Nitesh Saxena
Gene Tsudik
ABSTRACT
Peer-to-Peer (P2P) applications and services are very common in today's computing. The popularity of the P2P paradigm prompts the need for specialized security services which makes P2P security an important and challenging research topic. Most prior work in P2P security focused on authentication, key management and secure communication. However, an important pre-requisite for many P2P security services is secure admission, or how one becomes a peer in a P2P setting. This issue has been heretofore largely untouched.This paper builds upon some recent work [11] which constructed a peer group admission control framework based on different policies and corresponding cryptographic techniques. Our central goal is to assess the practicality of these techniques. To this end, we construct and evaluate concrete P2P admission mechanisms based on various cryptographic techniques. Although our analysis focuses primarily on performance, we also consider other important features, such as: anonymity, unlinkability and accountability. Among other things, our experimental results demonstrate that, unfortunately, advanced cryptographic constructs (such as verifiable threshold signatures) are not yet ready for prime time.
- D. Agarwal, L. E. Moser, P. M. Melliar-Smith, and R. K. Budhia. The totem multiple-ring ordering and topology maintenance protocol. ACM Transactions on Computer Systems, 16(2):93--132, May 1998.]] Google Scholar
Digital Library
- J. Benaloh. Veriable Secret-Ballot Elections, Yale University PhD thesis. YALEU/DCS/TR-561, 1987.]] Google ScholarDigital Library
- I. Clarke, O. Sandberg, B. Wiley, and T. W. Hong. Freenet: A distributed anonymous information storage and retrieval system. In ICSI Workshop on Design Issues in Anonymity and Unobservability, July 2000.]] Google ScholarDigital Library
- R. Cramer, R. Gennaro, and B. Schoenmakers. A secure and optimally efficient multi-authority election scheme. In Theory and Application of Cryptographic Techniques, pages 103--118, 1997.]]Google ScholarCross Ref
- J. R. Douceur. The sybil attack. In International Workshop on Peer-to-Peer Systems (IPTPS'02), March 2002.]] Google ScholarDigital Library
- R. Gennaro, S. Jarecki, H. Krawczyk, and T. Rabin. Robust Threshold DSS Signatures. In U. Maurer, editor, EUROCRYPT '96, number 1070 in LNCS, pages 354--371. IACR, 1996.]]Google Scholar
- Gnut v0.4.21 source code, http: //schnarff.com/gnutelladev/source/gnut.]]Google Scholar
- E. Gray, P. O'Connell, C. D. Jensen, S. Weber, J. M. Seigneur, and Y. Chen. Towards a Framework for Assessing Trust-Based Admission Control in Collaborative Ad Hoc Applications. Technical Report TCD-CS-2002-66, Trinity College Dublin, 2002.]]Google Scholar
- R. Housley, W. Polk, W. Ford, and D. Solo. Internet X. 509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile. RFC 3280, IETF, Apr. 2002.]] Google ScholarDigital Library
- C. Kaufman, R. Perlman, and M. Speciner. Network Security: Private Communication in a Public World (2/e). Prentice-Hall. 2002. ISBN 0-13-046019-2.]] Google ScholarDigital Library
- Y. Kim, D. Mazzocchi, and G. Tsudik. Admission control in peer groups. In IEEE International Symposium on Network Computing and Applications (NCA), Apr. 2003.]] Google ScholarDigital Library
- J. Kong, H. Luo, K. Xu, D. L. Gu, M. Gerla, and S. Lu. Adaptive Security for Multi-level Ad-hoc Networks. In Journal of Wireless Communications and Mobile Computing (WCMC), volume 2, pages 533--547, 2002.]]Google Scholar
- J. Kong, P. Zerfos, H. Luo, S. Lu, and L. Zhang. Providing robust and ubiquitous security support for MANET. In IEEE 9th International Conference on Network Protocols (ICNP), 2001.]] Google ScholarDigital Library
- H. Luo, P. Zerfos, J. Kong, S. Lu, and L. Zhang. Self-securing Ad Hoc Wireless Networks. In Seventh IEEE Symposium on Computers and Communications (ISCC '02), 2002.]] Google ScholarDigital Library
