A P2P Content Authentication Protocol Based on Byzantine Agreement
One of the main advantages of peer-to-peer (P2P) systems is their capability to offer replicas of the same content at various locations. This allows to access contents even when some nodes are disconnected. However, this high degree of redundancy implies that it is necessary to apply some security mechanisms in order to avoid attacks based on non-authorized content modification. In this paper, we propose a content authentication protocol for pure P2P systems. Under certain restrictions, our scheme provides guarantees that a content is authentic, i.e. it has not been altered, even if it is a replica of the original and the source has lost control over it. Our proposal relies on a set of peers playing the role of a certification authority, for it is unrealistic to assume that appropriate trusted third parties can be deployed in such environments. Finally, we discuss some of its security properties through several attack scenarios.
KeywordsMalicious Node Authentication Protocol Trust Third Party Attack Scenario Malicious Peer
Unable to display preview. Download preview PDF.
- 1.Boyd, C.: Digital multisignatures. In: Baker, H., Piper, F. (eds.) Cryptography and Coding, pp. 241–246. Clarendon Press, Oxford (1989)Google Scholar
- 2.Conti, M., Gregori, E., Turi, G.: Towards Scalable P2P Computing for Mobile Ad-Hoc Networks. In: Proceedings of the Second IEEE Annual Conference on Pervasive Computing and Communications Workshops (PERCOMW 2004), Orlando, USA, pp. 109–113 (March 2004)Google Scholar
- 3.Damiani, E., De Capitani, S., Paraboschi, S., Samarati, P., Violante, F.: A Reputation-Based Approach for Choosing Reliable Resources in Peer-to-Peer Networks. In: Proceedings of the 9th ACM Conference on Computer and Communications Security (CCS 2002), Washington, USA, pp. 207–216 (November 2002)Google Scholar
- 4.Daswani, N., Garcia-Molina, H., Yang, B.: Open Problems in Data-sharing Peer-to-peer Systems. In: Proceedings of 9th International Conference on Database Theory, Italy (January 2003)Google Scholar
- 5.Dean, D., Stubblefield, A.: Using client puzzles to protect TLS. In: Proceedings of the 10th USENIX Security Symposium (August 2001)Google Scholar
- 7.Fox, G.: Peer-to-Peer Networks. Computing in Science & Engineering 3(3) (May 2001)Google Scholar
- 8.Juels, A., Brainard, J.: Client puzzles: A cryptographic countermeasure against connection depletion attacks. In: Proceedings of the Network and Distributed Security Systems Symposium, California, USA, pp. 151–165 (February 1999)Google Scholar
- 10.Lin, W.K., Chiu, D.M., Lee, Y.B.: Erasure Code Replication Revisited. In: Proceeding of the 4th IEEE International Conference on Peer-to-Peer Computing (August 2004)Google Scholar
- 11.Maniatis, P., Giuli, T.J., Roussopoulos, M., Rosenthal, D.S.H., Baker, M.: Impeding Attrition Attacks in P2P Systems. In: Proceedings of the 11th ACM SIGOPS European Workshop, Leuven, Belgium (September 2004)Google Scholar
- 12.Oguchi, M., Nakatsuka, Y., Tomizawa, C.: A Proposal of User Authentication and a Content Distribution Mechanism using P2P Connection over a Mobile Ad Hoc Network. In: Proceedings of the IASTED International Conference on Communication Systems and Networks, Marbella, Spain, pp. 65–69 (September 2004)Google Scholar
- 13.Oram, A. (ed.): Peer-to-Peer: Harnessing the Benefits of a Disruptive Technology. O’Reilly, Sebastopol (2001)Google Scholar