-issue43 lg-issue44 lg-issue45 lg-issue46 lg-issue47 lg-issue48 lg-issue49 lg-issue50 lg-issue51 lg-issue52 lg-issue53 lg-issue54 lg-issue55 lg-issue56 lg-issue57 lg-issue58 lg-issue59 lg-issue60 lg-issue61 lg-issue62 lg-issue63 lg-issue64 lg-issue65 lg-issue66 lg-issue67 lg-issue68 lg-issue69 lg-issue70 lg-issue71 lg-issue72 lg-issue73 lg-issue74 lg-issue75 lg-issue76 lg-issue77 lg-issue78 lg-issue79 lg-issue80 lg-issue81 lg-issue82 lg-issue83 lg-issue84 lg-issue85 lg-issue86 lg-issue87 lg-issue88 lg-issue89 lg-issue90 lg-issue91 lg-issue92 lg-issue93 lg-issue94 lg-issue95 lg-issue96 lg-issue97 lg-issue98 lg-issue99 lg-latest-two lg-subscription lib-dom-java lib3ds-dev liba52-0.7.4 liba52-0.7.4-dev libaal-dev libabz0 libabz0-dev libaca-dev libaca0 libace-dev libace-doc libace-flreactor-dev libace-flreactor5.4 libace-qtreactor-dev libace-qtreactor5.4 libace-rmcast-dev libace-rmcast5.4 libace-tkreactor-dev libace-tkreactor5.4 libace-xtreactor-dev libace-xtreactor5.4 libace5.4 libacexml-dev libacexml5.4 libacme-brainfck-perl libacme-poe-knee-perl libadabindx-dev libadabindx0 libadasockets0 libadasockets0-dev libadduser-pluginloader-perl libadns1 libadns1-bin libadns1-dev libadolc-dev libadolc1 libadolc1-doc libadolc1-examples libaffix-dev libaffix2 libagrep-ocaml libagrep-ocaml-dev libaiksaurus-data libaiksaurus-dev libaiksaurus0c102 libaiksaurusgtk-dev libaiksaurusgtk0c102 libaire0 libaldmb0 libaldmb0-dev libalgorithm-annotate-perl libalgorithm-diff-perl libalgorithm-diff-ruby libalgorithm-diff-ruby1.6 libalgorithm-diff-ruby1.8 libalias-perl liballegro-dev liballegro-doc liballegro4.1 liballegro4.1-dbg liballegro4.1-plugin-arts liballegro4.1-plugin-esd liballegro4.1-plugin-jack liballegro4.1-plugin-svgalib liballegro4a liballegro4a-plugin-arts liballegro4a-plugin-esd liballegro4a-plugin-svgalib libalogg libalogg-dev libaltlinuxhyph-dev libalzabo-perl libamazon-ruby libamrita-ruby1.6 libamrita-ruby1.8 libamstd-ruby1.8 libamu-dev libamu2 libannodex0 libannodex0-dev libant1.5-java libant1.6-java libanthy-dev libanthy0 libanydata-perl libao-dev libao2 libapache-auth-ldap libapache-authcookie-perl libapache-authensmb libapache-authnetldap-perl libapache-authznetldap-perl libapache-configfile-perl libapache-csacek libapache-db-perl libapache-dbi-perl libapache-dbilogconfig-perl libapache-dbilogger-perl libapache-htpasswd-perl libapache-miniwiki-perl libapache-mod-acct-mysql libapache-mod-acct-pgsql libapache-mod-auth-curdir libapache-mod-auth-kerb libapache-mod-auth-mysql libapache-mod-auth-pam libapache-mod-auth-pgsql libapache-mod-auth-plain libapache-mod-auth-radius libapache-mod-auth-shadow libapache-mod-auth-useragent libapache-mod-cgi-debug libapache-mod-chroot libapache-mod-dav libapache-mod-dynvhost libapache-mod-encoding libapache-mod-filter libapache-mod-gzip libapache-mod-index-rss libapache-mod-interchange libapache-mod-iptos libapache-mod-jk libapache-mod-layout libapache-mod-ldap libapache-mod-limitipconn libapache-mod-lisp libapache-mod-mp3 libapache-mod-perl-doc libapache-mod-proxy-add-forward libapache-mod-python libapache-mod-python-doc libapache-mod-python2.1 libapache-mod-python2.2 libapache-mod-python2.3 libapache-mod-random libapache-mod-relocate libapache-mod-repository libapache-mod-rpaf libapache-mod-ruby libapache-mod-scgi libapache-mod-security libapache-mod-speedycgi libapache-mod-ssl libapache-mod-ssl-doc libapache-mod-suphp libapache-mod-text2html libapache-mod-trigger libapache-mod-tsunami libapache-mod-witch libapache-mod-xslt libapache-modxslt libapache-reload-perl libapache-request-perl libapache-requestnotes-perl libapache-ruby1.8 libapache-session-perl libapache-sessionx-perl libapache-singleton-perl