Peer-to-Peer Wireless Network Confederation (P2PWNC) George C. Polyzos Mobile Multimedia Laboratory Department of Computer Science Athens University of Economics and Business P2P colloquium, Darmstadt, December 7, 2005

Idea Manhattan WLANs, 2002 Skyhook Wireless Wi-Fi Positioning System (WPS) A wireless LAN (WLAN) aggregation scheme  Unites WLANs in citywide [con]federations  Requires no authorities: open to all, IDs are free  Relies on reciprocity between peers Motivation  Numerous WLANs, connected to the Internet, are within the range of passersby

Nokia 9500 Motorola CN620 Motivation (III)  WLAN-enabled mobile phones are on the market Motivation (IV)  Public WLAN operators mainly target “hotspots”  Municipal wireless still in its infancy Motivation (II)  Many WLANs are secured against outsiders  Need incentives to keep them open Motivation

From Gartner:  2001: 1200 public hotspots worldwide  2003: public hotspots worldwide  2005: WLANs in hotels worldwide The Public Hotspot Market A subscription buys you (June 2005):  Sprint PCS: hotspots worldwide  Boingo Wireless: hotspots worldwide  T-Mobile HotSpot: hotspots worldwide Skyhook Wireless data (2005):  WLANs in just 5 Massachusetts cities and towns (Watertown, Brookline, Roxbury, Newton, and Cambridge)

P2PWNC: An incentives-based P2P system  Teams provide WLAN access to each other  Teams should provide in order to consume WLAN view Team view : WLAN access point : team member White team Green team Blue team The Rules

Adopt N-way exchanges as the incentive scheme  A generalization of barter, which retains some of its simplicity  “Provide to those [who provided to those]* who provided to me”  A type of (cyclical) indirect reciprocity  Scales to larger communities, compared to direct-only exchanges  Does not rely on (central or distributed) authorities N-way Exchanges ABCD Some variants of the basic N-way scheme: Cox, Noble, “Samsara: Honor Among Thieves in P2P Storage,” SOSP’03 Ngan, Wallach, Druschel, “Enforcing Fair Sharing of P2P Resources, “ IPTPS’03 Anagnostakis, Greenwald, “Exchange-based Incentive Mechanisms for P2P File Sharing,” ICDCS’04 Feldman, Lai, Stoica, Chuang, “Robust Incentive Techniques for P2P Networks,” ACM EC’04

Versions ArchitectureIncentive techniqueComment Version 1.0 (MMAPPS) MMAPPS local accounts pattern Relied on tamperproof software NWAY 1 Favors large teams, unimplemented Version 2.0GMF 2 Assumes homogeneous consumptions Version 3.0 (in progress) in progressMore realistic assumptions 1. E. C. Efstathiou and G. C. Polyzos, “Self-Organized Peering of Wireless LAN Hotspots,” European Transactions on Telecommunications, vol. 16, no. 5, (Special Issue on Self-Organization in Mobile Networking), Sept/Oct [12% acceptance rate] 2. E. C. Efstathiou, P. A. Frangoudis, and G. C. Polyzos, “Stimulating Participation in Wireless Community Networks,” IEEE INFOCOM 2006, Barcelona, Spain, April 2006 (to appear). [18% acceptance rate]

Version History  Sept. 2002: P2PWNC started in the context of IST MMAPPS (Market Management of Peer-to-Peer Services)  Sept. 2003: Demo of version 1.0 Team 1 (5 persons from AUEB) Theory Team (2 persons from AUEB)  June 2005: Demo of version 2.0 Team 2 (3 persons) Results will be presented at IEEE INFOCOM, Barcelona, April 2006  Oct. 2005: Started work on version 3.0 Team 3 (7 persons) Preparing demo for TRIDENTCOM 2006 and/or INFOCOM 2006

System Entities Team = Members + Access Points (APs)  Teams := P2PWNC peers  Assume intra-team trust  Team ID = (unique) PK-SK pair Member certificate  Member ID = (unique) PK-SK pair  Member certificate binds Member PK to Team PK Receipt  Encodes P2PWNC transactions between teams  Signed by consuming member  Receipt weight: amount of bytes the AP forwarded Member PK Team PK Member cert Timestamp Team PK Signed by Team SK Signed by Member SK Weight PK: public key SK: private key

Receipt Generation C P CONN CACK 11:50am = t 0 (member connects) C P RREQ RCPT 11:51am (P requests 1 st receipt) RCPT timestamp = t 0 RCPT weight = w 1 C P RREQ RCPT 11:52am (P requests 2 nd receipt) RCPT timestamp = t 0 RCPT weight = w 2 > w 1 P RREQ RCPT 11:53am (member has departed) P stores last receipt (timeout) Receipt Repository

P2PWNC Protocol: Entities and Messages Mobile User Access PointRepository CONN QUER QRSP CACK RREQ RCPT Timeout/ Conn. closed RCPT RREQ Text-based protocol. Certificates and keys encoded in Base64. RCPT P2PWNC/2.0 Content-length: 357 Algorithm: ECC160 Timestamp: Tue, 24 May :26: Weight: 6336 BNibmxStfJlod/LnZubH6pzWHQqKyZFcSMjnZurmTe4KjCRkllhV93MEegPv Csxz2oe/hqevoPSrwO1JLO/36J8HTIeyeKQqTCfx+EPxweAvYC/ZFb8URLa2 faIbvSgD3lm6Wa1S4cYlSWeSNmFzS/ebDFfzakqNSEsERefwEcdWJD9gzIXa fL4pojhhfP5brS4QPtHzBl58POfKdx9AqCDMBxRoGALKJSJYYXlsrwtiyZJK vPlU5B3lWrFuL25Pd+kv2iMVRElXk/4=

