Public Key Management Framework for Two-tier Super Peer Architecture

Many Internet applications use public key infrastructure (PKI) to enable the secure transaction of confidential messages. However, the use of PKI is not consistent with the ideas of peer-to-peer networks. In this paper, we propose public key management framework to distribute public key safely without PKI infrastructure for two-tier super peer architecture. In this framework, each peer self-generates and distributes public/private key pairs. In general case, this kind of mechanism is vulnerable to man-in-the- middle attack during the public key distribution process. But the proposed mechanism can easily avoid this kind of attack.

[1]  Mudhakar Srivatsa,et al.  Vulnerabilities and security threats in structured overlay networks: a quantitative analysis , 2004, 20th Annual Computer Security Applications Conference.

[2]  Henning Schulzrinne,et al.  An Analysis of the Skype Peer-to-Peer Internet Telephony Protocol , 2004, Proceedings IEEE INFOCOM 2006. 25TH IEEE International Conference on Computer Communications.

[3]  Jianping Wu,et al.  Applications of Peer to Peer Technology in CERNET , 2003, GCC.

[4]  Eiji Okamoto,et al.  Key distribution system based on identification information , 1989, IEEE J. Sel. Areas Commun..

[5]  Klemens Böhm,et al.  Malicious behaviour in content-addressable peer-to-peer networks , 2005, 3rd Annual Communication Networks and Services Research Conference (CNSR'05).

[6]  Jae-Kwang Lee,et al.  Random Visitor: A Defense Against Identity Attacks in P2P Overlay Networks , 2006, WISA.

[7]  Tim Moors,et al.  Survey of Research towards Robust Peer-to-Peer Networks: Search Methods , 2007, RFC.

[8]  Abdelilah Essiari,et al.  PKI-based security for peer-to-peer information sharing , 2004, Proceedings. Fourth International Conference on Peer-to-Peer Computing, 2004. Proceedings..

[9]  Thomas Wölfl Public-Key-Infrastructure Based on a Peer-to-Peer Network , 2005, HICSS.