libapache-stage-perl libapache-template-perl libapache2-mod-auth-mysql libapache2-mod-auth-pam libapache2-mod-auth-pgsql libapache2-mod-auth-plain libapache2-mod-auth-sys-group libapache2-mod-chroot libapache2-mod-encoding libapache2-mod-jk2 libapache2-mod-layout libapa • Is the collection as a whole authentic? Rolled back? For Peter Szolovits January-Apr 2005 slide #13 SFSRO architecture Publisher untrusted server file system untrusted server [CDN] Client Browser RPM sfsrodb signing key SFS client untrusted server • SFSRO signs complete file system (data and metadata) • Publisher stores files in replicated database (∼ a disk image) • Clients verify files without trusting servers For Peter Szolovits January-April 2005 slide #14 Authenticity via hash trees [Merkle:79] • Proves membership of a leaf in an n-node tree with O(log n) hashes • Matches structure of a file system directory tree • Ideal performance for incremental updates For Peter Szolovits January-April 2005 slide #15 Merkle hash tree mapped over directory tree RO-inode contents directory .. . metadata H(data) H(data) .. . data name H(inode) .. . H(ind. blk.) H(dbl.. ind.) .. indirect block H(data) H(data) .. . ... • Merkle hash tree of the file system [Haber:91, Devanbu:02] • One public key operation and O(log n) hashes to authenticate For Peter Szolovits January-April 2005 data .. . data data .. . slide #16 Merkle hash tree mapped over directory tree RO-inode contents directory .. . metadata H(data) H(data) .. . data name H(inode) .. . H(ind. blk.) H(dbl.. ind.) .. indirect block H(data) H(data) .. . ... • Merkle hash tree of the file system [Haber:91, Devanbu:02] • One public key operation and O(log n) hashes to authenticate • SFSRO protocol designed to walk Merkle trees For Peter Szolovits January-April 2005 data .. . data data .. . slide #16 Example of reading /shome/sfs.fs.net/README GETFSINFO signed root handle GETDATA root inode Client .. . Server GETDATA README contents • SFSRO servers perform no online cryptography For Peter Szolovits January-April 2005 slide #17 Implementation of SFSRO • Untrusted SFSRO Server Publisher 8 ◦ SHA-1 Merkle hash tree ◦ Rabin-Williams signature socket SFSRO Client emacs • Block server ◦ 7 Uses sleepycat database User Space 1 System Call Interface • ◦ Incremental updates ◦ Influenced CFS [Dabek:01] Kernel Space 2 Client ◦ VFS Transparent integrity checking Networking 3 6 5 socket ◦ Implemented as NFS loopback NFS For Peter Szolovits January-April 2005 4 slide #18 Chefs For Peter Szolovits January-April 2005 slide #19 A brief timeline of SFS • Read-write security in SFS [Mazieres:99] • Read-only dialect [Fu:00] • Decentralized access control ➜ For Peter Szolovits SFSRO January-April 2005 slide #20 A brief timeline of SFS • Read-write security in SFS [Mazieres:99] • Read-only dialect [Fu:00] ➜ • Decentralized access control ➜ SFSRO Chefs ◦ Servers remain untrusted ◦ Clients with key can read content ◦ Problem: Reduce key distribution For Peter Szolovits January-April 2005 slide #20 Access control using untrusted servers A private blog For Peter Szolovits January-April 2005 slide #21 Potential approaches • Proxy SSL Web server? [Laas:03] ◦ Untrusted servers cannot replicate confidential content ✘ For Peter Szolovits January-April 2005 slide #22 Potential approaches • Proxy SSL Web server? [Laas:03] ◦ • Untrusted servers cannot replicate confidential content ✘ File encryption (e.g., PGP [Zimmermann:91]) ◦ Access controlled ◦ Not transparent ✘ ◦ Ciphertext linear in number of clients ✘ ◦ No incremental updates ✘ For Peter Szolovits January-April 2005 slide #22 Chefs approach extends SFSRO • Content encrypted for confidentiality [Swallow:81, Blaze:93, Waldman:00] ➜ • Efficient client eviction ➜ • Efficient key distribution ➜ For Peter Szolovits decentralized access control lazy revocation key regression January-April 2005 slide #23 Decentralized access control • Clients download content encrypted with content keys • Encrypted content tagged with lockbox • Open lockbox with the group key Content keys protect blocks Content ... A lockbox contains a content key Group key opens lockboxes For Peter Szolovits Content Database of encrypted content + name of group key January-April 2005 slide #24 Decentralized access control • Clients download content encrypted with content keys • Encrypted content tagged with lockbox • Open lockbox with the group key Content keys protect blocks Content ... A lockbox contains a content key Group key opens lockboxes For Peter Szolovits Content Database of encrypted content + name of group key January-April 2005 slide #24 Decentralized access control • Clients download content encrypted with content keys • Encrypted content tagged with lockbox • Open lockbox with the group key Content keys protect blocks Content ... A lockbox contains a content key Group key opens lockboxes For Peter Szolovits Content Database of encrypted content + name of group key January-April 2005 slide #24 Decentralized access control • Clients download content encrypted with content keys • Encrypted content tagged with lockbox • Open lockbox with the group key • No key distribution required to add new content! Content keys protect blocks Content ... A lockbox contains a content key Group key opens lockboxes For Peter Szolovits Content Database of encrypted content + name of group key January-April 2005 slide #24 Overview of Chefs Publisher untrusted server file system [CDN] untrusted server Client sfsrodb Browser RPM signing keygroup key SFS client untrusted server key distribution Chefs = SFSRO + access control For Peter Szolovits January-April 2005 slide #25 Costly approach to coping with eviction • Re-encrypt content after eviction • Distribute new key to remaining clients For Peter Szolovits January-April 2005 slide #26 Costly approach to coping with eviction Re-encrypt content after eviction • Distribute new key to remaining clients For Peter Szolovits January-April 2005 ➜ • Unnecessary slide #26 Chefs solution: lazy revocation • Guarantees evicted client cannot access new content • After eviction, generate a new key for future updates • Matches semantics of untrusted storage For Peter Szolovits January-April 2005 slide #27 Lazy revocation results in many keys For Peter Szolovits January-April 2005 slide #28 Lazy revocation results in many keys For Peter Szolovits January-April 2005 slide #28 Lazy revocation results in many keys For Peter Szolovits January-April 2005 slide #28 Lazy revocation results in many keys • How can a client coalesce group key versions? For Peter Szolovits January-April 2005 slide #28 Key regression: coping with many keys • Guarantees clients ◦ Can access old content ◦ Cannot yet access future content • Clients derive past keys from current key • Low-bandwidth publishers make new keys available For Peter Szolovits January-April 2005 slide #29 Downloading all the keys can be costly • • Searching encrypted content ◦ Client must perform search, not untrusted server ◦ Client downloads all encrypted recipes and keys Scenarios ◦ 60,000 membership events/year on Salon.com online journal ◦ Offline publisher For Peter Szolovits January-April 2005 slide #30 What does “secure” key regression mean? • Only clients can unwind keys ◦ • Only publisher can wind key forward ◦ • Ki = unwind(Ki+1 ) Ki+1 = wind(Ki ) Should behave like randomly selected keys For Peter