Experimenting with Admission Control in P2P Networks
Peer-to-peer (P2P ) security has received a lot of attention as of late. Most prior work focused almost entirely on issues related to secure communication, such as key management and peer authentication. However, an important pre-requisite for secure communication — secure peer admission — has been neither recognized nor adequately addressed. Only very recently, some initial work began to make inroads into this difficult problem. In particular, [Kim et al., 2003] constructed a peer group admission control framework based on various admission policies matched with appropriate cryptographic techniques. Recent results [Saxena et al., 2003, Narasimha et al., 2003] also illustrate the design of, and experiments with, certain group admission control mechanisms.
In this work, we report on the implementation of Bouncer, an experimental peer group admission control toolkit used in [Saxena et al., 2003] and its trial integration with two peer group systems with very different goals and semantics: Gnutella and Secure Spread. We also discuss some outstanding issues, challenges and future research directions relevant to this topic.
KeywordsAccess Control Peer-to-Peer Networks Peer Group Communications
Unable to display preview. Download preview PDF.
- [Ateniese et al., 2000]Ateniese, G., Camenisch, J., Joye, M., and Tsudik, G. (2000). A Practical and Provably Secure Coalition-Resistant Group Signature Scheme. In Bellare, Mihir, editor, CRYPTO '00, number 1880 in LNCS, pages 255–270.Google Scholar
- [Boneh et al., 2003]Boneh, D., Gentry, C., Lynn, B., and Shacham, H. (2003). Aggregate and Verifiably Encrypted Signatures from Bilinear Maps. In Biham, Eli, editor, EUROCRYPT '03, number 2656 in LNCS, pages 416–432.Google Scholar
- [Douceur, 2002]Douceur, J. R. (2002). The Sybil Attack. In International Workshop on Peer-to-Peer Systems (IPTPS'02).Google Scholar
- [Gennaro et al, 1996]Gennaro, R., Jarecki, S., Krawczyk, H. and Rabin, T. (1996). Robust Threshold DSS Signatures. In Maurer, Ueli, editor, EUROCRYPT '96, number 1070 in LNCS, pages 354–371.Google Scholar
- [Gnutel la]Gnutella Protocol Specification v0.4 (http://www.clip2.com/GnutellaProtocol04.pdf).Google Scholar
- [Gnut]Gnut v0.4.21 source code (http://schnarff.com/gnutelladev/source/gnut).Google Scholar
- [Housley et al., 2002]Housley, R., Polk, W., Ford, W., and Solo, D. (2002). Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile. RFC 3280, IETF.Google Scholar
- [Kong et al., 2002]
- [Kim et al., 2003]Kim, Y., Mazzocchi, D., and Tsudik, G. (2003). Admission Control in Peer Groups. In IEEE International Symposium on Network Computing and Applications (NCA).Google Scholar
- [Luo et al., 2002]Luo, H., Zerfos, P., Kong, J., Lu, S., and Zhang, L. (2002). Self-securing Ad Hoc Wireless Networks. In Seventh IEEE Symposium on Computers and Communications (ISCC '02).Google Scholar
- [Kong et al., 2001]Kong, J., Zerfos, P., Luo, H., Lu, S., and Zhang, L. (2001). Providing Robust and Ubiquitous Security Support for MANET. In IEEE 9th International Conference on Network Protocols (ICNP).Google Scholar
- [Narasimha et al., 2003]Narasimha, M., Tsudik, G., and Yi, J. H. (2003). On the Utility of Distributed Cryptography in P2P and MANETs: The Case of Membership Control. In IEEE International Conference on Network Protocol (ICNP), pages 336–345.Google Scholar
- [Ohta et al., 2001]Ohta, K., Micali, S., and Reyzin, L. (2001). Accountable Subgroup Multisignatures. In ACM Conference on Computer and Communications Security, pages 245–254.Google Scholar
- [OpenSSL]OpenSSL Project (http://www.openssl.org/).Google Scholar
- [PGAC]Peer Group Admission Control Project (http://sconce. ics.uci.edu/gac).Google Scholar
- [Spread]Spread Project (http://www.spread.org/).Google Scholar
- [SSPR]Secure Spread Project (http://www.cnds.jhu.edu/research/group/secure_spread/).Google Scholar
- [Saxena et al., 2003]Saxena, N., Tsudik, G., and Yi, J. H. (2003). Admission Control in Peer-to-Peer: Design and Performance Evaluation. In ACM Workshop on Security of Ad Hoc and Sensor Networks (SASN), pages 104–114.Google Scholar