Trusted Identity Management for Overlay Networks

  • Stefan Kraxberger
  • Ronald Toegl
  • Martin Pirker
  • Elisa Pintado Guijarro
  • Guillermo Garcia Millan
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7863)


A critical requirement in overlay networks is to have unique, undeniable and verifiable identifiers for each node in the system.Without them, every node in such an overlay network would be able to impersonate other nodes or create an arbitrary amount of bogus nodes. Thus, a node or a group of nodes, could easily gain control over an overlay network by orchestrating such artificial nodes. Most proposed solutions are based on public key cryptography and public key infrastructures. Unfortunately, the process of issuing and distributing certificates is not solved for large scale overlay networks. In this work we provide a solution for creating unique, undeniable and verifiable identifiers for large-scale overlay networks using mechanisms provided by the Trusted Computing Group. We facilitate the use of a unique asymmetric key pair which has been created on a Trusted Platform Module and is vouched for by the manufacturer.


Overlay Network Authentication Protocol Mutual Authentication Reputation System Trusted Platform Module 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Aberer, K., Despotovic, Z.: Managing trust in a peer-2-peer information system. In: Proc. CIKM 2001, pp. 310–317. ACM, New York (2001)Google Scholar
  2. 2.
    Balfe, S., Lakhani, A.D., Paterson, K.G.: Trusted computing: providing security for peer-to-peer networks. In: Proc. Fifth IEEE Int. Conf. Peer-to-Peer Computing, P2P 2005, pp. 117–124 (2005)Google Scholar
  3. 3.
    Bellovin, S.M.: Security aspects of Napster and Gnutella. In: Proc. USENIX (2001)Google Scholar
  4. 4.
    Bickson, D., Reinman, T., Dolev, D., Pinkas, B.: Peer-to-peer secure multi-party numerical computation facing malicious adversaries. Peer-to-Peer Networking and Applications 3(2), 129–144 (2010)CrossRefGoogle Scholar
  5. 5.
    Castro, M., Druschel, P., Ganesh, A., Rowstron, A., Wallach, D.S.: Secure routing for structured peer-to-peer overlay networks. SIGOPS Oper. Syst. Rev. 36(SI), 299–314 (2002)CrossRefGoogle Scholar
  6. 6.
    Dinger, J., Hartenstein, H.: Defending the sybil attack in p2p networks: taxonomy, challenges, and a proposal for self-registration. In: Proc. ARES 2006 (2006)Google Scholar
  7. 7.
    Douceur, J.R.: The sybil attack. In: Druschel, P., Kaashoek, M.F., Rowstron, A. (eds.) IPTPS 2002. LNCS, vol. 2429, pp. 251–260. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  8. 8.
    Eger, K., Killat, U.: Bandwidth trading in bittorrent-like p2p networks for content distribution. Comput. Commun. 31(2), 201–211 (2008)CrossRefGoogle Scholar
  9. 9.
    Grawrock, D.: Dynamics of a Trusted Platform: A Building Block Approach. Intel Press (February 2009) ISBN 978-1934053171Google Scholar
  10. 10.
    Hoffman, K., Zage, D., Nita-Rotaru, C.: A survey of attack and defense techniques for reputation systems. ACM Comput. Surv. 42(1), 1:1–1:31 (2009)CrossRefGoogle Scholar
  11. 11.
    Jøsang, A., Ismail, R., Boyd, C.: A survey of trust and reputation systems for online service provision. Decis. Support Syst. 43(2), 618–644 (2007)CrossRefGoogle Scholar
  12. 12.
    Jyothi, B.S., Dharanipragada, J.: Symon: Defending large structured p2p systems against sybil attack. In: Proc. IEEE Ninth Int. Conf. Peer-to-Peer Computing, P2P 2009, pp. 21–30 (2009)Google Scholar
  13. 13.