Szolovits January-April 2005 slide #31 Simplest way to use key regression • Publisher initialization: ◦ Generate a random Kt−1 Publisher: Kt−1 For Peter Szolovits January-April 2005 slide #32 Simplest way to use key regression • Publisher initialization: ◦ Generate a random Kt−1 ◦ Compute K0 , . . . , Kt−2 by unwinding Publisher: Kt−1 For Peter Szolovits January-April 2005 slide #32 Simplest way to use key regression • Publisher initialization: ◦ Generate a random Kt−1 ◦ Compute K0 , . . . , Kt−2 by unwinding Publisher: U (Kt−1 ) Kt−2 ←−−−−− Kt−1 For Peter Szolovits January-April 2005 slide #32 Simplest way to use key regression • Publisher initialization: ◦ Generate a random Kt−1 ◦ Compute K0 , . . . , Kt−2 by unwinding Publisher: U (Kt−2 ) U (Kt−1 ) · · · ←−−−−− Kt−2 ←−−−−− Kt−1 For Peter Szolovits January-April 2005 slide #32 Simplest way to use key regression • Publisher initialization: ◦ Generate a random Kt−1 ◦ Compute K0 , . . . , Kt−2 by unwinding Publisher: U (K2 ) U (Kt−2 ) U (Kt−1 ) K1 ←−−−− · · · ←−−−−− Kt−2 ←−−−−− Kt−1 For Peter Szolovits January-April 2005 slide #32 Simplest way to use key regression • Publisher initialization: ◦ Generate a random Kt−1 ◦ Compute K0 , . . . , Kt−2 by unwinding Publisher: U (K1 ) U (K2 ) U (Kt−2 ) U (Kt−1 ) K0 ←−−−−K1 ←−−−− · · · ←−−−−− Kt−2 ←−−−−− Kt−1 For Peter Szolovits January-April 2005 slide #32 Simplest way to use key regression • Publisher initialization: ◦ Generate a random Kt−1 ◦ Compute K0 , . . . , Kt−2 by unwinding ◦ Distribute K0 to clients Publisher: U (K1 ) U (K2 ) U (Kt−2 ) U (Kt−1 ) K0 ←−−−−K1 ←−−−− · · · ←−−−−− Kt−2 ←−−−−− Kt−1 For Peter Szolovits January-April 2005 slide #32 Simplest way to use key regression • Publisher initialization: • Client joining at time i ◦ Generate a random Kt−1 ◦ Receive Ki from publisher ◦ Compute K0 , . . . , Kt−2 by unwinding ◦ To read content encrypted with Kj for j < i, unwind Ki ◦ Distribute K0 to clients Publisher: U (K1 ) U (K2 ) U (Kt−2 ) U (Kt−1 ) K0 ←−−−−K1 ←−−−− · · · ←−−−−− Kt−2 ←−−−−− Kt−1 Client: Ki For Peter Szolovits January-April 2005 slide #32 Simplest way to use key regression • Publisher initialization: • Client joining at time i ◦ Generate a random Kt−1 ◦ Receive Ki from publisher ◦ Compute K0 , . . . , Kt−2 by unwinding ◦ To read content encrypted with Kj for j < i, unwind Ki ◦ Distribute K0 to clients Publisher: U (K1 ) U (K2 ) U (Kt−2 ) U (Kt−1 ) K0 ←−−−−K1 ←−−−− · · · ←−−−−− Kt−2 ←−−−−− Kt−1 Client: U (Ki ) Ki−1 ←−−−− Ki For Peter Szolovits January-April 2005 slide #32 Simplest way to use key regression • Publisher initialization: • Client joining at time i ◦ Generate a random Kt−1 ◦ Receive Ki from publisher ◦ Compute K0 , . . . , Kt−2 by unwinding ◦ To read content encrypted with Kj for j < i, unwind Ki ◦ Distribute K0 to clients Publisher: U (K1 ) U (K2 ) U (Kt−2 ) U (Kt−1 ) K0 ←−−−−K1 ←−−−− · · · ←−−−−− Kt−2 ←−−−−− Kt−1 Client: U (Ki−1 ) U (Ki ) · · · ←−−−−− Ki−1 ←−−−− Ki For Peter Szolovits January-April 2005 slide #32 Simplest way to use key regression • Publisher initialization: • Client joining at time i ◦ Generate a random Kt−1 ◦ Receive Ki from publisher ◦ Compute K0 , . . . , Kt−2 by unwinding ◦ To read content encrypted with Kj for j < i, unwind Ki ◦ Distribute K0 to clients Publisher: U (K1 ) U (K2 ) U (Kt−2 ) U (Kt−1 ) K0 ←−−−−K1 ←−−−− · · · ←−−−−− Kt−2 ←−−−−− Kt−1 Client: U (Kj+1 ) U (Ki−1 ) U (Ki ) Kj ←−−−−− − · · · ←−−−−− Ki−1 ←−−−− Ki For Peter Szolovits January-April 2005 slide #32 Simplest way to use key regression • Publisher initialization: • Client joining at time i ◦ Generate a random Kt−1 ◦ Receive Ki from publisher ◦ Compute K0 , . . . , Kt−2 by unwinding ◦ To read content encrypted with Kj for j < i, unwind Ki ◦ Distribute K0 to clients ◦ Decrypt content with Kj Publisher: U (K1 ) U (K2 ) U (Kt−2 ) U (Kt−1 ) K0 ←−−−−K1 ←−−−− · · · ←−−−−− Kt−2 ←−−−−− Kt−1 Client: U (Kj+1 ) U (Ki−1 ) U (Ki ) Kj ←−−−−− − · · · ←−−−−− Ki−1 ←−−−− Ki For Peter Szolovits January-April 2005 slide #32 Key regression produces a key sequence Ki = H(Ki+1 ) H(K1 ) H(K2 ) H(Kt−1 ) K0 ←−−−− K1 ←−−−− · · · ←−−−−− Kt−1 group key sequence where H could be In practice: In theory: SHA-1 (·) hash function PRF F (·) in random oracle model [Lamport:81], [Anderson:97] For Peter Szolovits January-April 2005 slide #33 An extension to key regression • Dynamically grow a key sequence ◦ Sequence length not determined a priori ◦ Use a trapdoor pseudorandom permutation For Peter Szolovits January-April 2005 slide #34 RSA-based key regression: mechanics • Publisher winds keys forward to grow a sequence: Ki+1 = Kid mod N K0 • Client unwinds keys: Ki−1 = Kie mod N For Peter Szolovits January-April 2005 slide #35 RSA-based key regression: mechanics • Publisher winds keys forward to grow a sequence: Ki+1 = Kid mod N K0d mod N K0 −−−−−−→ K1 • Client unwinds keys: Ki−1 = Kie mod N For Peter Szolovits January-April 2005 slide #35 RSA-based key regression: mechanics • Publisher winds keys forward to grow a sequence: Ki+1 = Kid mod N K0d mod N K1d mod N K0 −−−−−−→ K1 −−−−−−→ · · · • Client unwinds keys: Ki−1 = Kie mod N For Peter Szolovits January-April 2005 slide #35 RSA-based key regression: mechanics • Publisher winds keys forward to grow a sequence: Ki+1 = Kid mod N K0d mod N K1d mod N d Kt−2 mod N K0 −−−−−−→ K1 −−−−−−→ · · · −−−−−−−→ Kt−1 • Client unwinds keys: Ki−1 = Kie mod N For Peter Szolovits January-April 2005 slide #35 RSA-based key regression: mechanics • Publisher winds keys forward to grow a sequence: Ki+1 = Kid mod N K0d mod N K1d mod N d Kt−2 mod N K0 −−−−−−→ K1 −−−−−−→ · · · −−−−−−−→ Kt−1 • Client unwinds keys: Ki−1 = Kie mod N Kt−1 For Peter Szolovits January-April 2005 slide #35 RSA-based key regression: mechanics • Publisher winds keys forward to grow a sequence: Ki+1 = Kid mod N K0d mod N d Kt−2 mod N K1d mod N K0 −−−−−−→ K1 −−−−−−→ · · · −−−−−−−→ Kt−1 • Client unwinds keys: Ki−1 = Kie mod N e Kt−1 mod N · · · ←−−−−−−− Kt−1 For Peter Szolovits January-April 2005 slide #35 RSA-based key regression: mechanics • Publisher winds keys forward to grow a sequence: Ki+1 = Kid mod N K0d mod N K1d mod N d Kt−2 mod N K2e mod N e Kt−1 mod N K0 −−−−−−→ K1 −−−−−−→ · · · −−−−−−−→ Kt−1 • Client unwinds keys: Ki−1 = Kie mod N ←−−−−−− · · · ←−−−−−−− Kt−1 For Peter Szolovits January-April 2005 slide #35 RSA-based key regression: mechanics • Publisher winds keys forward to grow a sequence: Ki+1 = Kid mod N K0d mod N K1d mod N d Kt−2 mod N K2e mod N e Kt−1 mod N K0 −−−−−−→ K1 −−−−−−→ · · · −−−−−−−→ Kt−1 • Client unwinds keys: Ki−1 = Kie mod N K1e mod N K0 ←−−−−−− K1 ←−−−−−− · · · ←−−−−−−− Kt−1 For Peter Szolovits January-April 2005 slide #35 Dynamically growing + efficient RSA-based upstairs K4 K9 K14 Ki [Micali:87] [Jakobsson:02] Hash-based downstairs For Peter Szolovits K3 K8 K13 Ki-1 K2 K7 K12 Ki-2 K1 K6 K11 Ki-3 K0 K5 K10 Ki-4 January-April 2005 slide #36 Implementation of Chefs = SFSRO + access control • Server remains unmodified • More sophisticated algorithm for incremental updates • ◦ Lazy revocation ◦ Database re-generation not idempotent Key regression based on SHA-1 ◦ Keys downloaded out-of-band ◦ Must extract pseudorandom keys from unpredictable keys For Peter Szolovits January-April 2005 slide #37 Performance evaluation For Peter Szolovits January-April 2005 slide #38 Performance evaluation • Throughput independent of a publisher’s local resources • Individual servers