Secure Peer-to-Peer Overlay Networks
Johns Hopkins University, Baltimore MD
Investigators
Abstract
CCR-0311795 Title: Secure Peer-to-Peer Overlay Networks PIs: Baruch Awerbuch and Christian Scheideler, Johns Hopkins University ABSTRACT Peer-to-peer (P2P) systems have recently become extremely popular for a variety of reasons. For example, the fact that peer-to-peer systems do not need a central server means that individuals can cooperate without fees or an investment in additional high-performance hardware. Also, peer-to-peer systems enable the use of computations and storage resources that otherwise sit idle on individual computers. Furthermore, the decentralized and distributed nature of peer-to-peer systems makes them robust against accidental faults. Unfortunately, the architecture of many current and proposed P2P systems assumes that the nodes can be trusted not to behave maliciously. While this may be possible to achieve with the help of a central certification authority, in many situations it is not desirable to constrain the membership of a P2P system. Consequently, the system must be able to withstand a variety of security attacks. Many of the existing systems are quite vulnerable security against very mild attacks that we call unlucky-input attacks. There is no need to do anything malicious to execute a major denial of service. Even if all processors follow the protocol to the letter, it is possible for the system to run into a situation with extremely poor connectivity (and therefore performance) or a memory overflow at some sites. Furthermore, if users leave the network at inopportune times, they may permanently remove data or disconnect some sites. Although these bad luck events may rarely happen, an adversary can significantly reduce the time required for such events without doing anything illegal such as altering the protocol or sniffing at communication between other peers. These anomalies exploit "minor theoretical glitches" in the existing approaches, and but they could serve as a platform for major DOS attacks. The goal of this work is to develop a sound theoretical foundation for peer-to-peer systems that will allow fixing these problems in existing systems.
View original record on NSF Award Search →