CS298 Proposal
Incorporating Privacy and Security Features in an Open Source Search Engine - Yioop
Akash(akash3664@yahoo.com)
Advisor: Dr. Chris Pollett
Committee Members: Dr. Sami Khuri and Dr. Chris Tseng
Abstract:
The objective of this project is to add two new modules to the Yioop, PHP based search engine. The first module will allow a user to suggest links for a query. On the search result page, there would be a link to submit the relevant links. The major challenge in this module is to prevent a spam submission of the relevant link by any user or machine. We are planning to implement a hash based proof of work algorithm to prevent duplicate submissions. Bitcoin also uses the same algorithm in an authorization process of a transaction. The second module is to implement a zero knowledge authentication protocol. This protocol will allow user to prove its identity without revealing password to a server. Neither a password nor a hash of a password would be transmitted over a network.
CS297 Results:
-
Wrote a PFS checker PHP script to prove that a Yioop supports the Perfect Forward Secrecy.
-
Implemented the code to crawl the Tor network in a Yioop
-
Implemented a proxy link feature in Yioop
-
Understood the concept of zero knowledge proof.
Schedule:
Week 1:
(Jan/21-Jan/28) | Deliverable# 1: CS298 proposal. Discuss various aspects of project with advisor |
Week 2:
(Jan/29-Feb/04) | Deliverable# 2: PPT on Hashcash proof of work |
Week 3,4,5:
(Feb/05-Feb/25) | Deliverable# 3: Hashcash java script code |
Week 6,7,8:
(Feb/26-Mar/18) | Deliverable# 4: Server side implementation of Hashcash algorithm |
Week 11,12:
(Mar/19-Apr/15) | Deliverable# 5: Server side scripts of zero knowledge authentication |
Week 13,14
(Apr/16-Apr/29) | Deliverable# 6: Client side scripts of zero knowledge authentication |
Week 15:
(Apr/30-May/6) | First Draft of the CS298 Report |
Week 16:
(May/07-May/13) | Deliverable# 7: Final Draft of the CS298Report. Submitted to committee members |
Week 17:
(May/14-May/21) | Defense |
Deliverables:
-
Software
- New functionality of a suggest the links for a query
- Implementation of the hash based algorithm to prevent spam submissions of links for the module suggest the links
- Implementation of the zero knowledge proof authentication framework
-
Report
- CS298 Report
- Project code and test result documentation
Innovations and Challenges:
- Implementation of the hash based algorithm to prevent spam submission for the module suggest the links. The challenging task will be to write the client side java script to calculate the SHA-256 hashes and server side PHP script for this module
- Implementation of a zero knowledge authentication framework. This module consists of implementation of the sigma protocol.
References:
1. Technical Paper: An Analysis of the Bitcoin Electronic Cash System by Danielle Drainville - University of Waterloo
2. Technical Paper: Implementing Zero-Knowledge Authentication with Zero Knowledge (ZKA_wzk) by Lum Jia Jun, Brandon - Temasek Polytechnic
3. Technical Paper: How to Explain Zero-Knowledge Protocols to Your Children.
Advances in Cryptology - CRYPTO '89, 9th Annual International Cryptology Conference, Santa Barbara, California, USA, August 20-24, 1989, Proceedings |