Bayesian Analysis of Secure P2P Sharing Protocols

  • Esther Palomar
  • Almudena Alcaide
  • Juan M. Estevez-Tapiador
  • Julio C. Hernandez-Castro
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4804)


Ad hoc and peer-to-peer (P2P) computing paradigms pose a number of security challenges. The deployment of classic security protocols to provide services such as node authentication, content integrity or access control, presents several difficulties, most of them due to the decentralized nature of these environments and the lack of central authorities. Even though some solutions have been already proposed, a usual problem is how to formally reasoning about their security properties. In this work, we show how Game Theory –particularly Bayesian games– can be an useful tool to analyze in a formal manner a P2P security scheme. We illustrate our approach with a secure content distribution protocol, showing how nodes can dynamically adapt their strategies to highly transient communities. In our model, some security aspects rest on the formal proof of the robustness of the distribution protocol, while other properties stem from notions such as rationality, cooperative security, beliefs, or best-response strategies.


Pure Strategy Reputation System Rational Player Bayesian Game Content Access 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Zhu, B., Jajodia, S., Kankanhalli, M.: Building trust in peer-to-peer systems: a review. International Journal of Security and Networks 1, 103–112 (2006)CrossRefGoogle Scholar
  2. 2.
    Narasimha, M., Tsudik, G., Yi, J.: On the utility of distributed cryptography in p2p and manets: The case of membership control. In: Proceedings of the 11th IEEE International Conference on Network Protocols, Atlanta, USA, pp. 336–345. IEEE Computer Society, Los Alamitos (2003)CrossRefGoogle Scholar
  3. 3.
    Zhang, X., Chen, S., Sandhu, R.: Enhancing data authenticity and integrity in p2p systems. IEEE Internet Computing, 42–49 (2005)Google Scholar
  4. 4.
    Buragohain, C., Agrawal, D., Suri, S.: A game theoretic framework for incentives in p2p systems. In: Proceedings of the 3rd Int. Conf. on Peer-to-Peer Computing, Linköping, Sweden, pp. 48–56. IEEE Computer Society, Los Alamitos (2003)Google Scholar
  5. 5.
    Palomar, E., Estevez-Tapiador, J., Hernandez-Castro, J., Ribagorda, A.: A protocol for secure content distribution in pure p2p networks. In: Proceedings of the 3th Int Workshop on P2P Data Management, Security and Trust, Krakow, Poland, pp. 712–716. IEEE, Los Alamitos (2006)Google Scholar
  6. 6.
    Pathak, V., Iftode, L.: Byzantine fault tolerant public key authentication in peer-to-peer systems. Computer Networks (2006)Google Scholar
  7. 7.
    Saxena, N., Tsudik, G., Yi, J.: Admission control in peer-to-peer: Design and performance evaluation. In: Proceedings of the 1st ACM Workshop Security of Ad Hoc and Sensor Networks, Virginia, USA, pp. 104–114 (2003)Google Scholar
  8. 8.
    DaSilva, L., Srivastava, V.: Node participation in ad hoc and peer-to-peer networks: A game-theoretic formulation. In: Proceedings of the Wireless and Comm. and Networking Conf., New Orleans, USA, IEEE Computer Society, Los Alamitos (2005)Google Scholar
  9. 9.
    Shneidman, J., Parkes, D.: Rationality and self-interest in peer to peer networks. In: Proceedings of the IPTPS, pp. 139–148. Springer, Heidelberg (2003)Google Scholar
  10. 10.
    Zhang, Y., Lin, L., Huai, J.: Balancing trust and incentive in peer-to-peer collaborative system. Int. Journal of Network Security 5, 73–81 (2007)Google Scholar
  11. 11.
    Dwork, C., Naor, M.: Pricing via processing or combatting junk mail. In: Brickell, E.F. (ed.) CRYPTO 1992. LNCS, vol. 740, pp. 139–147. Springer, Heidelberg (1993)Google Scholar
  12. 12.
    Juels, A., Brainard, J.: Client puzzles: A cryptographic defense against connection depletion attacks. In: Proceedings of the Networks and Distributed Security Systems, California, USA, pp. 151–165 (1999)Google Scholar
  13. 13.
    Syverson, P.: Weakly secret bit commitment: Applications to lotteries and fair exchange. In: Proceedings of the 11th IEEE Computer Security Foundations Workshop, pp. 2–13 (1998)Google Scholar
  14. 14.
    Golle, P., Leyton-Brown, K., Mironov, I.: Incentives for sharing in peer-to-peer networks. In: Proceedings of the Conference on Electronic Commerce, pp. 14–17. ACM Press, Tampa, USA (2001)Google Scholar
  15. 15.
    Gupta, R., Somani, A.: Game theory as a tool to strategize as well as predict nodes behavior in peer-to-peer networks. In: Proceedings of the 11th Int. Conf. on Parallel and Distributed Systems, Fukuoka, Japan, pp. 244–249. IEEE Computer Society, Los Alamitos (2005)Google Scholar
  16. 16.
    Nurmi, P.: A bayesian framework for online reputation systems. In: Proceedings of the Advanced Int. Conf. on Telecomm, Guadeloupe, French Caribbean, IEEE Computer Society, Los Alamitos (2006)Google Scholar
  17. 17.
    Alcaide, A., Estevez-Tapiador, J., Castro, J.H., Ribagorda, A.: Bayesian rational exchange (to appear in Int. Journal of Information Security)Google Scholar
  18. 18.
    Abadi, M., Burrows, M., Manasse, M., Wobber, T.: Moderately hard. memory-bound functions 5, 299–327 (2005)Google Scholar
  19. 19.
    Palomar, E., Estevez-Tapiador, J., Hernandez-Castro, J., Ribagorda, A.: Certificate-based access control in pure p2p networks. In: Proceedings of the 6th International Conference on Peer-to-Peer Computing, Cambridge, UK, pp. 177–184. IEEE, Los Alamitos (2006)Google Scholar
  20. 20.
    Buttyán, L.: Building Blocks for Secure Services: Authenticated Key Transport and Rational Exchange Protocols (PhD thesis)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2007

Authors and Affiliations

  • Esther Palomar
    • 1
  • Almudena Alcaide
    • 1
  • Juan M. Estevez-Tapiador
    • 1
  • Julio C. Hernandez-Castro
    • 1
  1. 1.Computer Science Department – Carlos III University of Madrid, Avda. Universidad 30, 28911, Leganes, Madrid 

Personalised recommendations