Security Considerations for Peer-to-Peer Distributed Hash Tables
Recent peer-to-peer research has focused on providing efficient hash lookup systems that can be used to build more complex systems. These systems hav good properties when their algorithms are executed correctly but have not generally considered how to handle misbehaving nodes. This paper looks at what sorts of security problems are inherent in large peer-to-peer systems based on distributed hash lookup systems. We examin the types of problems that such systems might face, drawing examples from existing systems, and propose some design principles for detecting and preventing these problems.
Unable to display preview. Download preview PDF.
- Dabek, F., Kaashoek, M. F., Karger, D., Morris, R., and Stoica, I. Wide-area cooperativ storage with CFS. In Proceedings of the 18th ACM SOSP , pp. 202–215.Google Scholar
- Freedman, M. J., Sit, E., CupATES, J., and Morris, R. Tarzan: A peer-to-peer anonymizing network layer. In Proceedings of the First International Workshop on Peer-to-Peer Systems (Cambridge, MA, Mar. 2002).Google Scholar
- Fu, K., Kaashoek, M. F., and Maziéres, D. Fast and secure distributed read-only file system. In Proceedings of the 4th USENIX Symposium on Operating Systems Design and Implementation (OSDI) (Oct.2000), pp. 181–196.Google Scholar
- Krishnamurthy, B., Wang, J., AND Xie, Y. Early measurements of a cluster-based architecture for P2P systems. In Proceedings of the First ACM SIGCOMM Internet Measurement Workshop (San Francisco, California, Nov. 2001),pp.105–109.Google Scholar
- Ratnasamy, S., Francis, P., Handley, M., Karp, R., AND Shenker, S. A scalable content-addressabl network. In Proceedings of ACM SIGCOMM , pp. 161–172.Google Scholar
- Rowstron, A., AND Druschel, P. Pastry: Scalabl,distributed object location and routing for large-scale peer-to-peer systems. In Proceedings of the 18th IFIP/ACM International Conference on Distributed Systems Platforms (Middle-ware 2001) (Nov. 2001).Google Scholar
- Rowstron, A., AND Druschel, P. Storage management and caching in PAST, a large-scale, persistent peer-to-peer storage utility. In Proceedings of the 18th ACM SOSP , pp. 188–201.Google Scholar
- Rowstron, A., Kermarrec, A.-M., Castro, M., AND Druschel, P. SCRIBE The design of a large-scale event notification infrastructure. In Networked Group Communication: Third International COST264 Workshop (Nov. 2001), J. Crowcroft and M. Hofmann, Eds.,vol. 2233 of Lecture Notes in Computer Science Springer-Verlag, pp. 30–43.Google Scholar
- Stoica, I., Morris, R., Karger, D., Kaashoek, M. F., AND Balakrishnan, H. Chord: A scalabl peer-to-peer lookup service for int rnet applications. In Proceedings of ACM SIGCOMM , pp. 149–160.Google Scholar
- Zhao, B., Kubiatowicz, J., AND Joseph, A. Tapestry: An infrastructure for fault-tolerant wid-area location and routing. Tech. Rep. UCB/CSD-01-1141, Computer Scienc Division, U.C. Berkeley, Apr. 2001.Google Scholar