    Kauer, B.: Oslo: improving the security of trusted computing. In: SS 2007: Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium, pp. 1–9. USENIX Association, Berkeley (2007)Google Scholar
  14. 14.
    Kursawe, K., Schellekens, D., Preneel, B.: Analyzing trusted platform communications. In: Cryptographic Advances in Secure Hardware Workshop (2005)Google Scholar
  15. 15.
    Lowe, G.: Breaking and fixing the needham-schroeder public-key protocol using fdr. In: Margaria, T., Steffen, B. (eds.) TACAS 1996. LNCS, vol. 1055, pp. 147–166. Springer, Heidelberg (1996)CrossRefGoogle Scholar
  16. 16.
    Martucci, L.A., Kohlweiss, M., Andersson, C., Panchenko, A.: Self-certified sybil-free pseudonyms. In: Proceedings of the First ACM Conference on Wireless Network Security, pp. 154–159. ACM, Alexandria (2008)CrossRefGoogle Scholar
  17. 17.
    Needham, R.M., Schroeder, M.D.: Using encryption for authentication in large networks of computers. Commun. ACM 21(12), 993–999 (1978)zbMATHCrossRefGoogle Scholar
  18. 18.
    Pirker, M., Toegl, R., Hein, D., Danner, P.: A PrivacyCA for anonymity and trust. In: Chen, L., Mitchell, C.J., Martin, A. (eds.) Trust 2009. LNCS, vol. 5471, pp. 101–119. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  19. 19.
    Pirker, M., Winter, J., Toegl, R.: Lightweight Distributed Heterogeneous Attested Android Clouds. In: Katzenbeisser, S., Weippl, E., Camp, L.J., Volkamer, M., Reiter, M., Zhang, X. (eds.) Trust 2012. LNCS, vol. 7344, pp. 122–141. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  20. 20.
    Ryu, S., Butler, K., Traynor, P., McDaniel, P.: Leveraging identity-based cryptography for node id assignment in structured p2p systems. In: Proc. AINAW 2007, pp. 519–524 (2007)Google Scholar
  21. 21.
    Shim, R., Mainelli, T., O’Donnell, B., Chute, C., Pulskamp, F., Rau, S.: Worldwide interfaces and technologies embedded in PCs 2010-2014 forecast. Tech. rep., IDC (2010)Google Scholar
  22. 22.
    Sit, E., Morris, R.: Security considerations for peer-to-peer distributed hash tables. In: Druschel, P., Kaashoek, M.F., Rowstron, A. (eds.) IPTPS 2002. LNCS, vol. 2429, pp. 261–269. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  23. 23.
    Srivatsa, M., Liu, L.: Vulnerabilities and security threats in structured overlay networks: a quantitative analysis. In: 20th Annual Computer Security Applications Conference, pp. 252–261 (2004)Google Scholar
  24. 24.
    Tarnovsky, C.: Hacking the smartcard chip. Blackhat Conference (2010)Google Scholar
  25. 25.
    Trusted Computing Group: TCG infrastructure specifications,
  26. 26.
    Trusted Computing Group: TCG TPM specification version 1.2 revision 103 (2007)Google Scholar
  27. 27.
    Wakeman, I., Chalmers, D., Fry, M.: Reconciling privacy and security in pervasive computing: the case for pseudonymous group membership. In: Proceedings of the 5th International Workshop on Middleware for Pervasive and Ad-Hoc Computing: Held at the ACM/IFIP/USENIX 8th International Middleware Conference, pp. 7–12. ACM (2007)Google Scholar
  28. 28.
    Wallach, D.S.: A survey of peer-to-peer security issues. In: Okada, M., Babu, C. S., Scedrov, A., Tokuda, H. (eds.) ISSS 2002. LNCS, vol. 2609, pp. 42–57. Springer, Heidelberg (2003)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  • Stefan Kraxberger
    • 1
  • Ronald Toegl
    • 1
  • Martin Pirker
    • 1
  • Elisa Pintado Guijarro
    • 1
  • Guillermo Garcia Millan
    • 1
  1. 1.Institute for Applied Information Processing and Communications (IAIK)Graz University of TechnologyGrazAustria

Personalised recommendations