Random Visitor: A Defense Against Identity Attacks in P2P Overlay Networks

  • Jabeom Gu
  • Jaehoon Nah
  • Cheoljoo Chae
  • Jaekwang Lee
  • Jongsoo Jang
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4298)


The characteristics of cooperative and trustworthy interaction in peer-to-peer overlay network are seriously challenged by the open nature of the network. The impact is particularly large when the identifiers of resource and peer are not verified because the whole network can be compromised by such attacks as sybil or eclipse. In this paper, we present an identifier authentication mechanism called random visitor, which is a third party who is serving as a delegate of an identity proof. Design rationale and framework details are presented. Discussion about the strength and cost of the proposed scheme is also presented.


Overlay Network Distribute Hash Table Trusted Third Party Sybil Attack Proof Mechanism 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Gong, L.: Jxta: A network programming environment. IEEE Internet Computing 5, 88–95, ID:613610 (2001)Google Scholar
  2. 2.
    Oram, A.: Peer-to-Peer: Harnessing the Benefits of a Disruptive Technology, 1st edn. O’Reilly, Sebastopol (2001)Google Scholar
  3. 3.
    Ratnasamy, S., Francis, P., Handley, M., Karp, R., Schenker, S.: A scalable content-addressable network. In: Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications, San Diego, California, United States, pp. 161–172. ACM Press, New York (2001)CrossRefGoogle Scholar
  4. 4.
    Stoica, I., Morris, R., Liben-Nowell, D., Karger, D.R., Kaashoek, M.F., Dabek, F., Balakrishnan, H.: Chord: A scalable peer-to-peer lookup protocol for internet applications. IEEE/ACM Trans. Netw. 11(1), 17–32 (2003)CrossRefGoogle Scholar
  5. 5.
    Zhao, B.Y., Huang, L., Stribling, J., Rhea, S.C., Joseph, A.D., Kubiatowicz, J.D.: Tapestry: A resilient global-scale overlay for service deployment. IEEE Journal on Selected Areas in Communications 22(1), 41–53 (2004)CrossRefGoogle Scholar
  6. 6.
    Rowstron, A., Druschel, P.: Pastry: Scalable, distributed object location and routing for large-scale peer-to-peer systems. In: Guerraoui, R. (ed.) Middleware 2001. LNCS, vol. 2218, pp. 329–350. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  7. 7.
    Ratnasamy, S., Shenker, S., Stoica, I.: Routing algorithms for dhts: Some open questions. In: Druschel, P., Kaashoek, M.F., Rowstron, A. (eds.) IPTPS 2002. LNCS, vol. 2429, Springer, Heidelberg (2002)CrossRefGoogle Scholar
  8. 8.
    Xu, J., Kumar, A., Yu, X.: On the fundamental tradeoffs between routing table size and network diameter in p2p networks. IEEE J. Selected Areas in Comm. 22(1), 151–163 (2004)zbMATHCrossRefGoogle Scholar
  9. 9.
    Rivest, R.L.: The md5 message-digest algorithm (1992)Google Scholar
  10. 10.
    Eastlake, D., Jones, P.: Us secure hash algorithm 1 (sha1) (2001)Google Scholar
  11. 11.
    Castro, M., Druschel, P., Ganesh, A., Rowstron, A., Wallach, D.S.: Secure routing for structured peer-to-peer overlay networks. SIGOPS Oper. Syst. Rev. 36, 299–314 (2002)CrossRefGoogle Scholar
  12. 12.
    Shamir, A.: Identity-based cryptosystems and signature schemes. In: Blakely, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 47–53. Springer, Heidelberg (1985)CrossRefGoogle Scholar
  13. 13.
    Cocks, C.: An identity based encryption scheme based on quadratic residues. In: Honary, B. (ed.) Cryptography and Coding. LNCS, vol. 2260, pp. 360–363. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  14. 14.
    Boneh, D., Franklin, M.: Identity-based encryption from the weil pairing. SIAM J. Comput. 32(3), 586–615 (2003)zbMATHCrossRefMathSciNetGoogle Scholar
  15. 15.
    Martin, L.: Identity-Based Encryption: A Closer Look. ISSA Journal, 22–24 (2005)Google Scholar
  16. 16.
    O’Shea, G., Roe, M.: Child-proof authentication for mipv6 (cam). SIGCOMM Comput. Commun. Rev. 31(2), 4–8 (2001)CrossRefGoogle Scholar
  17. 17.
    Aura, T.: Cryptographically generated addresses (cga) (2005)Google Scholar
  18. 18.
    Montenegro, G., Castelluccia, C.: Statistically unique and cryptographically verifiable (sucv) identifiers and addresses. In: Proceedings of the Network and Distributed System Security Symposium, NDSS 2002, San Diego, California, USA, The Internet Society (2002)Google Scholar
  19. 19.
    Douceur, J.: The sybil attack. In: Druschel, P., Kaashoek, M.F., Rowstron, A. (eds.) IPTPS 2002. LNCS, vol. 2429, pp. 251–260. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  20. 20.
    Ganesh, L., Zhao, B.Y.: Identity theft protection in structured overlays. In: Proc. of 1st Workshop on Secure Network Protocols (NPSec), Boston, MA (2005)Google Scholar
  21. 21.
    Condie, T., Kacholia, V., Sank, S., Hellerstein, J.M., Maniatis, P.: Induced churn as shelter from routing-table poisoning. In: Proceedings of the Network and Distributed System Security Symposium (NDSS) (2006)Google Scholar
  22. 22.
    Singh, A., Castro, M., Rowstron, A., Druschel, P.: Defending against eclipse attacks on overlay networks. In: Proceedings of the 11th ACM SIGOPS European Workshop, Leuven, Belgium, ACM Press, New York (2004)Google Scholar
  23. 23.
    Risson, J., Moors, T.: Survey of research towards robust peer-to-peer networks: Search methods. Technical Report UNSW-EE-P2P-1-1, University of New South Wales (2004)Google Scholar
  24. 24.
    Sit, E., Morris, R.: Security considerations for peer-to-peer distributed hash tables. In: Druschel, P., Kaashoek, M.F., Rowstron, A. (eds.) IPTPS 2002. LNCS, vol. 2429, Springer, Heidelberg (2002)CrossRefGoogle Scholar
  25. 25.
    Rowaihy, H., Enck, W., McDaniel, P., Porta, T.L.: Limiting sybil attacks in structured peer-to-peer networks. Technical Report NAS-TR-0017-2005, Network and Security Research Center, Department of Computer Science and Engineering, Pennsylvania State University (2005)Google Scholar
  26. 26.
    Danezis, G., Lesniewski-Laas, C., Kaashoek, M.F., Anderson, R.: Sybil-resistant dht routing. In: de Capitani di Vimercati, S., Syverson, P.F., Gollmann, D. (eds.) ESORICS 2005. LNCS, vol. 3679, Springer, Heidelberg (2005)CrossRefGoogle Scholar
  27. 27.
    Dinger, J., Hartenstein, H.: Defending the sybil attack in p2p networks: Taxonomy, challenges, and a proposal for self-registration. In: First International Conference on Availability, Reliability and Security (ARES’06), pp. 756–763 (2006)Google Scholar
  28. 28.
    Čapkun, S., Hubaux, J.-P., Buttyán, L.: Mobility helps peer-to-peer security. IEEE Transactions on Mobile Computing 5(1), 43–51 (2006)CrossRefGoogle Scholar
  29. 29.
    Mao, W.: Modern Cryptography: Theory and Practice. Prentice Hall PTR, Upper Saddle River (2004)Google Scholar
  30. 30.
    Dabek, F., Zhao, B., Druschel, P., Kubiatowicz, J., Stoica, I.: Towards a common api for structured peer-to-peer overlays. In: Kaashoek, M.F., Stoica, I. (eds.) IPTPS 2003. LNCS, vol. 2735, Springer, Heidelberg (2003)Google Scholar
  31. 31.
    Aberer, K., Alima, L.O., Ghodsi, A., Girdzijauskas, S., Hauswirth, M., Haridi, S.: The essence of p2p: A reference architecture for overlay networks. In: Proceedings of 5th IEEE International Conference on Peer-to-Peer Computing, Konstanz, Germany, IEEE Computer Society Press, Los Alamitos (2005)Google Scholar
  32. 32.
    Dengler, T., et al.: Jxta v2.0 protocols specification. Technical report, Sun Microsystems (2001)Google Scholar

Copyright information

© Springer Berlin Heidelberg 2007

Authors and Affiliations

  • Jabeom Gu
    • 1
  • Jaehoon Nah
    • 1
  • Cheoljoo Chae
    • 2
  • Jaekwang Lee
    • 2
  • Jongsoo Jang
    • 1
  1. 1.Electronics and Telecommunications Research Institute, Daejeon 305-350Korea
  2. 2.Hannam University, Daejeon 306-791Korea

Personalised recommendations