An efficient distributed PKI for structured P2P networks

In decentralized P2P networks, many security mechanisms still rely on a central authority. This centralization creates a single point of failure and does not comply with the P2P principles. We previously proposed a distributed PKI for P2P networks which allows to push security mechanisms to the edges of the network but relies on unaffordable maintenance operations using byzantine agreements. In this paper, we address this shortcoming and propose efficient maintenance operations without any agreements. Our improvements allow a real deployment of this P2P PKI.

[1]  Miguel Castro,et al.  Farsite: federated, available, and reliable storage for an incompletely trusted environment , 2002, OPSR.

[2]  Dan S. Wallach,et al.  A Survey of Peer-to-Peer Security Issues , 2002, ISSS.

[3]  Moti Yung,et al.  Optimal-resilience proactive public-key cryptosystems , 1997, Proceedings 38th Annual Symposium on Foundations of Computer Science.

[4]  Jeong Hyun Yi,et al.  Experimenting with Admission Control in P2P Networks , 2005 .

[5]  Miguel Castro,et al.  Secure routing for structured peer-to-peer overlay networks , 2002, OSDI '02.

[6]  Feng Cao,et al.  Providing Secure Services in Peer-to-Peer Communications Networks with Central Security Servers , 2006, Advanced Int'l Conference on Telecommunications and Int'l Conference on Internet and Web Applications and Services (AICT-ICIW'06).

[7]  Yvo Desmedt,et al.  Some Recent Research Aspects of Threshold Cryptography , 1997, ISW.

[8]  Michael Kaminsky,et al.  SybilGuard: Defending Against Sybil Attacks via Social Networks , 2008, IEEE/ACM Transactions on Networking.

[9]  David Mazières,et al.  Kademlia: A Peer-to-Peer Information System Based on the XOR Metric , 2002, IPTPS.

[10]  Matthew K. Franklin,et al.  Efficient generation of shared RSA keys , 2001, JACM.

[11]  David R. Karger,et al.  Chord: A scalable peer-to-peer lookup service for internet applications , 2001, SIGCOMM '01.

[12]  Jiejun Kong,et al.  Providing robust and ubiquitous security support for mobile ad-hoc networks , 2001, Proceedings Ninth International Conference on Network Protocols. ICNP 2001.

[13]  Valérie Viet Triem Tong,et al.  A Distributed Certification System for Structured P2P Networks , 2008, AIMS.

[14]  Valérie Viet Triem Tong,et al.  Detecting and Excluding Misbehaving Nodes in a P2P Network , 2009, Stud. Inform. Univ..

[15]  Robert Tappan Morris,et al.  Security Considerations for Peer-to-Peer Distributed Hash Tables , 2002, IPTPS.

[16]  Antony I. T. Rowstron,et al.  Pastry: Scalable, Decentralized Object Location, and Routing for Large-Scale Peer-to-Peer Systems , 2001, Middleware.

[17]  Matthew K. Franklin,et al.  Efficient Generation of Shared RSA Keys (Extended Abstract) , 1997, CRYPTO.

[18]  G. Tsudik,et al.  Experimenting with Admission Control in P 2 P , 2005 .

[19]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[20]  Valérie Viet Triem Tong,et al.  A Sybil-Resistant Admission Control Coupling SybilGuard with Distributed Certification , 2008, 2008 IEEE 17th Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises.

[21]  Rossano Schifanella,et al.  Tempering Kademlia with a Robust Identity Based System , 2008, 2008 Eighth International Conference on Peer-to-Peer Computing.