1 Security and Trust in P2P systems. 2 Trust and Security Peer-to-Peer systems require different...

Click here to load reader

  • date post

  • Category


  • view

  • download


Embed Size (px)

Transcript of 1 Security and Trust in P2P systems. 2 Trust and Security Peer-to-Peer systems require different...

  • Security and Trust in P2P systems

  • Trust and SecurityPeer-to-Peer systems require different entities to decide how to interact or whether to interact with othersSecurity decisionsI need to know whether I can trust another entity within this system Should I trust Alice because my friend, Bob, trusts her?

  • Trust and SecurityThe perfect P2P systemA system with perfectly flat hierarchy, and with each entity allowing other entities to use local resourcesHow can we provide security without a centralized entity?InfrastructureThe model of interaction between entities!

  • What is trustWhen thinking about security in a system, various entities need to trust others to varying degreesWe say trusted hardware, or trust administratorsSo what is trustTrust is a bet about the future contingent actions of others

  • Malicious nodeA malicious node might give erroneous responses to a requestApplication levelReturning false dataNetwork levelReturning false routesMay work together, acting in concert, to attack the remainder of the nodes

  • OutlineIdentificationRouting table riskVictim DataVictim PeerContent verificationPunishment

  • IdentificationIdentityUndesirable to know the identity of other entitiesPrivacyAnonymityHowever,If you wish to trust entity A, you need to be able to identify it

  • IdentificationPublic key infrastructures (PKI)Should be run with somebody!For a PKI to work in this sort of situation, you need to have a trusted third party Recommendation systemsChains of trustTransitive trustTrust should be granted directly.

  • IdentificationWhen trust must be transitive, it creates brittlenessIn most P2P system, transitive trust is a key componentHow to measure reputationRolesTime related

  • Secure Routing in p2p systemsSecurity routing primitive ensures that when a non-faulty nodes sends a message to a key k, the message reaches all non-faulty members in the set of replica roots Rk with very high probability

    Security routing guarantees that a replicas are initially placed on legitimate replica roots, and that a lookup message reaches a replica if one exists

  • Three problemsSecurely assigning nodeIds to nodesEnsure attackers cannot choose the value of nodeIDsSecurely maintaining the routing tablesEnsure that the fraction of faulty nodes that appear in the routing tables of correct nodes does not exceed the fraction of faulty nodes in the entire overlaySecurely forwarding messagesEnsure that at least one copy of a message sent to a key reaches each correct replica root for the key with high probability

  • System modelN nodesf (0
  • Secure nodeId assignmentA node might choose its identifier maliciouslyAllocate itself a collection of nodeIds closer to that documents key than any existing nodes in the systemCensor a specific documentChoose nodeIds to maximize its chances of appearing in a victim nodes routing tables

  • Secure nodeId assignmentCentralized authorityThe server is only consulted when new nodes join and is otherwise uninvolved in the actions of the p2p systemSybil attacksCoalition nodes might try to get a large number of nodeIdsEven if those nodeIds are random, a large enough collection of them would still give the attackers disproportionate control over the networkModerate the rate at which nodeIds are given outCharging money?By solving little problem?

  • Admission control system (ACS)PropertySecurityProvide resiliency against attacks that work by creating shadow nodesEfficiencyShould be simple and does not require a lot of overhead on participating nodesFairnessNodes should do an equal amount of work to join the networkResponse to attackMake the attack more difficult while not affecting other legitimate nodesScalabilityVerifiabilityAllow any node in the system to verify that it is communicating with a node that was legitimately admitted to the network

  • It is important that the upper layer nodes are both static and trustworthyA must gain admission from a sequence of nodes, starting with leaf node B and ending with root XAt each stage, A is required to solve a puzzle presented by B

    Decentralized, multi-puzzle scheme

  • Join protocolGet tokenA wishes to join the network, it must first discover a leaf node BTo gain admission from B by solving Bs puzzleAfter solving the puzzle, it is given a token and is used to prove to Bs parent admission by BAt each stage, A is given a token to be used as proof of previous puzzle solution.When reach the root, a final token format is issued by XAs signature

  • Connect to the networkA must prove to its prospective neighbors that it has been admitted by the root node XSignature verification is costThe neighboring nodes each require A to solve one more puzzle challenges protect neighbors from a DoS attack

