Securing Data Authentication with Cryptographic Signatures in BitTorrent Du Wei cc.hut.fi / Supervisor : Professor Jukka Manner Instructor.

Slides:

Advertisements

Similar presentations

Public Key Infrastructure and Applications

Advertisements

Security and Privacy over the Internet Chan Hing Wing, Anthony Mphil Yr. 1, CSE, CUHK Oct 19, 1998.

Web security: SSL and TLS

Digital Library Service – An overview Introduction System Architecture Components and their functionalities Experimental Results.

Network Security: Lab#2 J. H. Wang Apr. 28, 2011.

Rarest First and Choke Algorithms are Enough Arnaud LEGOUT INRIA, Sophia Antipolis France G. Urvoy-Keller and P. Michiardi Institut Eurecom France.

The BitTorrent Protocol

The BitTorrent Protocol. What is BitTorrent?  Efficient content distribution system using file swarming. Does not perform all the functions of a typical.

The BitTorrent protocol A peer-to-peer file sharing protocol.

Incentives Build Robustness in BitTorrent Bram Cohen.

Bit Torrent (Nick Feamster) February 25, BitTorrent Steps for publishing – Peer creates.torrent file and uploads to a web server: contains metadata.

End-to-end Publishing Using Bittorrent. Bittorrent Bittorrent is a widely used peer-to- peer network used to distribute files, especially large ones It.

SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.

An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.

Customized Network Security Protocols Cristina Nita-Rotaru and Jeffrey Seibert SPONSORED BY DOUBLE-TAKE SOFTWARE (Jan July 2009) Department of.

Software based Acceleration Methods for XML Signature (Or: is there such a method) Youjin Song DongGuk University, Korea Yuliang Zheng University of North.

CompSci 356: Computer Network Architectures Lecture 21: Content Distribution Chapter 9.4 Xiaowei Yang

Mar 19, 2002Mårten Trolin1 This lecture On the assignment Certificates and key management SSL/TLS –Introduction –Phases –Commands.

Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas

Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:

November 1, 2006Sarah Wahl / Graduate Student UCCS1 Public Key Infrastructure By Sarah Wahl.

呂駿逸呂學儒施旻宏指導教授鍾添曜. 1. Introduction 2. Related work 3. System design 4. Experiment 5. Future work 6. References.

Encryption An Overview. Fundamental problems Internet traffic goes through many networks and routers Many of those networks are broadcast media Sniffing.

Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture.

Authenticating streamed data in the presence of random packet loss March 17th, Philippe Golle, Stanford University.

Peer-to-Peer Intro Jani & Sami Peltotalo.

1 Incentives Build Robustness in BitTorrent? Analysis on Bit Torrent Client performance By Jimmy Wong.

A P2P file distribution system ——BitTorrent Fan Bin Sep,25,2004.

Cryptography1 CPSC 3730 Cryptography Chapter 13 Digital Signature Standard (DSS)

BitTorrent Background. Common Scenario Millions want to download the same popular huge files (for free) –ISO’s –Media (the real example!) Client-server.

Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.

Secure Systems Research Group - FAU Patterns for Digital Signature using hashing Presented by Keiko Hashizume.

CSCI 6962: Server-side Design and Programming

The Bittorrent Protocol

1 Public-Key Cryptography and Message Authentication Ola Flygt Växjö University, Sweden

Bob can sign a message using a digital signature generation algorithm

.Net Security and Performance -has security slowed down the application By Krishnan Ganesh Madras.

Bit Torrent (Nick Feamster) February 25, BitTorrent Steps for publishing – Peer creates.torrent file and uploads to a web server: contains metadata.

BitTorrent Presentation by: NANO Surmi Chatterjee Nagakalyani Padakanti Sajitha Iqbal Reetu Sinha Fatemeh Marashi.

By Shobana Padmanabhan Sep 12, 2007 CSE 473 Class #4: P2P Section 2.6 of textbook (some pictures here are from the book)

BitTorrent Internet Technologies and Applications.

BitTorrent How it applies to networking. What is BitTorrent P2P file sharing protocol Allows users to distribute large amounts of data without placing.

An Efficient and Secure Event Signature (EASES) Protocol for Peer-to-Peer Massively Multiplayer Online Games Mo-Che Chan, Shun-Yun Hu and Jehn-Ruey Jiang.

High Performance User-Level Sockets over Gigabit Ethernet Pavan Balaji Ohio State University Piyush Shivam Ohio State University.

CS 627 Elliptic Curves and Cryptography Paper by: Aleksandar Jurisic, Alfred J. Menezes Published: January 1998 Presented by: Sagar Chivate.

