@inproceedings{19, abstract = {{Version Control Systems (VCS) are a valuable tool for software development and document management. Both client/server and distributed (Peer-to-Peer) models exist, with the latter (e.g., Git and Mercurial) becoming increasingly popular. Their distributed nature introduces complications, especially concerning security: it is hard to control the dissemination of contents stored in distributed VCS as they rely on replication of complete repositories to any involved user. We overcome this issue by designing and implementing a concept for cryptography-enforced access control which is transparent to the user. Use of field-tested schemes (end-to-end encryption, digital signatures) allows for strong security, while adoption of convergent encryption and content-defined chunking retains storage efficiency. The concept is seamlessly integrated into Mercurial---respecting its distributed storage concept---to ensure practical usability and compatibility to existing deployments.}}, author = {{Lass, Michael and Leibenger, Dominik and Sorge, Christoph}}, booktitle = {{Proc. 41st Conference on Local Computer Networks (LCN)}}, isbn = {{978-1-5090-2054-6}}, keywords = {{access control, distributed version control systems, mercurial, peer-to-peer, convergent encryption, confidentiality, authenticity}}, publisher = {{IEEE}}, title = {{{Confidentiality and Authenticity for Distributed Version Control Systems - A Mercurial Extension}}}, doi = {{10.1109/lcn.2016.11}}, year = {{2016}}, }