  • Node UpgradeA must prove its stability before inclusion in the ACSInitially, A joins the ACS as a leaf node, and evaluated by its parent nodeTo maintain a balanced treeA node only upgrades nodes when its number of children has reached the degree of the treeWhen it is sufficiently deep to support the join load and achieve the proper security guarantees, no node will be added in the ACS

  • Node departureNot a member of ACS A member of ACSLeave gracefullyThe oldest child is chosen to replace the departing nodeDue to a failureChildren must rejoin the network byContact its grandparentOr, find another node in the ACS

  • SecurityThe ACS is designed to limit Sybil attacks, not to prevent them!Attacker is a member of ACSEasily detected by the parent of the attacker by observing the rate of the token requestsAttacker is not a member of ACSControl a significant fraction of nodesAttack is limited by ensuring only a small number of tokens are released during a period of time

  • How about patient attackers?If an attacker is patient enough, it can achieve the required number of IDs to launch a massive attackCut-off windowDefine a token expiration time, WHow to determine the value of WLimit the number of good users that must execute the rejoin process to a small percentage

  • AnalysisModelsLegitimate nodes arrive according to a Poisson distribution with an arrival rate of lgLife time is exponentially distributed with mean of mgAssume an attacker is equal in computational power to the average userl: Joining difficulty (measured in maximum time)

  • AnalysisPuzzles and fairnessThe distribution of the time to solve the puzzle is uniformSingle puzzle of average time l / 2

    n puzzles of difficulty l/2n

    Example5 mins to solve with a maximum standard deviation of 30 seconds9 puzzles and each takes max 33.3 seconds.

  • AnalysisSteady stateThe number of nodes in the network, NN= lg * mgTo control fraction f of nodes, an attacker will be required to obtain (f*N)/(1-f) IDsAssume there are n attackersArrival rate of attacker nodes will be la = 2*n / lThe time to launch a successful attack

  • AnalysisExample If g = 1 node/sec, and g = 2.3 hours, the steady state number of nodes is 8280For the attacker to control 10% of the total nodes in the network it is required to obtain 920 IDsIf the joining process takes on average 5 minutes, a successful attack would take 76 hours which is more than 3 days.

  • AnalysisCut-off windows (legitimate nodes)P : the percentage of legitimate nodes that will be required to reacquire fresh tokens

  • AnalysisExampleIf g = 2.3 hours and W = 4 hours,The percentage of Legitimate nodes that will be cut off the network and asked to rejoin is 17.5%.

  • AnalysisCut-off window (attackers)The combined number of nodes of n attackers can accumulate is 2*n*W / lExampleIf the maximum join time is 10 minutes and W = 4 hoursThe maximum number of nodes an attacker can accumulate is 48 nodes

  • Robust routing primitivesIf an attacker controls a fraction f of the nodes in the p2p network, we would expect that each entry in every routing table would have a probability of f of pointing to a malicious node.If a desired route consumes h hopsThe probability being free of malicious nodes is (1-f)hHow about Chord with 2m nodes?`

  • Robust routing primitivesLocality-based attacksThe adversary could take advantage of its locality to a given victim node to get more entries in that nodes routing tableIncrease its odds of controlling any given route that uses the victim nodeAttempt multiple, redundant routes from the source to the destinationCostlyHow to determine Not found

  • Content verificationAdversary may spoof the resultsVerification can be done if we have verification codesSolve by Googles PageRank technologyPages that are linked from popular pages are themselves more popularHow to add such a notion of popularity into a p2p system

  • PunishmentRemove malicious nodes when they are detectedCan we have a global view, who can punish the misbehave nodes?Unstructured p2pDo it by yourselfStructured p2pShould convince other nodesOr by yourself!

  • Conclusions and DiscussionsWhat we learnTopologiesCentralized p2p systemSearch cost is boundedSingle point of failureDecentralized p2p systemUnstructured p2p systemFlexibleUnbounded searchStructured p2p systemScalibility, bounded searchOnly support keyword querySuper peer architecture

  • Conclusions and DiscussionsSearch Constraint of hashDimension reduction and Document retrievalAbsolute angleRolling indexLocality preserving hashingidistance ApplicationBT For efficiency downloading Tit for tat SkypeSuper peer architectureSecurityIdentificationSecure nodeId assignment and routing

  • Conclusions and DiscussionsA better topologies?RobustnessScalibilityFlexibleBounded searchFairnessEtc.

  • Conclusions and Dis