@inproceedings{19,
  abstract     = {{Version Control Systems (VCS) are a valuable tool for software development
and document management. Both client/server and distributed (Peer-to-Peer)
models exist, with the latter (e.g., Git and Mercurial) becoming
increasingly popular. Their distributed nature introduces complications,
especially concerning security: it is hard to control the dissemination of
contents stored in distributed VCS as they rely on replication of complete
repositories to any involved user.

We overcome this issue by designing and implementing a concept for
cryptography-enforced access control which is transparent to the user. Use
of field-tested schemes (end-to-end encryption, digital signatures) allows
for strong security, while adoption of convergent encryption and
content-defined chunking retains storage efficiency. The concept is
seamlessly integrated into Mercurial---respecting its distributed storage
concept---to ensure practical usability and compatibility to existing
deployments.}},
  author       = {{Lass, Michael and Leibenger, Dominik and Sorge, Christoph}},
  booktitle    = {{Proc. 41st Conference on Local Computer Networks (LCN)}},
  isbn         = {{978-1-5090-2054-6}},
  keywords     = {{access control, distributed version control systems, mercurial, peer-to-peer, convergent encryption, confidentiality, authenticity}},
  publisher    = {{IEEE}},
  title        = {{{Confidentiality and Authenticity for Distributed Version Control Systems - A Mercurial Extension}}},
  doi          = {{10.1109/lcn.2016.11}},
  year         = {{2016}},
}