Lavinia: An Audit-Payment Protocol for Censorship-Resistant Storage

  • Cecylia BocovichEmail author
  • John A. Doucette
  • Ian Goldberg
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10322)


As distributed storage systems grow in popularity, there is now a demand for a reliable incentive and payment system to guarantee and reward the pristine storage of documents. However, many existing proof-of-retrieval and micropayment protocols are not secure in a censorship resistance setting, in which powerful adversaries may infiltrate a system or coerce the original publisher to remove content. Additionally, most existing censorship resistance systems lack a rigorous game-theoretic analysis. We propose Lavinia, an audit and payment protocol for censorship-resistant storage. Lavinia incentivizes document availability by providing micropayments to participating servers in exchange for honestly storing and serving content. Our protocol enables the implementation of a digital printing press as described in Anderson’s Eternity Service: allowing the publisher, as opposed to public interest or an appointed editorial board, to decide whether a document is worth storing, and for how long. In addition to proving the security of our protocol, we provide an in-depth game-theoretic analysis and show that self-interested participants of our system will faithfully implement the desired behaviour and continue to store documents until their expiration date.


Censorship resistance Distributed storage Economic incentives Payment contracts 



We thank the anonymous reviewers for helping us to improve this work. We thank NSERC for grant STPGP-463324.