support many simultaneous clients • Acceptable latency for clients • Chefs performs equally to SFSRO, except for downloading keys For Peter Szolovits January-April 2005 slide #39 Execution time (seconds) SFSRO and Chefs are efficient despite cryptography 100 80 NFS SFSRO Chefs 60 40 20 0 dpkg emacs-compile 2.8GHz Pentium 4 machines, 100 Mbit network, 266 μsec round-trip For Peter Szolovits January-April 2005 slide #40 SFSRO and Chefs are efficient despite cryptography Read time (seconds) 4 3 NFS SFSRO Chefs 2 1 0 large-file small-file 2.8GHz Pentium 4 machines, 100 Mbit network, 266 μsec round-trip For Peter Szolovits January-April 2005 slide #40 Servers scale because no online crypto Server throughput (Mbyte/s) 10 8 6 4 2 0 1 10 100 Number of clients 550 MHz Pentium III machines, 100 Mbit (12.5 Mbyte/s) network For Peter Szolovits January-April 2005 slide #41 Wrap up For Peter Szolovits January-April 2005 slide #42 Related work • Secure file systems: Swallow [Reed:81], Cryptographic FS [Blaze:93], Byzantine FS [Castro:99], OceanStore [Kubi:00], Farsite [Adya:02], Untrusted data repositories (SUNDR) [Mazières:02], Venti [Quinlan:02], Snapdragon [Aguilera:03] • Content distribution networks: SHTTP [Rescorla:99], Consistent hashing [Karger:99], Publius [Waldman:2000], Cooperative FS [Dabek:01], Publish-Subscribe [Wang:02], Authentic data publication [Devanbu:02], BitTorrent [Cohen:03], CoDeeN [Pai:03], SSL splitting [Laas:03], XML access control [Miklau:03], Coral [Freedman:04] • Cryptography: One-time signatures [Lamport:79], One-time passwords [Lamport:81], Merkle trees [Merkle:79], Timestamping [Haber:91], Key escrow [Micali:92], Forward-secure encryption [Anderson:97,Bellare:99], Fractal hash sequence traversal [Jakobsson:02], Self-healing keys [Staddon:02], Related-key attacks [Bellare:03], group key distribution For Peter Szolovits January-April 2005 slide #43 Future work Past Present Future Untrusted Storage and File Systems Cepheus SFSRO Plutus [Masters'99] [OSDI'00,TOCS'02] [FAST'03] For Peter Szolovits January-April 2005 Key regression [any day now] slide #44 Future work Past Present Future Untrusted Storage and File Systems Email revocation Cepheus SFSRO Plutus REX [ACISP'97] [Masters'99] [OSDI'00,TOCS'02] [FAST'03] [USENIX'04] For Peter Szolovits January-April 2005 Key regression [any day now] slide #44 Future work Past Present Future Untrusted Storage and File Systems Email revocation Cepheus SFSRO Plutus REX [ACISP'97] [Masters'99] [OSDI'00,TOCS'02] [FAST'03] [USENIX'04] Key regression [any day now] Web authentication [USENIX Security '01, CACM Sept '01] For Peter Szolovits January-April 2005 slide #44 Future work Past Present Future Untrusted Storage and File Systems Email revocation Cepheus SFSRO Plutus REX [ACISP'97] [Masters'99] [OSDI'00,TOCS'02] [FAST'03] [USENIX'04] Key regression [any day now] Proxy Re-Encryption Web authentication [NDSS'05], [ePrint '05] [USENIX Security '01, CACM Sept '01] RFID Security [Reading signals] For Peter Szolovits January-April 2005 slide #44 Summary • • • Distributing public content ◦ Authenticity, integrity, freshness ◦ High throughput Access control of private content ◦ Efficient eviction ◦ Efficient key distribution Implementation and performance measurements For Peter Szolovits January-April 2005 slide #45 Summary SFSRO ◦ Authenticity, integrity, freshness ◦ High throughput Access control of private content Chefs ◦ Efficient eviction ➜ ◦ Efficient key distribution ➜ Lazy revocation Key regression Implementation and performance measurements ➜ • Distributing public content ➜ • ➜ • Works in practice X Linux For Peter Szolovits BSDs Mac OS X January-April 2005 slide #45 Bon Appetit