Chris Pollett > Students > Akash

    (Print View)

    [Bio]

    [Project Blog]

    [CS297_Proposal]

    [PFS_Presentation - PDF]

    [PFS_Checker(PHP Script)]

    [Tor_HiddenService - PDF]

    [Tor_Network - PDF]

    [Zero_Knowledge_Proof - PDF]

    [Tor - Yioop Patch]

    [CS297_Report - PDF]

    [CS298_Proposal]

    [CS298_Presentation - PDF]

    [CS298_Report - PDF]

                          

























CS298 Proposal

Incorporating Privacy and Security Features in an Open Source Search Engine - Yioop

Akash(akash3664@yahoo.com)

Advisor: Dr. Chris Pollett

Committee Members: Dr. Sami Khuri and Dr. Chris Tseng

Abstract:

The objective of this project is to add two new modules to the Yioop, PHP based search engine. The first module will allow a user to suggest links for a query. On the search result page, there would be a link to submit the relevant links. The major challenge in this module is to prevent a spam submission of the relevant link by any user or machine. We are planning to implement a hash based proof of work algorithm to prevent duplicate submissions. Bitcoin also uses the same algorithm in an authorization process of a transaction. The second module is to implement a zero knowledge authentication protocol. This protocol will allow user to prove its identity without revealing password to a server. Neither a password nor a hash of a password would be transmitted over a network.

CS297 Results:
  • Wrote a PFS checker PHP script to prove that a Yioop supports the Perfect Forward Secrecy.
  • Implemented the code to crawl the Tor network in a Yioop
  • Implemented a proxy link feature in Yioop
  • Understood the concept of zero knowledge proof.
Schedule:

Week 1: (Jan/21-Jan/28)Deliverable# 1: CS298 proposal. Discuss various aspects of project with advisor
Week 2: (Jan/29-Feb/04)Deliverable# 2: PPT on Hashcash proof of work
Week 3,4,5: (Feb/05-Feb/25)Deliverable# 3: Hashcash java script code
Week 6,7,8: (Feb/26-Mar/18)Deliverable# 4: Server side implementation of Hashcash algorithm
Week 11,12: (Mar/19-Apr/15)Deliverable# 5: Server side scripts of zero knowledge authentication
Week 13,14 (Apr/16-Apr/29)Deliverable# 6: Client side scripts of zero knowledge authentication
Week 15: (Apr/30-May/6)First Draft of the CS298 Report
Week 16: (May/07-May/13)Deliverable# 7: Final Draft of the CS298Report. Submitted to committee members
Week 17: (May/14-May/21)Defense

Deliverables:

  • Software
    • New functionality of a suggest the links for a query
    • Implementation of the hash based algorithm to prevent spam submissions of links for the module suggest the links
    • Implementation of the zero knowledge proof authentication framework
  • Report
    • CS298 Report
    • Project code and test result documentation

Innovations and Challenges:

  • Implementation of the hash based algorithm to prevent spam submission for the module suggest the links. The challenging task will be to write the client side java script to calculate the SHA-256 hashes and server side PHP script for this module
  • Implementation of a zero knowledge authentication framework. This module consists of implementation of the sigma protocol.

References:

1. Technical Paper: An Analysis of the Bitcoin Electronic Cash System by Danielle Drainville - University of Waterloo

2. Technical Paper: Implementing Zero-Knowledge Authentication with Zero Knowledge (ZKA_wzk) by Lum Jia Jun, Brandon - Temasek Polytechnic

3. Technical Paper: How to Explain Zero-Knowledge Protocols to Your Children. Advances in Cryptology - CRYPTO '89, 9th Annual International Cryptology Conference, Santa Barbara, California, USA, August 20-24, 1989, Proceedings