BitTorrent Dr. Yingwu Zhu. Bittorrent A popular P2P application for file exchange!

A P2P file distribution system ——BitTorrent Pegasus Team CMPE 208.

1 BitHoc: BitTorrent for wireless ad hoc networks Jointly with: Chadi Barakat Jayeoung Choi Anwar Al Hamra Thierry Turletti EPI PLANETE 28/02/2008 MAESTRO/PLANETE.

2: Application Layer1 Chapter 2: Application layer r 2.1 Principles of network applications r 2.2 Web and HTTP r 2.3 FTP r 2.4 Electronic Mail  SMTP,

Bit Torrent A good or a bad?. Common methods of transferring files in the internet: Client-Server Model Peer-to-Peer Network.

Introduction to Secure Sockets Layer (SSL) Protocol Based on:

1 Securing Data and Communication. 2 Module - Securing Data and Communication ♦ Overview Data and communication over public networks like Internet can.

Cryptography and Network Security Chapter 13 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.

Internet-security.ppt-1 ( ) 2000 © Maximilian Riegel Maximilian Riegel Kommunikationsnetz Franken e.V. Internet Security Putting together the.

Security in Skype Prepared by Prithula Dhungel. Security in Skype2 The Skype Service P2P based VoIP software Founded by the founders of Kazaa Can be downloaded.

Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department.

Elliptic Curve Cryptography

Potential vulnerabilities of IPsec-based VPN

By Sandeep Gadi 12/20/  Design choices for securing a system affect performance, scalability and usability. There is usually a tradeoff between.

Digital Signature Standard (DSS) US Govt approved signature scheme designed by NIST & NSA in early 90's published as FIPS-186 in 1991 revised in 1993,

Bit Torrent Nirav A. Vasa. Topics What is BitTorrent? Related Terms How BitTorrent works Steps involved in the working Advantages and Disadvantages.

PEAR TO PEAR PROTOCOL. Pure P2P architecture no always-on server arbitrary end systems directly communicate peers are intermittently connected and change.

End-to-end Publishing Using Bittorrent. Bittorrent Bittorrent is a widely used peer-to- peer network used to distribute files, especially large ones It.

IT 221: Introduction to Information Security Principles Lecture 5: Message Authentications, Hash Functions and Hash/Mac Algorithms For Educational Purposes.

Secure Instant Messenger in Android Name: Shamik Roy Chowdhury.

Introduction to BitTorrent

Angelo Sapello University of Delaware

Small Is Not Always Beautiful

The BitTorrent Protocol

GridTorrent Framework: A High-performance Data Transfer and Data Sharing Framework for Scientific Computing.

Presentation transcript:

Securing Data Authentication with Cryptographic Signatures in BitTorrent Du Wei cc.hut.fi / Supervisor : Professor Jukka Manner Instructor : Professor Sasu Tarkoma Msc. Petri Savolainen Helsinki University of Technology, Finland Department of Communications and Networking

Overview Overview 1.Introduction 2.Background 3.Implemetation 4.Expermental Results and Analysis 5.Conclusion

Peer-to-Peer File Sharing systems Fast Growing Uses : Audio and Video files A major part of traffic on the Internet Different from Client/Server File Sharing systems 1. INTRODUCTION

BitTorrent BitTorrent A Peer-to-Peer File Sharing system The most popular P2P protocol worldwide Millions of users Critical Elements A Web Server : provides the ‘ metainfo ’ file by HTTP The.torrent File : contains ‘ metainfo ’ information (File name, size, checksum, URL of the Tracker, Pieces, Piece length ) A BitTorrent Tracker: manage the list of peers Peers : seeds : have the entire file leechers : still downloading, also called d ownloaders. Free-riders: only download from others but do not upload

How BitTorrent Works? Leecher A Seed Leecher B Tracker Web Server 1. Obtain.torrent file 2. Contact the Tracker (URL) Get-announce 3. Obtain a peer list (contains seeds & leechers) 4. Shake-hand 5. Get pieces 5.Get Pieces

BitTorrent Messages Peer - Peer Messages: TCP Sockets Peer - Tracker Messages: HTTP Request/Response File Organization A Piece Chunk size=256KB A Block (subpiece) 16KB File Incomplete Piece Piece Hash Value (SHA1) Size=20Bytes

How to validate data Generate piece hashes by SHA1 hashing algorithm Save piece hashes in.torrent file Seed will check if hashes are matched before upload the file Leecher will verify data with hashes in.torrent file when each chunk is downloaded in parallel Problems to Address Piece hashes in.torrent file are not secure enough. The size of.torrent file grows, when the file size increases. Especially, when the chunk size (piece size) is small. In P2P live streaming, the chunk size is smaller, the speed is faster. However, the chunk sizes are always large.