Download SFSRO and Chefs. http://www.fs.net/ Questions? For Peter Szolovits January-April 2005 slide #46 Break in case of emergency Alert Dialog There are questions. What would you like to do? Answer Offline For Peter Szolovits Cancel January-April 2005 Answer slide #47 Key regression security For Peter Szolovits Real World Random World (K0, K1, K2, ..., Ki) ($, $, $, ..., $) January-April 2005 slide #48 Key regression security Real World Random World (K0, K1, K2, ..., Ki) ($, $, $, ..., $) Am I in the real or random world? • Distinguish randomly generated sequence from key regression sequence? • [Bellare:99, Bellare:03] For Peter Szolovits January-April 2005 slide #48 Represents a natural notion of security • • Why distinguishability instead of key recovery? ◦ Captures notion of partial information ◦ Only publisher can wind (unpredictable) ◦ Only clients can unwind (pseudorandom) But are the hash-based and RSA-based schemes secure? For Peter Szolovits January-April 2005 slide #49 Keys must be unpredictable AND pseudorandom • Hash-based scheme easily distinguishable ◦ Given challenge, attempt to unwind ◦ Check whether past keys match For Peter Szolovits January-April 2005 slide #50 Keys must be unpredictable AND pseudorandom • • Hash-based scheme easily distinguishable ◦ Given challenge, attempt to unwind ◦ Check whether past keys match RSA-based scheme easily distinguishable ◦ What if e = 3 ◦ Guess N by looking at the size of keys ◦ Check if unwinding works with (e = 3, N ) For Peter Szolovits January-April 2005 slide #50 Solution: extract pseudorandomness • Publisher winds intermediate keys: κi+1 = κdi mod N κd0 mod N κd1 mod N κdt−2 mod N κ0 −−−−−−→ κ1 −−−−−−→ · · · −−−−−−−→ κt−1 For Peter Szolovits January-April 2005 slide #51 Solution: extract pseudorandomness • Publisher winds intermediate keys: κi+1 = κdi mod N κd0 mod N κd1 mod N κdt−2 mod N κ0 −−−−−−→ κ1 −−−−−−→ · · · −−−−−−−→ κt−1 • Client unwinds intermediate keys: κi−1 = κei mod N κe1 mod N κe2 mod N κet−1 mod N κ0 ←−−−−−− κ1 ←−−−−−− · · · ←−−−−−−− κt−1 For Peter Szolovits January-April 2005 slide #51 Solution: extract pseudorandomness • Publisher winds intermediate keys: κi+1 = κdi mod N κd0 mod N κd1 mod N κdt−2 mod N κ0 −−−−−−→ κ1 −−−−−−→ · · · −−−−−−−→ κt−1 • Client unwinds intermediate keys: κi−1 = κei mod N κe1 mod N κe2 mod N κet−1 mod N κ0 ←−−−−−− κ1 ←−−−−−− · · · ←−−−−−−− κt−1 • Extract pseudorandom Ki from unpredictable κi ◦ Using a one-way function: Ki = F (κi ) For Peter Szolovits January-April 2005 slide #51 Security of key regression with extractor k0 For Peter Szolovits Wind Unwind k1 Wind Unwind k2 January-April 2005 slide #52 Security of key regression with extractor Extract Unwind k2 Extract Unwind k1 Wind Extract k0 Wind K0 K1 K2 For Peter Szolovits January-April 2005 slide #52 Security of key regression with extractor • Extract Unwind k2 Extract Unwind k1 Wind Extract k0 Wind K0 K1 K2 Adversary queries oracle for keys For Peter Szolovits January-April 2005 slide #52 Security of key regression with extractor • Extract Unwind k2 Extract Unwind k1 Wind Extract k0 Wind K0 K1 K2 Adversary queries oracle for keys For Peter Szolovits January-April 2005 slide #52 Security of key regression with extractor • Extract Unwind k2 Extract Unwind k1 Wind Extract k0 Wind K0 K1 K2 Adversary queries oracle for keys For Peter Szolovits January-April 2005 slide #52 Security of key regression with extractor Extract Unwind k2 Extract Unwind k1 Wind Extract k0 Wind K0 K1 K2 • Adversary queries oracle for keys • Adversary queries oracle for intermediate keys For Peter Szolovits January-April 2005 slide #52 Security of key regression with extractor Extract Unwind k2 Extract Unwind