EphCOM: Practical Ephemeral Communications (How to implement ephemeral data with only primary Internet services)

The Internet never forgets and data lingers virtually forever. Private data created by users is frequently disseminated around the Internet and users often lose the control and ownership of their contents. This increasing diffusion of private data over the Internet motivates the need for ephemeral data, i.e. time-bounded data that cannot be accessed after a userspecified expiration time. This paper explores and formalizes the concept of Ephemeral Data Systems, systems that prevent an adversary from accessing expired contents. We present EphCOM, a practical Ephemeral Data System that supports ephemeral data using only a primary Internet service, namely the Domain Name Service (DNS). Our proposal leverages DNS servers caching mechanisms. EphCOM does not rely on any Trusted Platform Modules (TPM), peer-to-peer networks, or centralized servers, and is transparent to existing applications and services. It allows users to closely control data lifetime. We analyze its security and show, through extensive and large-scale experiments, that EphCOM yields an efficient, secure, and practical Ephemeral Data System. In particular, we show that the extra load generated on the DNS infrastructure is negligible. Finally, we provide as proof of concept a stand-alone Firefox extension that provides ephemeral email capabilities and a command line tool for ephemeral files.