Byzantine fault tolerant public key authentication in peer-to-peer systems

We describe Byzantine fault tolerant authentication, a mechanism for public key authentication in peer-to-peer systems. Authentication is done without trusted third parties, tolerates Byzantine faults and is eventually correct if more than a threshold of the peers are honest. This paper addresses the design, correctness, and fault tolerance of authentication over insecure asynchronous networks. An anti-entropy version of the protocol is developed to provide lazy authentication with logarithmic messaging cost. The cost implications of the authentication mechanism are studied by simulation.

[1]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[2]  Simson L. Garfinkel,et al.  PGP: Pretty Good Privacy , 1994 .

[3]  Moni Naor,et al.  Certificate revocation and certificate update , 1998, IEEE Journal on Selected Areas in Communications.

[4]  Paul F. Syverson,et al.  The Logic of Authentication Protocols , 2000, FOSAD.

[5]  Rafail Ostrovsky,et al.  Fast Digital Identity Revocation (Extended Abstract) , 1998, CRYPTO.

[6]  Gabriel Montenegro,et al.  Crypto-based identifiers (CBIDs): Concepts and applications , 2004, TSEC.

[7]  Silvio Micali,et al.  A Digital Signature Scheme Secure Against Adaptive Chosen-Message Attacks , 1988, SIAM J. Comput..

[8]  LamportLeslie Time, clocks, and the ordering of events in a distributed system , 1978 .

[9]  Barbara Fox,et al.  Certificate Recocation: Mechanics and Meaning , 1998, Financial Cryptography.

[10]  J. Doug Tygar,et al.  Why Johnny Can't Encrypt: A Usability Evaluation of PGP 5.0 , 1999, USENIX Security Symposium.

[11]  Leslie Lamport,et al.  Time, clocks, and the ordering of events in a distributed system , 1978, CACM.

[12]  Thomas Beth,et al.  Trust relationships in secure systems-a distributed authentication perspective , 1993, Proceedings 1993 IEEE Computer Society Symposium on Research in Security and Privacy.

[13]  Leslie Lamport,et al.  The Byzantine Generals Problem , 1982, TOPL.

[14]  Jean Bacon,et al.  Access control and trust in the use of widely distributed services , 2001, Softw. Pract. Exp..

[15]  Christian Cachin,et al.  Distributing trust on the Internet , 2001, 2001 International Conference on Dependable Systems and Networks.

[16]  R. Canetti,et al.  Proactive Security : Long-term Protection Against Break , 1997 .

[17]  Zygmunt J. Haas,et al.  Securing ad hoc networks , 1999, IEEE Netw..

[18]  Stéphane Ubéda,et al.  Trusted Ambient community for self-securing hybrid networks , 2003 .

[19]  Ross J. Anderson,et al.  Key infection: smart trust for smart dust , 2004, Proceedings of the 12th IEEE International Conference on Network Protocols, 2004. ICNP 2004..

[20]  Seungjoon Lee,et al.  Cooperative peer groups in NICE , 2003, IEEE INFOCOM 2003. Twenty-second Annual Joint Conference of the IEEE Computer and Communications Societies (IEEE Cat. No.03CH37428).

[21]  Michael K. Reiter,et al.  The Rampart Toolkit for Building High-Integrity Services , 1994, Dagstuhl Seminar on Distributed Systems.

[22]  Bernard P. Zajac,et al.  Pretty good privacy , 1994 .

[23]  Ran Canetti,et al.  Proactive Security: Long-term protection against break-ins , 1997 .

[24]  Ravi S. Sandhu,et al.  Role-Based Access Control Models , 1996, Computer.

[25]  Angelos D. Keromytis,et al.  Trust Management and Network Security Protocols , 1999 .

[26]  Roger Dingledine,et al.  The Free Haven Project: Distributed Anonymous Storage Service , 2000, Workshop on Design Issues in Anonymity and Unobservability.

[27]  Fred B. Schneider,et al.  COCA: a secure distributed online certification authority , 2002 .

[28]  John R. Douceur,et al.  The Sybil Attack , 2002, IPTPS.

[29]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[30]  Angelos D. Keromytis,et al.  Trust Management and Network Layer Security Protocols , 1999, Security Protocols Workshop.

[31]  Philip R. Zimmermann,et al.  The official PGP user's guide , 1996 .