TrustMe: Anonymous Management of Trust Relationships in Decentralized P2P System Aameek Singh, Ling Liu College of Computing, Georgia Tech International.

Slides:



Advertisements
Similar presentations
Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.
Advertisements

A P RESENTATION O N R ESOURCE D ISCOVERY I N T HE P EER- T O- P EER N ETWORK by Aravind Renganathan.
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
Storage management and caching in PAST, a large-scale, persistent peer-to-peer storage utility Antony Rowstron, Peter Druschel Presented by: Cristian Borcea.
Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.
1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
TAODV: A Trusted AODV Routing Protocol for MANET Li Xiaoqi, GiGi March 22, 2004.
TrustMe: Anonymous Management of Trust Relationships in Decentralized P2P Systems Aameek Singh and Ling Liu Presented by: Korporn Panyim.
CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.
Lecture III : Communication Security, Services & Mechanisms Internet Security: Principles & Practices John K. Zao, PhD SMIEEE National Chiao-Tung University.
Secure Multicast Xun Kang. Content Why need secure Multicast? Secure Group Communications Using Key Graphs Batch Update of Key Trees Reliable Group Rekeying.
An Authentication Service Based on Trust and Clustering in Wireless Ad Hoc Networks: Description and Security Evaluation Edith C.H. Ngai and Michael R.
Spring 2002CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Services in Mobile Ad Hoc Networks Edith Ngai and Michael R.
Paul Solomine Security of P2P Systems. P2P Systems Used to download copyrighted files illegally. The RIAA is watching you… Spyware! General users become.
1 Denial-of-Service Resilience in P2P File Sharing Systems Dan Dumitriu (EPFL) Ed Knightly (Rice) Aleksandar Kuzmanovic (Northwestern) Ion Stoica (Berkeley)
Responder Anonymity and Anonymous Peer-to-Peer File Sharing. by Vincent Scarlata, Brian Levine and Clay Shields Presentation by Saravanan.
An Authentication Service Against Dishonest Users in Mobile Ad Hoc Networks Edith Ngai, Michael R. Lyu, and Roland T. Chin IEEE Aerospace Conference, Big.
Security Risks for Ad Hoc Networks and how they can be alleviated By: Jones Olaiya Ogunduyilemi Supervisor: Jens Christian Godskesen © Dec
Chord-over-Chord Overlay Sudhindra Rao Ph.D Qualifier Exam Department of ECECS.
Freenet A Distributed Anonymous Information Storage and Retrieval System I Clarke O Sandberg I Clarke O Sandberg B WileyT W Hong.
Spring 2003CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Topics in Reliable Distributed Systems Fall Dr. Idit Keidar.
Wide-area cooperative storage with CFS
Peer-to-peer file-sharing over mobile ad hoc networks Gang Ding and Bharat Bhargava Department of Computer Sciences Purdue University Pervasive Computing.
SSH Secure Login Connections over the Internet
Freenet: A Distributed Anonymous Information Storage and Retrieval System Presentation by Theodore Mao CS294-4: Peer-to-peer Systems August 27, 2003.
Computer Security Tran, Van Hoai Department of Systems & Networking Faculty of Computer Science & Engineering HCMC University of Technology.
Introduction Widespread unstructured P2P network
Privacy-Preserving P2P Data Sharing with OneSwarm -Piggy.
BitTorrent Presentation by: NANO Surmi Chatterjee Nagakalyani Padakanti Sajitha Iqbal Reetu Sinha Fatemeh Marashi.
Content Overlays (Nick Feamster). 2 Content Overlays Distributed content storage and retrieval Two primary approaches: –Structured overlay –Unstructured.
An efficient secure distributed anonymous routing protocol for mobile and wireless ad hoc networks Authors: A. Boukerche, K. El-Khatib, L. Xu, L. Korba.
Denial of Service (DoS) Attacks in Green Mobile Ad–hoc Networks Ashok M.Kanthe*, Dina Simunic**and Marijan Djurek*** MIPRO 2012, May 21-25,2012, Opatija,
A Security-Aware Routing Protocol for Wireless Ad Hoc Networks
Jonathan Walpole CSE515 - Distributed Computing Systems 1 Teaching Assistant for CSE515 Rahul Dubey.
