Skip to main content
SpringerLink
Log in

A Survey of Peer-to-Peer Security Issues

  • Conference paper
  • First Online:
Software Security — Theories and Systems (ISSS 2002)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2609))

Included in the following conference series:

Abstract

Peer-to-peer (p2p) networking technologies have gained popularity as a mechanism for users to share files without the need for centralized servers.A p2p network provides a scalable and fault-tolerant mechanism to locate nodes anywhere on a network without maintaining a large amount of routing state. This allows for a variety of applications beyond simple file sharing. Examples include multicast systems, anonymous communications systems, and web caches. We survey security issues that occur in the underlying p2p routing protocols, as well as fairness and trust issues that occur in file sharing and other p2p applications.We discuss how techniques, ranging from cryptography, to random network probing, to economic incentives, can be used to address these problems.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Ratnasamy, S., Francis, P., Handley, M., Karp, R., Shenker, S.: Ascalable content-addressable network. In: Proc. ACM SIGCOMM’01, San Diego, California (2001)

    Google Scholar 

  2. Stoica, I., Morris, R., Karger, D., Kaashoek, M.F., Balakrishnan, H.: Chord:A scalable peerto-peer lookup service for Internet applications. In: Proc. ACM SIGCOMM’01, San Diego, California (2001)

    Google Scholar 

  3. Rowstron, A., Druschel, P.: Pastry: Scalable, distributed object location and routing for largescale peer-to-peer systems. In: Proc. IFIP/ACM Middleware 2001, Heidelberg, Germany (2001)

    Google Scholar 

  4. Zhao, B.Y., Kubiatowicz, J.D., Joseph, A.D.: Tapestry: An infrastructure for fault-resilient wide-area location and routing. Technical Report UCB//CSD-01-1141, U. C. Berkeley (2001)

    Google Scholar 

  5. Castro, M., Druschel, P., Ganesh, A., Rowstron, A., Wallach, D.S.: Secure routing for structured peer-to-peer overlay networks. In: Proc. OSDI 2002, Boston, Massachusetts (2002) To appear.

    Google Scholar 

  6. Sit, E., Morris, R.: Security considerations for peer-to-peer distributed hash tables. In: Proceedings for the 1st InternationalWorkshop on Peer-to-Peer Systems (IPTPS’ 02), Cambridge, Massachusetts (2002)

    Google Scholar 

  7. Saroiu, S., Gummadi, K.P., Dunn, R.J., Gribble, S.D., Levy, H.M.: An analysis of internet content delivery systems. In: Proceedings of the 5th Symposium on Operating Systems Design and Implementation (OSDI 2002), Boston, Massachusetts (2002)

    Google Scholar 

  8. Rowstron, A., Kermarrec, A.M., Druschel, P., Castro, M.: Scribe: The design of a large-scale event notification infrastructure. In: Proc. NGC’2001, London, UK (2001)

    Google Scholar 

  9. Castro, M., Druschel, P., Kermarrec, A.M., Rowstron, A.: SCRIBE:A large-scale and decentralized application-level mul ticast infrastructure. IEEE JSAC 20 (2002)

    Google Scholar 

  10. Castro, M., Liskov, B.: Practical byzantine fault tolerance. In: Proceedings of the Third Symposium on Operating Systems Design and Implementation (OSDI’99), New Orleans, Louisiana (1999)

    Google Scholar 

  11. Douceur, J.R.: The Sybil attack. In: Proceedings for the 1st International Workshop on Peer-to-Peer Systems (IPTPS’ 02), Cambridge, Massachusetts (2002)

    Google Scholar 

  12. Merkle, R.C.: Secure communications over insecure channels. Communications of theACM 21 (1978) 294–299

    Article  Google Scholar 

  13. Dabek, F., Kaashoek, M.F., Karger, D., Morris, R., Stoica, I.: Wide-area cooperative storage with CFS. In: Proc. ACM SOSP’01, Banff, Canada (2001)

    Google Scholar 

  14. Rowstron, A., Druschel, P.: Storage management and caching in PAST, a large-scale, persistent peer-to-peer storage utility. In: Proc. ACM SOSP’01, Banff, Canada (2001)

    Google Scholar 

  15. Mazières, D., Kaminsky, M., Kaashoek, M.F., Witchel, E.: Separating key management from file system security. In: Proc. SOSP’99, Kiawah Island, South Carolina (1999)

    Google Scholar 

  16. Bolosky, W.J., Douceur, J.R., Ely, D., Theimer, M.: Feasibility of a serverless distributed file system deployed on an existing set of desktop PCs. In: Proc. SIGMETRICS’2000, Santa Clara, California (2000)

    Google Scholar 

  17. Feigenbaum, J., Shenker, S.: Distributed algorithmic mechanism design: Recent results and future directions. In: Proceedings of the 6th InternationalWorkshop on Discrete Algorithms and Methods for Mobile Computing and Communications (DIAL-M 2002), Atlanta, Georgia (2002) 1–13

    Google Scholar 

  18. Reiter, M.K., Rubin, A.D.: AnonymousWeb transactions with Crowds. Communications of the ACM 42 (1999) 32–48

    Article  Google Scholar 

  19. Fehr, E., Gachter, S.: Altruistic punishment in humans. Nature (2002) 137–140

    Google Scholar 

  20. Schwartz, J., Tedeschi, B.: New software quietly diverts sales commissions. NewYork Times (2002) http://www.nytimes.com/2002/09/27/technology/27FREE.html.