- P. McDaniel, A. Prakash, and P. Honeyman. Antigone: A flexible framework for secure group communication. In 8th USENIX Security Symposium, pages 99--114. USENIX, Aug. 1999.]] Google ScholarDigital Library
- M. Narasimha, G. Tsudik, and J. H. Yi. On the Utility of Distributed Cryptography in P2P and MANETs: the Case of Membership Control. In IEEE 11th International Conference on Network Protocols (ICNP), 2003 (To appear).]] Google ScholarDigital Library
- K. Ohta, S. Micali, and L. Reyzin. Accountable-subgroup multisignatures. In ACM Conference on Computer and Communications Security, pages 245--254, November 2001.]] Google ScholarDigital Library
- T. Okamoto. Receipt-free electronic voting schemes for large scale elections. In Security Protocols Workshop, pages 25--35, 1997.]] Google ScholarDigital Library
- OpenSSL Project, http://www.openssl.org/.]]Google Scholar
- T. P. Pedersen. A threshold cryptosystem without a trusted party. In D. Davies, editor, EUROCRYPT '91, number 547 in LNCS, pages 552--526. IACR, 1991.]]Google Scholar
- Peer Group Admission Control Project, http://sconce.ics.uci.edu/gac.]]Google Scholar
- P. Feldman. A practical scheme for non-interactive verifiable secret sharing. In 28th Symposium on Foundations of Computer Science (FOCS), pages 427--437, 1987.]]Google ScholarDigital Library
- PKCS #7: Cryptographic Message Syntax Standard, http://www.rsasecurity.com/rsalabs/pkcs/ pkcs-7/index.html.]]Google Scholar
- S. Ratnasamy, P. Francis, M. Handley, R. Karp, and S. Shenker. A scalable content-addressable network. In Proceedings of ACM SIGCOMM '01, pages 161--172, August 2001.]] Google ScholarDigital Library
- R. V. Renesse, K. Birman, and S. Maffeis. Horus: A flexible group communication system. Communications of the ACM, 39(4):76--83, April 1996.]] Google ScholarDigital Library
- A. Rowstron and P. Druschel. Pastry: Scalable, distributed object location and routing for large-scale peer-to-peer systems. In Proceedings of the 18th IFIP/ACM International Conference on Distributed Systems Platforms, November 2001.]] Google ScholarDigital Library
- C. P. Schnorr. Efficient signature generation by smart cards. Journal of Cryptology, 4(3):161--174, 1991.]]Google ScholarDigital Library
- Secure Spread Project, http://www.cnds.jhu.edu/ research/group/secure_spread/.]]Google Scholar
- Spread Project, http://www.spread.org/.]]Google Scholar
- I. Stoica, R. Morris, D. Karger, M. F. Kaashoek, and H. Balakrishnan. Chord: A scalable peer-to-peer lookup service for internet applications. In Proceedings of ACM SIGCOMM '01, pages 149--160, August 2001.]] Google ScholarDigital Library
- The Gnutella Protocol Specification v0.4, http: //www.clip2.com/GnutellaProtocol04.pdf.]]Google Scholar
- B. Y. Zhao, J. Kubiatowicz, and A. D. Joseph. Tapestry: An infrastructure for fault-tolerant wide-area location and routing. Technical Report UCB/CSD-01-1141, UC Berkeley, April 2001.]] Google ScholarDigital Library
Index Terms
- Admission control in Peer-to-Peer: design and performance evaluation
Recommendations
Trustworthiness of acquaintances in Peer-to-Peer overlay networks
Various types of applications manipulate objects distributed in Peer-to-Peer overlay networks. An acquaintance peer of a peer p is a peer whose service the peer p knows and with which the peer p can directly communicate. We discuss types of acquaintance ...
Peer-to-peer multimedia applications
MM '06: Proceedings of the 14th ACM international conference on MultimediaIn both academia and industry, peer-to-peer (P2P) applications have attracted great attention. Peer-to-peer file sharing applications, such as Napster, Gnutella, Kazaa, BitTorrent, Skype and PPLive, have witnessed tremendous success among end users. And ...
Understanding churn in peer-to-peer networks
IMC '06: Proceedings of the 6th ACM SIGCOMM conference on Internet measurementThe dynamics of peer participation, or churn, are an inherent property of Peer-to-Peer (P2P) systems and critical for design and evaluation. Accurately characterizing churn requires precise and unbiased information about the arrival and departure of ...
Comments