2. BACKGROUND Related Work Hash tree : simple but infeasible for a latency sensitive communication Hash chain : lightweight but more complex schemes Cryptographic Signatures Algorithms RSA (Rivest-Shamir-Adleman) DSA (Digital Signature Algorithm) ECDSA (Elliptic Curve Digital Signature Algorithm)

3. IMPELEMENTATION 3.1 Design DSA ECDSA RSA Key Pair Step 1- Generate Key Pair by using Cryptographic Algorithms

Step 2- Create signatures for.sig file with Private key Save Public key in.torrent file

Step 3- Verify Signatures with Public key

Public keys are saved in the.torrent file with different Cryptographic Algorithm (Using Openssl library) RSA : n, e DSA : p, q, g ECDSA : ecp Adding SIGNATURE message in BitTorrent Protocol Policy: Once downloading a piece completely, the peer can authenticate it efficiently right away. This policy lets complete pieces could be authenticated quickly, even for smaller piece sizes (large piece numbers) In order to keep the.torrent file smaller, we save the signatures in a.sig file separately and send corresponding signature separately before a piece is sent.

SIGNATURE: Payload Information: len : (32 bits integer) id : (32 bits integer) piece_index : (32 bits integer) signature : (X bytes) 3.2 SIGNATURE Message

4. EXPERIMENTAL RESULTS AND ANALYSIS Hardware: 2 Desktop PCs 1 Switch Software: Ubuntu 9.04 Ktorrent Openssl 0.9.8g Wondershaper Lab Environments PC1PC2 CPU Intel(R) Core(TM)2 Duo CPU 2.66GHz Intel(R) Core(TM)2 Quad CPU 2.50GHz Memory4GB8GB NIC Intel Corporation 82566DM-2 Gigabit Ethernet Broadcom Corporation NetXtreme BCM5754 Gigabit Ethernet i686 GNU/Linux x86_64 GNU/Linux

Signature Size (Chunk size=32KB) 4.2 Experimental Results Key Size 512(bit) 1024(bit) 2048 (bit) 3072(bit) RSA Signature (Bytes) DSA Signature(Bytes) Size (Bytes) ECSDA Secp-160r1 ECDSA Secp-224r1 ECC Signature 4256 ECC 160bit = RSA 1024bit (algorithms strengths) ECC 224bit = RSA 2048bit (algorithms strengths)

Signing and Verifying Time of Openssl PC1 Sign(ms)Verify(ms)Sign/sVerify/s rsa512bits rsa1024bits rsa2048bits rsa4096bits dsa512bits dsa1024bits dsa2048bits ecdsa(secp160r1)160bits ecdsa(secp224r1)224bits PC2 Sign(ms)Verify(ms)Sign/sVerify/s rsa512bits , rsa1024bits ,223120,2 rsa2048bits ,67338,4 rsa4096bits ,92140,9 dsa512bits ,25731,8 dsa1024bits ,52034,5 dsa2048bits ,8633,8 ecdsa(secp160r1)160bits ,51424,3 ecdsa(secp224r1)224bits ,571937,8

PC2, File Size =150MB Average Download Speed (MB/s) : PC2, File Size =150MB Max Download Speed = 10MB/s, Max Upload Speed =10MB/s, Chunk size=32KB Max Download Speed = 10MB/s, Max Upload Speed =10MB/s, Chunk size=32KB Average Download Speed (MB/s) Algorithms/Key Size (bit) RSA9,058,898,778,60 DSA8,858,538,388,15 ECDSA(spec160r1/spec224r1) 9,008,80 No Signature9,23 Max Download Speed =128KB/s, Max Upload Speed =128KB/s, Chunk size=32KB Average Download Speed (KB/s) Algorithms/Key Size (bit) RSA120,85120,41119,33118,65 DSA120,75120,84120,72120,68 ECDSA(spec160r1/spec224r1)120,89120,75 No Signature121,43

4.3 Data Analysis Max Download Speed =10MB, 150MB File Size, Chunk size=32KB Max Download Speed =128KB, 150MB File Size, Chunk size=32KB

RSA is faster than DSA when Max download speed is 10MB But RSA is slower than DSA when Max donwload speed is 128KB Signature size is smaller, average download speed is faster, when bandwidth is small. Verify time is faster, average download speed is faster, when bandwidth is large. ECC is faster due to its small signature size, although it’s slower to verify

5. Conclusion P2P Networks Millions of Users Secure, Efficient, Energy saving… VoIP BitTorrent TCP http Services

Thank You!