  21. Spring, T.: KaZaA sneakware stirs inside PCs. PC World (2002) http://www.cnn.com/2002/TECH/internet/05/07/kazaa.software.idg/index.html.

  22. Weatherall, D.: Active network vision and reality: lessons from a capsule-based system. In: Proceedings of the Seventeenth ACM Symposium on Operating System Principles, Kiawah Island, SC (1999) 64–79

    Google Scholar 

  23. Hicks, M., Kakkar, P., Moore, J.T., Gunter, C.A., Nettles, S.: PLAN: A Packet Language for Active Networks. In: Proceedings of the ThirdACM SIGPLAN International Conference on Functional Programming Languages, ACM (1998) 86–93

    Google Scholar 

  24. Wallach, D.S., Balfanz, D., Dean, D., Felten, E.W.: Extensible security architectures for Java. In: Proceedings of the Sixteenth ACM Symposium on Operating System Principles, Saint-Malo, France (1997) 116–128

    Google Scholar 

  25. Reed, M.G., Syverson, P.F., Goldschlag, D.M.: Anonymous connections and onion routing. IEEE Journal on Selected Areas in Communication: Special Issue on Copyright and Privacy Protection 16 (1998)

    Google Scholar 

  26. Waldman, M., Rubin, A.D., Cranor, L.F.: Publius: A robust, tamper-evident, censorshipresistant, web publishing system. In: Proc. 9th USENIX Security Symposium, Denver, Colorado (2000) 59–72

    Google Scholar 

  27. Waldman, M., Mazires, D.: Tangler: A censorship resistant publishing system based on document entanglements. In: 8thACMConference on Computer and Communcation Security (CCS-8), Philadelphia, Pennsylvania (2001)

    Google Scholar 

  28. Hazel, S., Wiley, B.: Achord: A variant of the Chord lookup service for use in censorship resistant peer-to-peer. In: Proceedings for the 1st International Workshop on Peer-to-Peer Systems (IPTPS’ 02), Cambridge, Massachusetts (2002)

    Google Scholar 

  29. Serjantov, A.: Anonymizing censorship resistant systems. In: Proceedings for the 1st InternationalWorkshop on Peer-to-Peer Systems (IPTPS’ 02), Cambridge, Massachusetts (2002)

    Google Scholar 

  30. Freedman, M.J., Sit, E., Cates, J., Morris, R.: Tarzan: A peer-to-peer anonymizing network layer. In: Proceedings for the 1st International Workshop on Peer-to-Peer Systems (IPTPS’ 02), Cambridge, Massachusetts (2002)

    Google Scholar 

  31. Dingledine, R., Freedman, M.J., Molnar, D.: Accountability measures for peer-to-peer systems. In: Peer-to-Peer: Harnessing the Power of Disruptive Technologies, O'Reilly and Associates (2000)

    Google Scholar 

  32. Bellovin, S.: Security aspects of Napster and Gnutella. In: 2001 Usenix Annual Technical Conference, Boston, Massachusetts (2001) Invited talk.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Rice University, 77005, Houston, TX, USA

    Dan S. Wallach

Authors
  1. Dan S. Wallach
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Keio University, 2-15-45 Mita, Minatoku, 108-8345, Tokyo, Japan

    Mitsuhiro Okada

  2. University of Pennsylvania, 200 South 33rd St., 19104, Philadelphia, PA, USA

    Benjamin C. Pierce

  3. University of Pennsylvania, 209 South 33rd St., 19104-6395, Philadelphia, PA, USA

    Andre Scedrov

  4. Keio University, 5322 Endoh, 252-8520, Fujisawa, Japan

    Hideyuki Tokuda

  5. University of Tokyo, 7-3-1 Hongo, Bunkyo-ku, 113, Tokyo, Japan

    Akinori Yonezawa

Rights and permissions

Reprints and permissions

Copyright information

© 2003 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Wallach, D.S. (2003). A Survey of Peer-to-Peer Security Issues. In: Okada, M., Pierce, B.C., Scedrov, A., Tokuda, H., Yonezawa, A. (eds) Software Security — Theories and Systems. ISSS 2002. Lecture Notes in Computer Science, vol 2609. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-36532-X_4

Download citation

  • DOI: https://doi.org/10.1007/3-540-36532-X_4

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-00708-1

  • Online ISBN: 978-3-540-36532-7

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation