Random Visitor: Defense against Identity Attacks in P2P Networks

Jabeom GU  Jaehoon NAH  Hyeokchan KWON  Jongsoo JANG  Sehyun PARK  

Publication
IEICE TRANSACTIONS on Information and Systems   Vol.E91-D   No.4   pp.1058-1073
Publication Date: 2008/04/01
Online ISSN: 1745-1361
DOI: 10.1093/ietisy/e91-d.4.1058
Print ISSN: 0916-8532
Type of Manuscript: PAPER
Category: Application Information Security
Keyword: 
peer-to-peer,  overlay network,  security,  identifier authentication,  random visitor,  identity-based cryptography,  

Full Text: PDF(1.1MB)>>
Buy this Article




Summary: 
Various advantages of cooperative peer-to-peer networks are strongly counterbalanced by the open nature of a distributed, serverless network. In such networks, it is relatively easy for an attacker to launch various attacks such as misrouting, corrupting, or dropping messages as a result of a successful identifier forgery. The impact of an identifier forgery is particularly severe because the whole network can be compromised by attacks such as Sybil or Eclipse. In this paper, we present an identifier authentication mechanism called random visitor, which uses one or more randomly selected peers as delegates of identity proof. Our scheme uses identity-based cryptography and identity ownership proof mechanisms collectively to create multiple, cryptographically protected indirect bindings between two peers, instantly when needed, through the delegates. Because of these bindings, an attacker cannot achieve an identifier forgery related attack against interacting peers without breaking the bindings. Therefore, our mechanism limits the possibility of identifier forgery attacks efficiently by disabling an attacker's ability to break the binding. The design rationale and framework details are presented. A security analysis shows that our scheme is strong enough against identifier related attacks and that the strength increases if there are many peers (more than several thousand) in the network.