A P2P Content Authentication Protocol Based on Byzantine Agreement

  • Esther Palomar
  • Juan M. Estevez-Tapiador
  • Julio C. Hernandez-Castro
  • Arturo Ribagorda
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3995)


One of the main advantages of peer-to-peer (P2P) systems is their capability to offer replicas of the same content at various locations. This allows to access contents even when some nodes are disconnected. However, this high degree of redundancy implies that it is necessary to apply some security mechanisms in order to avoid attacks based on non-authorized content modification. In this paper, we propose a content authentication protocol for pure P2P systems. Under certain restrictions, our scheme provides guarantees that a content is authentic, i.e. it has not been altered, even if it is a replica of the original and the source has lost control over it. Our proposal relies on a set of peers playing the role of a certification authority, for it is unrealistic to assume that appropriate trusted third parties can be deployed in such environments. Finally, we discuss some of its security properties through several attack scenarios.


Malicious Node Authentication Protocol Trust Third Party Attack Scenario Malicious Peer 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Boyd, C.: Digital multisignatures. In: Baker, H., Piper, F. (eds.) Cryptography and Coding, pp. 241–246. Clarendon Press, Oxford (1989)Google Scholar
  2. 2.
    Conti, M., Gregori, E., Turi, G.: Towards Scalable P2P Computing for Mobile Ad-Hoc Networks. In: Proceedings of the Second IEEE Annual Conference on Pervasive Computing and Communications Workshops (PERCOMW 2004), Orlando, USA, pp. 109–113 (March 2004)Google Scholar
  3. 3.
    Damiani, E., De Capitani, S., Paraboschi, S., Samarati, P., Violante, F.: A Reputation-Based Approach for Choosing Reliable Resources in Peer-to-Peer Networks. In: Proceedings of the 9th ACM Conference on Computer and Communications Security (CCS 2002), Washington, USA, pp. 207–216 (November 2002)Google Scholar
  4. 4.
    Daswani, N., Garcia-Molina, H., Yang, B.: Open Problems in Data-sharing Peer-to-peer Systems. In: Proceedings of 9th International Conference on Database Theory, Italy (January 2003)Google Scholar
  5. 5.
    Dean, D., Stubblefield, A.: Using client puzzles to protect TLS. In: Proceedings of the 10th USENIX Security Symposium (August 2001)Google Scholar
  6. 6.
    Douceur, J.R.: The Sybil Attack. In: Druschel, P., Kaashoek, M.F., Rowstron, A. (eds.) IPTPS 2002. LNCS, vol. 2429, pp. 251–260. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  7. 7.
    Fox, G.: Peer-to-Peer Networks. Computing in Science & Engineering 3(3) (May 2001)Google Scholar
  8. 8.
    Juels, A., Brainard, J.: Client puzzles: A cryptographic countermeasure against connection depletion attacks. In: Proceedings of the Network and Distributed Security Systems Symposium, California, USA, pp. 151–165 (February 1999)Google Scholar
  9. 9.
    Lamport, L., Shostak, R., Pease, M.: The Byzantine General Problem. ACM Transactions on Programming Languages and Systems 4(3), 382–401 (1982)CrossRefMATHGoogle Scholar
  10. 10.
    Lin, W.K., Chiu, D.M., Lee, Y.B.: Erasure Code Replication Revisited. In: Proceeding of the 4th IEEE International Conference on Peer-to-Peer Computing (August 2004)Google Scholar
  11. 11.
    Maniatis, P., Giuli, T.J., Roussopoulos, M., Rosenthal, D.S.H., Baker, M.: Impeding Attrition Attacks in P2P Systems. In: Proceedings of the 11th ACM SIGOPS European Workshop, Leuven, Belgium (September 2004)Google Scholar
  12. 12.
    Oguchi, M., Nakatsuka, Y., Tomizawa, C.: A Proposal of User Authentication and a Content Distribution Mechanism using P2P Connection over a Mobile Ad Hoc Network. In: Proceedings of the IASTED International Conference on Communication Systems and Networks, Marbella, Spain, pp. 65–69 (September 2004)Google Scholar
  13. 13.
    Oram, A. (ed.): Peer-to-Peer: Harnessing the Benefits of a Disruptive Technology. O’Reilly, Sebastopol (2001)Google Scholar
  14. 14.
    Pathak, V., Iftode, L.: Byzantine Fault Tolerant Public Key Authentication in Peer-to-Peer Systems. Computer Networks 50(4), 579–596 (2006)CrossRefMATHGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Esther Palomar
    • 1
  • Juan M. Estevez-Tapiador
    • 1
  • Julio C. Hernandez-Castro
    • 1
  • Arturo Ribagorda
    • 1
  1. 1.Computer Science DepartmentCarlos III University of MadridLeganes, MadridSpain

Personalised recommendations