A Public Keys Based Architecture for P2P Identification, Content Authenticity and Reputation

In the classic use of P2P, e.g. file sharing, there is no concern about persistent peer identification, peer and content reputation and content authenticity. Security proposals currently found in technical literature try to adapt techniques from client-server architecture to P2P environments, which it is not the most appropriate approach. This work proposes applying public keys to identify peers. It allows creating a persistent identification scheme, without losing anonymity, even in a self-managed environment as P2P. Also, it applies digital signature to provide authenticity to the P2P content and to guarantee non-repudiation in the content transfer. In order to provide credibility to the non-certified content and public keys a reputation mechanism is applied. We have developed a prototype to show the benefits of this approach.

[1]  Hector Garcia-Molina,et al.  Identity crisis: anonymity vs reputation in P2P systems , 2003, Proceedings Third International Conference on Peer-to-Peer Computing (P2P2003).

[2]  Butler W. Lampson,et al.  SPKI Certificate Theory , 1999, RFC.

[3]  Joni da Silva Fraga,et al.  Extending the SDSI / SPKI Model through Federation Webs , 2003, Communications and Multimedia Security.

[4]  Emin Gün Sirer,et al.  Experience with an Object Reputation System for Peer-to-Peer Filesharing , 2006, NSDI.

[5]  Brighten Godfrey,et al.  OpenDHT: a public DHT service and its uses , 2005, SIGCOMM '05.

[6]  R. Chen,et al.  Poblano A Distributed Trust Model for Peer-to-Peer Networks , 2001 .

[7]  Hector Garcia-Molina,et al.  Open Problems in Data-Sharing Peer-to-Peer Systems , 2003, ICDT.

[8]  Lau Cheuk Lung,et al.  Implementing a Peer-to-Peer Web Browser for Publishing and Searching Web Pages on Internet , 2007, 21st International Conference on Advanced Information Networking and Applications (AINA '07).

[9]  Bill Yeager,et al.  Project JXTA 2.0 Super-Peer Virtual Network , 2003 .

[10]  Ravi S. Sandhu,et al.  Enhancing data authenticity and integrity in P2P systems , 2005, IEEE Internet Computing.

[11]  Rakesh Kumar,et al.  Fluid modeling of pollution proliferation in P2P networks , 2006, SIGMETRICS '06/Performance '06.

[12]  Diomidis Spinellis,et al.  A survey of peer-to-peer content distribution technologies , 2004, CSUR.

[13]  E. Friedman,et al.  The Social Cost of Cheap Pseudonyms , 2001 .

[14]  Paul Resnick,et al.  Reputation systems , 2000, CACM.