Kerberos: An Authentication Service for Open Network Systems Jennifer G. Steiner Clifford Neuman Jeffrey I. Schiller.
PRIVACY PRESERVING SOCIAL NETWORKING THROUGH DECENTRALIZATION AUTHORS: L.A. CUTILLO, REFIK MOLVA, THORSTEN STRUFE INSTRUCTOR DR. MOHAMMAD ASHIQUR RAHMAN.
Authentication Applications Unit 6. Kerberos In Greek and Roman mythology, is a multi-headed (usually three-headed) dog, or "hellhound” with a serpent's.
10. Key Management. Contents Key Management  Public-key distribution  Secret-key distribution via public-key cryptography.
Trust- and Clustering-Based Authentication Service in Mobile Ad Hoc Networks Presented by Edith Ngai 28 October 2003.
Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Collusion-Resistant Group Key Management Using Attribute-
By Swetha Namburi.  Trust  Trust Model ◦ Reputation-based Systems ◦ Architectural Approach to Decentralized Trust Management.
Strong Security for Distributed File Systems Group A3 Ka Hou Wong Jahanzeb Faizan Jonathan Sippel.
Evoting using collaborative clustering Justin Gray Osama Khaleel Joey LaConte Frank Watson.
Enabling Peer-to-Peer SDP in an Agent Environment University of Maryland Baltimore County USA.
Rushing Attacks and Defense in Wireless Ad Hoc Network Routing Protocols ► Acts as denial of service by disrupting the flow of data between a source and.
1 Common Secure Index for Conjunctive Keyword-Based Retrieval over Encrypted Data Peishun Wang, Huaxiong Wang, and Josef Pieprzyk: SDM LNCS, vol.
1 Peer-to-Peer Technologies Seminar by: Kunal Goswami (05IT6006) School of Information Technology Guided by: Prof. C.R.Mandal, School of Information Technology.
Protocols for public-key management. Key management –two problems Distribution of public keys (for public- key cryptography) Distribution of secret keys.
1 Network Security Lecture 7 Overview of Authentication Systems Waleed Ejaz
Secure Communication between Set-top Box and Smart Card in DTV Broadcasting Authors: T. Jiang, Y. Hou and S. Zheng Source: IEEE Transactions on Consumer.
3/15/01CSCI {4,6}900: Ubiquitous Computing1 Announcements.
Trust Management in P2P systems Presenter: Lintao Liu April 21th, 2003.
P ROTOCOL FOR COLLABORATING MOBILE AGENTS IN THE NETWORK INTRUSION DETECTION SYSTEMS. By Olumide Simeon Ogunnusi Shukor Abd Razak.
Security fundamentals Topic 5 Using a Public Key Infrastructure.
The EigenTrust Algorithm for Reputation Management in P2P Networks
BY: CHRIS GROVES Privacy in the Voting Booth. Reason for Privacy Voters worry that their vote may be held against them in the future  People shouldn’t.
A Reputation-Based Approach for Choosing Reliable Resources in Peer-to-Peer Networks E. Damiani S. De Capitani di Vimercati S. Paraboschi P. Samarati F.
Algorithms and Techniques in Structured Scalable Peer-to-Peer Networks
LOOKING UP DATA IN P2P SYSTEMS Hari Balakrishnan M. Frans Kaashoek David Karger Robert Morris Ion Stoica MIT LCS.
P2P Search COP6731 Advanced Database Systems. P2P Computing  Powerful personal computer Share computing resources P2P Computing  Advantages: Shared.
P2P Search COP P2P Search Techniques Centralized P2P systems  e.g. Napster, Decentralized & unstructured P2P systems  e.g. Gnutella.
Fall 2006CS 395: Computer Security1 Key Management.
P2P Networking: Freenet Adriane Lau November 9, 2004 MIE456F.
9.2 SECURE CHANNELS JEJI RAMCHAND VEDULLAPALLI. Content Introduction Authentication Message Integrity and Confidentiality Secure Group Communications.
Decentralized Trust Management for Ad-Hoc Peer-to-Peer Networks Thomas Repantis Vana Kalogeraki Department of Computer Science & Engineering University.
Prof. Reuven Aviv, Nov 2013 Public Key Infrastructure1 Prof. Reuven Aviv Tel Hai Academic College Department of Computer Science Public Key Infrastructure.
SOSIMPLE: A Serverless, Standards- based, P2P SIP Communication System David A. Bryan and Bruce B. Lowekamp College of William and Mary Cullen Jennings.
Peer-to-peer networking
Presentation transcript:

