Vanish Gives Your Message An Expiration Date

(Windows/Mac/Linux): Encrypting a message is an excellent way to protect it from prying eyes. What if you want to protect it against prying eyes and make it disappear? Expiring-message service Vanish can help.

Alarmed by trends in US case law where individuals were forced to give up their encryption keys and by the brutality of regimes abroad that did the same in less tactful ways, the creators of Vanish wanted to create a method of encryption where your encrypted data expired and could in no way be retrieved.

We created "self-destructing data" to try to address this problem. Our prototype system, called Vanish, shares some properties with existing encryption systems like PGP, but there are also some major differences.

First, someone using Vanish to "encrypt/encapsulate" information, like an email, never learns the encryption key. Second, there is a pre-specified timeout associated with each encrypted/encapsulated messages.

Prior to the timeout, anyone can read the encrypted/encapsulated message. After the timeout, no one can read that message, because the encryption key is lost due to a set of both natural and programmed processes. It is therefore impossible for anyone to decrypt/decapsulate that email after the timer expires.

How do they achieve this guaranteed destruction? The key that is generated each time you create a unique Vanish message is shared across Bittorrent networks—unlinked in anyway to your identity—and temporarily stored in a distributed hash table. By the nature of the Bittorrent network your key can exist in increments of 8 hours depending on how long you want the Vanish servers to keep your message alive.

Once your message reaches the expiration date the number of users in the Bittorrent network carrying the necessary parts of your key begins to degrade and your message essentially disintegrates. You can never decrypt the message or be compelled to share the key because no key even exists. Check out the following video for an overview.

Vanish is available as a web-based demo, but they recommend you download the Java-based Vanish System for a more powerful and customisable experience—you can increase the size of your key and tweak other settings with the download. The Firefox plugin makes it easy to quickly create Vanish-encrypted messages for web-based email and other online services. Vanish is an open-source and free project available for Windows, Mac, and Linux.

Vanish: Self-Destructing Digital Data [via MakeUseOf]


Be the first to comment on this story!