Peer-to-peer overlays for real-time communication: security issues and solutions

Peer to peer (P2P) networks offer higher robustness against failure, easier configuration and are generally more economical as compared to their client-server counterparts. This has made it reasonable for resource consuming and typically centralized applications like voice over IP (VoIP) and, in general, real-time communication to adapt and exploit the benefits of P2P. Such a migration needs to address a new set of P2P specific security problems. We go over some of the known issues found in common P2P networks. We then analyze the relevance of such issues and the applicability of existing solutions when using P2P architectures for real-time communication.

[1]  Eric Rescorla,et al.  HTTP Over TLS , 2000, RFC.

[2]  Jan Seedorf Security challenges for peer-to-peer SIP , 2006, IEEE Network.

[3]  Jeong Hyun Yi,et al.  Admission control in Peer-to-Peer: design and performance evaluation , 2003, SASN '03.

[4]  Henning Schulzrinne,et al.  Peer-to-Peer Protocol (P2PP) , 2007 .

[5]  Diomidis Spinellis,et al.  A survey of peer-to-peer content distribution technologies , 2004, CSUR.

[6]  John R. Douceur,et al.  The Sybil Attack , 2002, IPTPS.

[7]  Jong Kim,et al.  A reputation management system in structured peer-to-peer networks , 2005, 14th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprise (WETICE'05).

[8]  James H. Burrows,et al.  Secure Hash Standard , 1995 .

[9]  Dan S. Wallach,et al.  A Survey of Peer-to-Peer Security Issues , 2002, ISSS.

[10]  Rocky K. C. Chang,et al.  Robust Forwarding in Structured Peer-to-Peer Overlay Networks , 2002, SIGCOMM 2002.

[11]  Ersin Uzun,et al.  A reputation-based trust management system for P2P networks , 2004, IEEE International Symposium on Cluster Computing and the Grid, 2004. CCGrid 2004..

[12]  Mark Handley,et al.  SIP: Session Initiation Protocol , 1999, RFC.

[13]  S. Micali,et al.  Accountable-Subgroup Multisignatures , 2001 .

[14]  Mark Handley,et al.  A scalable content-addressable network , 2001, SIGCOMM '01.

[15]  Michael Kaminsky,et al.  SybilGuard: Defending Against Sybil Attacks via Social Networks , 2008, IEEE/ACM Transactions on Networking.

[16]  Jan Seedorf,et al.  Using Cryptographically Generated SIP-URIs to Protect the Integrity of Content in P2P-SIP , 2006 .

[17]  Emil Ivov,et al.  XPP Extensions for Implementing a Passive P2PSIP Overlay Network based on the CAN Distributed Hash Table , 2007 .

[18]  Christian Scheideler,et al.  How to spread adversarial nodes?: rotate! , 2005, STOC '05.

[19]  Henning Schulzrinne,et al.  Peer-to-peer internet telephony using SIP , 2005, NOSSDAV '05.

[20]  David R. Karger,et al.  Chord: A scalable peer-to-peer lookup service for internet applications , 2001, SIGCOMM '01.

[21]  Unrecognized A Distributed Transport Function in P2PSIP using HIP for Multi-Hop Overlay Routing , 2007 .

[22]  Ernesto Damiani,et al.  A reputation-based approach for choosing reliable resources in peer-to-peer networks , 2002, CCS '02.

[23]  Philip Zimmermann,et al.  Pretty good privacy: public key encryption for the masses , 1995 .

[24]  Robert Tappan Morris,et al.  Security Considerations for Peer-to-Peer Distributed Hash Tables , 2002, IPTPS.

[25]  Antony I. T. Rowstron,et al.  Pastry: Scalable, Decentralized Object Location, and Routing for Large-Scale Peer-to-Peer Systems , 2001, Middleware.

[26]  Henning Schulzrinne,et al.  An Analysis of the Skype Peer-to-Peer Internet Telephony Protocol , 2004, Proceedings IEEE INFOCOM 2006. 25TH IEEE International Conference on Computer Communications.

[27]  John Langford,et al.  Telling humans and computers apart automatically , 2004, CACM.

[28]  Ravi S. Sandhu,et al.  Enhancing data authenticity and integrity in P2P systems , 2005, IEEE Internet Computing.

[29]  Mats Näslund,et al.  The Secure Real-time Transport Protocol (SRTP) , 2004, RFC.

[30]  Vijay Gurbani The SIPSEC Uniform Resource Identifier (URI) , 2007 .

[31]  George Danezis,et al.  Sybil-Resistant DHT Routing , 2005, ESORICS.

[32]  Taher H. Haveliwala,et al.  The Second Eigenvalue of the Google Matrix , 2003 .

[33]  Peter Druschel,et al.  Pastry: Scalable, distributed object location and routing for large-scale peer-to- , 2001 .

[34]  Johan A. Pouwelse,et al.  The Bittorrent P2P File-Sharing System: Measurements and Analysis , 2005, IPTPS.

[35]  David Mazières,et al.  Kademlia: A Peer-to-Peer Information System Based on the XOR Metric , 2002, IPTPS.

[36]  Unrecognized Address Settlement by Peer to Peer , 2007 .

[37]  Gene Tsudik,et al.  Admission control in peer groups , 2003, Second IEEE International Symposium on Network Computing and Applications, 2003. NCA 2003..

[38]  H. Rowaihy,et al.  Limiting Sybil Attacks in Structured Peer-to-Peer Networks , 2005 .

[39]  Baugher,et al.  The Secure Real-Time Transport Protocol , 2003 .

[40]  Hector Garcia-Molina,et al.  SPROUT: P2P Routing with Social Networks , 2004, EDBT Workshops.

[41]  Miguel Castro,et al.  Secure routing for structured peer-to-peer overlay networks , 2002, OSDI '02.

[42]  Hector Garcia-Molina,et al.  The Eigentrust algorithm for reputation management in P2P networks , 2003, WWW '03.

[43]  Rakesh Kumar,et al.  Pollution in P2P file sharing systems , 2005, Proceedings IEEE 24th Annual Joint Conference of the IEEE Computer and Communications Societies..