TrustMe: Anonymous Management of Trust Relationships in Decentralized P2P System Aameek Singh, Ling Liu College of Computing, Georgia Tech International Conference on Peer-to- Peer Computing (P2P’03) Presenter: Jianming Zhou

Introduction Open and anonymous nature of P2P invites malicious behavior Sharing harmful content, viruses, etc. Need decentralized mechanism to tack Trust Management Trust based reputation metrics  Measure the trustworthiness of a peer  Transaction-based v.s. user-based rating  Dynamically assign a trust value based on peer reviews Issues Trust Model : What reputation metrics to use Access Protocol : How to access and secure their use

Secure Access Protocol Questions: Where should the trust value of a peer be stored? How to securely access other peers’ trust value? Desired Feature Security: protect trust hosting peer from attacks Reliability: Queries get true value Accountability: able to identify malicious peer

Problems of existing protocols Poll-based (Cornelli, et al[4]) Every peer before interacting with another peer broadcasts a trust query for that peer All peers that have interacted with that peer send their votes which are combined locally Public Key Cryptography used to secure Problems: No persistence: incomplete review counting due to peer offline; vulnerable to malicious group cooperation No anonymity: identify disclosure in query message; peers giving poor trust value subject to revenge/threat such as DoS attacks. Tedious decision-making: Peer needs to contact all voters to confirm.

Problem of existing protocols DHT-based (Eigenrep[8]) Mother peers (Hash from peer ID) hold trust value Peer hash ID and query trust value from mother peers Peer decides trust value by majority rule Shortcomings: Insecure communication: vulnerable to MIB. DHT threats: routing tampering, malicious lookup.. No anonymity: mother peers disclosure Group threats: malicious group hold value for each other

TrustMe Protocal Terms: THA peer: peer hold trust value for a particular peer P i : peer i’s private key B i : peer i’s public key SP i : peer i’s special private key SB i : peer i’s special public key TV: trust value TS: time stamp |: concatenate BS: bootstrap server ID: peer identifier BID: special peer identifier assigned by BS K(M): Encryption of message M by key K Offering peer: peer offering resource Querying peer: peer querying for trust value

TrustMe: infrastructure Bootstrap Server (BS) Entry point for peers to enter the network Acts as a kind of certification authority Possess a private-public key pair B BS is publicly available to all peers Each Peer Possess two pair of private-public keys and BS assigned ID : BID i =P BS (“Valid Node”|B’ i ) BS maintains a list of active peers

TrustMe: Protocal General idea Peer A broadcasts to query trust value of Peer B THA peers for B reply with trust value Peer A decides to interact with B based on trust value Peer A reports new trust value of Peer B THA peers for B update Leverage smart public-key cryptography Stages: Peer Join, Trust Query, Trust Reply, Peer Interaction, Trust Report, Peer leave

Peer i: Bootstrap server: Join 1 2 Generate: BID i = P BS (“Valid node”|B i ’ ) B i, B i ’ Assign THA Peer 3 4 Trust Query of peer I : ID i Peer j: Reply with Peer I’s trust value: ID i |B i |SB i |SP i (TV|TS|BID j |P’ j (TS)) 5 Peer x: 6 Collecting Proof-of-interaction P x (TS|B i |ID i ) P i (TS|B x |ID x ) 7 Report Peer X’s trust value for peer I: ID i |SB i (“Report”|V| B x |P x (P i (TS|B x |ID x )))