k1 Wind Extract k0 Wind K0 K1 K2 • Adversary queries oracle for keys • Adversary queries oracle for intermediate keys For Peter Szolovits January-April 2005 slide #52 Security of key regression with extractor Extract Unwind k2 Extract Unwind k1 Wind Extract k0 Wind K0 K1 K2 • Adversary queries oracle for keys • Adversary queries oracle for intermediate keys For Peter Szolovits January-April 2005 slide #52 Security of key regression with extractor Extract ki Extract Unwind k2 Extract Unwind k1 Wind Extract k0 Wind K0 K1 K2 Ki • Adversary queries oracle for keys • Adversary queries oracle for intermediate keys • Adversary receives real or random challenge For Peter Szolovits January-April 2005 slide #52 Security of key regression with extractor Extract ki Extract Unwind k2 Extract Unwind k1 Wind Extract k0 Wind K0 K1 K2 K$i • Adversary queries oracle for keys • Adversary queries oracle for intermediate keys • Adversary receives real or random challenge • Notion works for arbitrary constructions For Peter Szolovits January-April 2005 slide #52 Emergency Slide: Hash collisions • • Collision resistance (find any two inputs) ◦ Brute force 280 ◦ Wang, Yin, Yu attack (269 ) ◦ 269 bytes ≡ 524,288 Pbytes 2nd pre-image resistance (find a second input) ◦ Brute force 2159 ◦ Kesley, Schneier 2106 for particular messages For Peter Szolovits January-April 2005 slide #53 Emergency Slide: Economics • Incentives • How to collect payments • Fair sharing For Peter Szolovits January-April 2005 slide #54 Emergency Slide: Applications • • Public content ◦ Certificate authorities ◦ Software distribution Private content ◦ Subscriptions ◦ Time-delayed release For Peter Szolovits January-April 2005 slide #55 Emergency Slide: SFSRO protocol • CONNECT () – Initiate SFSRO protocol • GETFSINFO () – Get signed hash of root directory • GETDATA (hash) – Get block with hash value • All data interpreted entirely by client ◦ Server need know nothing about file system structure ◦ Makes server fast and simple (< 400 lines of code) For Peter Szolovits January-April 2005 slide #56 Emergency Slide: SHA-1 broken! • Move cautiously to SHA-256 or others • Rely on different type of collision resistance For Peter Szolovits January-April 2005 slide #57 Emergency Slide: Broadcast encryption • Modified Naor-Pinkas non-interactive key distribution • Ki = g ri P (0) • New this year: Boneh/Waters ePrint manuscript • Communication vs. storage (lazy revocation) • Broadcast imposes constraints on the key ➜ For Peter Szolovits secret sharing in the exponent January-April 2005 slide #58 Emergency Slide: Forward security • Forward-secure encryption (signatures...) • Key regression differences ◦ Opposite of FSE + trapdoor ◦ Adversary can ask oracle for future keys ◦ Adversary can ask for intermediate keys ◦ Secure enough for chosen-plaintext attack with XOR ◦ Equivalency of key regression and FSE For Peter Szolovits January-April 2005 slide #59 Emergency Slide: Incremental replication • • Servers need transfer only modified data ◦ Traverse file system w/ SFSRO protocol ◦ Stores all hashes/values encountered in new database ◦ Avoids re-transferring any hashes already in old database ◦ Unchanged directories automatically pruned from transfer Makes short signature durations practical For Peter Szolovits January-April 2005 slide #60 Emergency Slide: Evicted clients? • Easy to distinguish worlds • Given a key sequence, run unwind • If previous key matches, we are using real key regression For Peter Szolovits January-April 2005 slide #61 Emergency Slide: Limit unwinding • Line segment rather than ray of keys • Double hash chain method • Join-leave-join For Peter Szolovits January-April 2005 slide #62
