The Sybil Attack

Large-scale peer-to-peer systems face security threats from faulty or hostile remote computing elements. To resist these threats, many such systems employ redundancy. However, if a single faulty entity can present multiple identities, it can control a substantial fraction of the system, thereby undermining this redundancy. One approach to preventing these "Sybil attacks" is to have a trusted agency certify identities. This paper shows that, without a logically centralized authority, Sybil attacks are always possible except under extreme and unrealistic assumptions of resource parity and coordination among entities.

[1]  Ralph C. Merkle,et al.  Secure communications over insecure channels , 1978, CACM.

[2]  David Chaum,et al.  Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.

[3]  Leslie Lamport,et al.  The Byzantine Generals Problem , 1982, TOPL.

[4]  Amos Fiat,et al.  How to Prove Yourself: Practical Solutions to Identification and Signature Problems , 1986, CRYPTO.

[5]  Kazuo Ohta,et al.  A Modification of the Fiat-Shamir Scheme , 1988, CRYPTO.

[6]  Adi Shamir,et al.  An Efficient Identification Scheme Based on Permuted Kernels (Extended Abstract) , 1989, CRYPTO.

[7]  Mihir Bellare,et al.  Random oracles are practical: a paradigm for designing efficient protocols , 1993, CCS '93.

[8]  Carl M. Ellison Cybercash Establishing Identity Without Certification Authorities , 1996 .

[9]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[10]  S. Turkle Life on the Screen: Identity in the Age of the Internet , 1997 .

[11]  Tal Malkin,et al.  A Random Server Model for Private Information Retrieval or How to Achieve Information Theoretic PIR Avoiding Database Replication , 1998, RANDOM.

[12]  Eyal Kushilevitz,et al.  Private information retrieval , 1998, JACM.

[13]  Andrew V. Goldberg,et al.  Towards an archival Intermemory , 1998, Proceedings IEEE International Forum on Research and Technology Advances in Digital Libraries -ADL'98-.

[14]  Michael K. Reiter,et al.  Crowds: anonymity for Web transactions , 1998, TSEC.

[15]  Judith Donath,et al.  Identity and deception in the virtual community , 1998 .

[16]  John H. Hartman,et al.  The Swarm scalable storage system , 1999, Proceedings. 19th IEEE International Conference on Distributed Computing Systems (Cat. No.99CB37003).

[17]  Ari Juels,et al.  Client puzzles: A cryptographic defense against connection depletion , 1999 .

[18]  Miguel Oom Temudo de Castro,et al.  Practical Byzantine fault tolerance , 1999, OSDI '99.

[19]  David Mazières,et al.  Separating key management from file system security , 1999, SOSP.

[20]  Pradeep K. Khosla,et al.  Survivable Information Storage Systems , 2000, Computer.

[21]  Pekka Nikander,et al.  DOS-Resistant Authentication with Client Puzzles , 2000, Security Protocols Workshop.

[22]  Roger Dingledine,et al.  The Free Haven Project: Distributed Anonymous Storage Service , 2000, Workshop on Design Issues in Anonymity and Unobservability.

[23]  Aviel D. Rubin,et al.  Publius: a robust, tamper-evident, censorship-resistant web publishing system , 2000 .

[24]  Ian Clarke,et al.  Freenet: A Distributed Anonymous Information Storage and Retrieval System , 2000, Workshop on Design Issues in Anonymity and Unobservability.

[25]  Marvin Theimer,et al.  Feasibility of a serverless distributed file system deployed on an existing set of desktop PCs , 2000, SIGMETRICS '00.

[26]  Thomas Narten,et al.  Privacy Extensions for Stateless Address Autoconfiguration in IPv6 , 2001, RFC.

[27]  Andy Oram,et al.  Peer-to-Peer: Harnessing the Power of Disruptive Technologies , 2001 .

[28]  Adam Stubblefield,et al.  Using Client Puzzles to Protect TLS , 2001, USENIX Security Symposium.

[29]  David R. Karger,et al.  Wide-area cooperative storage with CFS , 2001, SOSP.

[30]  Antony I. T. Rowstron,et al.  Storage management and caching in PAST, a large-scale, persistent peer-to-peer storage utility , 2001, SOSP.