TrustMe: Query/Reply Query: p j query trust value of p i1,p i2,p i3 …,p n Q(j,{i 1,i 2,i 3,…,i n }) = ID i1 |ID i2 |ID i3 |…|ID in Broadcast query message + P2P forwarding mechanism guarantee privacy Reply: THA p x holding trust value of p i R(x,i)=ID i |B i |SB i |SP i (TV|TS|BID x |P ’ x (TS)) ID i : trust value for Pi B i : for future communication with pi SB i : decrypt SPi(M) SP i : Guarantee reply from THA peer BID x : ensure valid replying is from p x (Given B’ x ), + malicious THA peers can be blacklisted by their BID TS/ P’ x (TS): prevent reply attack

TrustMe: Anti-attack 1 Manipulating Reply Message: R(x,i)=ID i |B i |SB i |SP i (TV|TS|BID x |P ’ x (TS)) Malicious THA Peer Send wrong value (solution:▼)  multiple THA Peers + Majority rule  Punishment (BID x blacklist)+ random THA peer assignment to reduce possibility of malicious cooperation Send wrong value using other BID (▼)  Use P’ x (TS) Malicious non-THA Peer Replay a genuine message (▼)  TS: old messages are discarded Fake keys (▼)  Multiple THA Peers=> Content Conflict=>Identify

TrustMe: Interact/Anti Attack 2 Collecting Proof-of-Interaction (pi  pj) Exchage P i (TS|B j |ID j ) of each other. Prevents replay (TS) Cannot be generated in a fake manner B j and ID j are used for protection against using a message from Peer i’s interaction with some other peer Manipulating Proof-of-Interaction Messages: Replay message (▼) TS : Timestamp Fake (P j, B j ) (▼) Impossible for offering peer because THA Peer send B j to P i in reply message. To prevent query peer fake: offering peer requests its public key from its THA peer

TrustMe: Report/Anti-attack 3 Report: update trust value to THA Peers P j files a report for P i ID i |SB i (“Report”|V|B j |P j (P i (TS|B j |ID j ))) Only THA Peer can read (SP i ) THA Peer need P j ’s ID which can be obtained by decrypting with B j and B i Bj and Pj to prevent unlikely scenario that malicious peers get P i (TS|B j |ID j )

TrustMe: Peer Join/Leave Peer Join Peer posses two pair of Keys (, ) Why use two pairs and  used only while acting as a THA peer  Prevents mapping of public key to identifier after prolonged monitoring of the network Bootstrap server needs to assign a THA peer (Peer x) Create a new private-public key pair Only the THA peer will have the knowledge of SP i Used for secure transmission of trust values for the reply and the report phase Securely transmits to Peer x Broadcast a message: BID x |P BS (BID x |B’ x (ID i |B i |SP i |SB i )) Only BS can generate and only Peer x can read

TrustMe: Peer Leave Peer Leave Create a new THA peer for peers it was responsible for Its trust information is dumped after it is not accessed for some time Not discuss how to handle unexpected leaving!

TrustMe: Benefits Persistence: All reviews are counted and stored distributed No Central Trusted Authority BS is just a form of certification authority All trust mechanism within the network Small decision time Only one reply message needed for decision Ease of contribution Easy to contribute its trust value for another peer Just sending one reply message

Analysis: Experiments Effect of persistence Non-persistent systems can report highly misleading values Having as little as 10 malicious peers acting together can rate the peer being untrustworthy, even when it is not

Analysis: Cost: TrustMe costs more because of more broadcasts Cost varies little with increase in number of THA peers

Analysis: Response Time Caching improves response times Increase in number of THA peers also improves response time

Conclusion Anonymous trust management possible TrustMe provides secure and reliable access to trust values in a decentralized P2P system Compatible with existing Gnutella style systems

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.