  1. 1.
  2. 2.
    Anderson, R.: The eternity service. In: Pragocrypt 1996, pp. 242–252 (1996)Google Scholar
  3. 3.
    Anthony, S.: GitHub Battles “Largest DDoS” in Site’s History, Targeted at Anti-Censorship Tools. Ars Technica, 30 March 2015. Accessed June 2016
  4. 4.
    Awerbuch, B., Scheideler, C.: Towards a scalable and robust DHT. In: Proceedings of the Eighteenth Annual ACM Symposium on Parallelism in Algorithms and Architectures, SPAA 2006, pp. 318–327. ACM, New York (2006)Google Scholar
  5. 5.
    Ben Sasson, E., Chiesa, A., Garman, C., Green, M., Miers, I., Tromer, E., Virza, M.: Zerocash: decentralized anonymous payments from Bitcoin. In: 2014 IEEE Symposium on Security and Privacy (SP), pp. 459–474, May 2014Google Scholar
  6. 6.
    Bocovich, C., Doucette, J.A., Goldberg, I.: Lavinia: Censorship-Resistant Publishing with Incentives (2017).
  7. 7.
    Castro, M., Druschel, P., Ganesh, A., Rowstron, A., Wallach, D.S.: Secure routing for structured peer-to-peer overlay networks. SIGOPS Oper. Syst. Rev. 36(SI), 299–314 (2002)CrossRefGoogle Scholar
  8. 8.
    Clarke, I., Sandberg, O., Toseland, M., Verendel, V.: Private Communication Through a Network of Trusted Connections: The Dark Freenet (2010).
  9. 9.
    Clarke, I., Sandberg, O., Wiley, B., Hong, T.W.: Freenet: a distributed anonymous information storage and retrieval system. In: Federrath, H. (ed.) Designing Privacy Enhancing Technologies. LNCS, vol. 2009, pp. 46–66. Springer, Heidelberg (2001). CrossRefGoogle Scholar
  10. 10.
    Dai, X., Chaudhary, K., Grundy, J.: Comparing and contrasting micro-payment models for content sharing in P2P networks. In: Third International IEEE Conference on Signal-Image Technologies and Internet-Based System, pp. 347–354. IEEE (2007)Google Scholar
  11. 11.
    Dingledine, R., Freedman, M.J., Molnar, D.: The free haven project: distributed anonymous storage service. In: Federrath, H. (ed.) Designing Privacy Enhancing Technologies. LNCS, vol. 2009, pp. 67–95. Springer, Heidelberg (2001). CrossRefGoogle Scholar
  12. 12.
    Douceur, J.R.: The sybil attack. In: Druschel, P., Kaashoek, F., Rowstron, A. (eds.) IPTPS 2002. LNCS, vol. 2429, pp. 251–260. Springer, Heidelberg (2002). CrossRefGoogle Scholar
  13. 13.
    Eisenstein, E.L.: The Printing Press as an Agent of Change, vol. 1. Cambridge University Press, Cambridge (1980)CrossRefGoogle Scholar
  14. 14.
    Eyal, I., Sirer, E.G.: Majority is not enough: bitcoin mining is vulnerable. In: Christin, N., Safavi-Naini, R. (eds.) FC 2014. LNCS, vol. 8437, pp. 436–454. Springer, Heidelberg (2014). Google Scholar
  15. 15.
    Gramaglia, M., Urueña, M., Martinez-Yelmo, I.: Off-line incentive mechanism for long-term P2P backup storage. Comput. Commun. 35(12), 1516–1526 (2012)CrossRefGoogle Scholar
  16. 16.
    Hern, A.: Missing: Hard Drive Containing Bitcoins Worth £4m in Newport Landfill Site. The Guardian (2013)Google Scholar
  17. 17.
    Massey, W.A., Parker, G.A., Whitt, W.: Estimating the parameters of a nonhomogeneous poisson process with linear rate. Telecommun. Syst. 5(2), 361–388 (1996)CrossRefGoogle Scholar
  18. 18.
    Maymounkov, P., Mazières, D.: Kademlia: a peer-to-peer information system based on the XOR metric. In: Druschel, P., Kaashoek, F., Rowstron, A. (eds.) IPTPS 2002. LNCS, vol. 2429, pp. 53–65. Springer, Heidelberg (2002). CrossRefGoogle Scholar
  19. 19.
    Nakamoto, S.: Bitcoin: A Peer-to-Peer Electronic Cash System (2008). Accessed June 2016
  20. 20.
    Oualha, N., Roudier, Y.: Securing P2P storage with a self-organizing payment scheme. In: Garcia-Alfaro, J., Navarro-Arribas, G., Cavalli, A., Leneutre, J. (eds.) DPM/SETOP 2010. LNCS, vol. 6514, pp. 155–169. Springer, Heidelberg (2011). CrossRefGoogle Scholar
  21. 21.
    Rowstron, A., Druschel, P.: Pastry: scalable, decentralized object location, and routing for large-scale peer-to-peer systems. In: Guerraoui, R. (ed.) Middleware 2001. LNCS, vol. 2218, pp. 329–350. Springer, Heidelberg (2001). CrossRefGoogle Scholar
  22. 22.
    Seuken, S., Charles, D., Chickering, M., Puri, S.: Market design & analysis for a P2P backup system. In: Proceedings of the 11th ACM Conference on Electronic Commerce, pp. 97–108. ACM (2010)Google Scholar
  23. 23.
    Shamir, A.: How to share a secret. Commun. ACM 22(11), 612–613 (1979)MathSciNetCrossRefzbMATHGoogle Scholar
  24. 24.
    Singh, A., Ngan, T.-W., Druschel, P., Wallach, D.: Eclipse attacks on overlay networks: threats and defenses. In: Proceedings of the 25th IEEE International Conference on Computer Communications, INFOCOM 2006, pp. 1–12, April 2006Google Scholar
  25. 25.
    Stoica, I., Morris, R., Karger, D., Kaashoek, M.F., Balakrishnan, H.: Chord: a scalable peer-to-peer lookup service for internet applications. In: Proceedings of the 2001 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications, SIGCOMM 2001, pp. 149–160. ACM, New York (2001)Google Scholar
  26. 26.
    Stubblefield, A., Wallach, D.S.: Dagster: censorship-resistant publishing without replication. Technical report TR01-380, Houston, TX, USA (2001)Google Scholar
  27. 27.
    Thompson, D.R., Lev, O., Leyton-Brown, K., Rosenschein, J.: Empirical analysis of plurality election equilibria. In: Proceedings of the 2013 International Conference on Autonomous Agents and Multi-Agent Systems, pp. 391–398 (2013)Google Scholar
  28. 28.
    Urban, J.M., Quilter, L.: Efficient process or chilling effects—takedown notices under section 512 of the digital millennium copyright act. Santa Clara Comput. High Tech. L J. 22, 621 (2005)Google Scholar
  29. 29.
    Vasserman, E.Y., Heorhiadi, V., Hopper, N., Kim, Y.: One-way indexing for plausible deniability in censorship resistant storage. In: 2nd USENIX Workshop on Free and Open Communications on the Internet. USENIX (2012)Google Scholar
  30. 30.
    Waldman, M., Mazieres, D.: Tangler: a censorship-resistant publishing system based on document entanglements. In: Proceedings of the 8th ACM Conference on Computer and Communications Security, pp. 126–135. ACM (2001)Google Scholar
  31. 31.
    Winter, P., Lindskog, S.: How the great firewall of China is blocking tor. In: Proceedings of the 2nd USENIX Workshop on Free and Open Communications on the Internet (2012)Google Scholar

Copyright information

© International Financial Cryptography Association 2017

Authors and Affiliations

  • Cecylia Bocovich
    • 1
    Email author
  • John A. Doucette
    • 2
  • Ian Goldberg
    • 1
  1. 1.University of WaterlooWaterlooCanada
  2. 2.New College of FloridaSarasotaUSA

Personalised recommendations