Centralized Operation Mode One RR (Receipt Repository) for all teams. - Susceptible to DoS in layer 3 and in app. layer (overflow RR with fake receipts) - Confederation teams may be unable or unwilling to agree on the same RR, dividing the confederation + Simpler to deploy and bootstrap

Decentralized Operation Mode One RR (Receipt Repository) per team (running on the “team server”). + Not susceptible to DoS (IP address known only within the team) and only team members talk to it - Needs gossiping mechanism (which uses the members themselves to carry receipts around) - Partial views of confederation history can favor free-riding

The Receipt Graph A B C G H F E D I Directed weighted graph (with cycles) Vertices: team public keys Edge weight: sum of weights of corresponding receipts Edges point from the consuming team to the providing team W1 W2 W3 W4 W5W6 W7 W8 W9 W10 W11 W12 W13 W14 Graph security Free-riders and colluders can create an arbitrary number of fake vertices and edges They cannot create fake outgoing edges starting from teams who are outside the colluding group (they do not have the relevant private keys)

GMF - Background A B C G H F E D I Directed weighted graph (with cycles) Vertices: team public keys Edge weight: sum of weights of corresponding receipts Edges point from the consuming team to the providing team W1 W2 W3 W4 W5W6 W7 W8 W9 W10 W11 W12 W13 W14 Graph security Free-riders and colluders can create an arbitrary number of fake vertices and edges They cannot create fake outgoing edges starting from teams who are outside the colluding group (they do not have the relevant private keys)

GMF - Heuristic A B C G H F E D I Directed weighted graph (with cycles) Vertices: team public keys Edge weight: sum of weights of corresponding receipts Edges point from the consuming team to the providing team W1 W2 W3 W4 W5W6 W7 W8 W9 W10 W11 W12 W13 W14 Graph security Free-riders and colluders can create an arbitrary number of fake vertices and edges They cannot create fake outgoing edges starting from teams who are outside the colluding group (they do not have the relevant private keys)

GMF - Evaluation A B C G H F E D I Directed weighted graph (with cycles) Vertices: team public keys Edge weight: sum of weights of corresponding receipts Edges point from the consuming team to the providing team W1 W2 W3 W4 W5W6 W7 W8 W9 W10 W11 W12 W13 W14 Graph security Free-riders and colluders can create an arbitrary number of fake vertices and edges They cannot create fake outgoing edges starting from teams who are outside the colluding group (they do not have the relevant private keys)

IST MMAPPS version (Version 1.0) P2PWNC Domain Agent Application WLAN Provisioning Service Network Services Authentication Packet snifferFirewall Rate control Routing / NATDHCP MMAPPS and JXTA WLAN eventsWLAN service calls AccountingNegotiation Rules

Visitor Negotiation MMAPPS Negotiation Visitor Session WLAN Visitor Negotiation MMAPPS Negotiation Listener WLAN Visited peer - Provider Home peer - Consumer 1. Visitor credentials check 2. Negotiate 3. Request service 4a. MMAPPS negotiation 4b. Balance check 5. Start 6. Balance OK: Proceed (visitor password resides in home database) IST MMAPPS version (Version 1.0)

First attempts at Linux-based WLAN mgmt: AAA, DHCP, NAT, QoS, …

First attempts at Linux-based WLAN mgmt: Traffic logging using (fast) kernel, user modules

First simple rules (tamperproof software!)

First experiments with PDAs and Linux WLAN gateways

Version 2 Architecture Receipt store GMF execution Member update (decentralized mode) DHCP NAT/router/firewall Authenticator Receipt verification Member certificate Receipt generation Also carries team receipts (decentralized mode). Member-AP interface Member-Home interface Home-AP interface Standard PC, or collocated with Linksys Linksys WRT54GS AP (32MB RAM, 8MB Flash) Windows Mobile client

Linux-based WLAN access point  We implemented the P2PWNC protocol (AP side) on it  32 MB RAM, 8 MB Flash, 200 MHz CPU  Retails for less than $70  Cryptographic, maxflow performance comparable to 200 MHz PC  Can act as team server/RR (storing more than receipts) Linksys WRT54GS

Repository Implementation (Version 2.0) Receipt Repository –Efficient, composite data structure for receipt storage and queries –Incentive algorithms: pluggable modules –maximum-flow algorithm optimizations Push-Relabel Algorithm - O(V 3 ) Global relabeling heuristic

Athlon XP 2800Linksys WRT54GS Bit length (RSA/ECC) RSAECCRSAECC 1024/ ms6.5 ms12.3 ms114.7 ms 1536/ ms6.0 ms21.4 ms 99.9 ms 2048/ ms7.1 ms37.9 ms135.7 ms 3072/ ms8.6 ms75.3 ms453.0 ms Linksys verification performance compared to a 2GHz PC for all P2PWNC signature types

QoS Scheme for version 3.0 Reinterpret the result of GMF not as probability to provide unrestricted service but as the QoS to be provided Build traffic policing module for both Windows and Linux- based (tc-based) routers

Secure Services (version 3.0) Home AP 1 Wireless Client 1 Home AP 2Visited AP 1Visited AP 2 Wireless Client 2 Internet GSM Team Server 1 Team Server 2 Each client uses its own tunnel endpoint for scalability (usually their own home). Client can learn the endpoint’s current IP address from his team server. Caller sends SMS containing current tunnel endpoint IP address and a tunnel identifier. No centralized registrars are needed (e.g. SIP registrars, dynamic DNS).

L2TP IPSec Tunnels Client side support: Windows, Windows Mobile Server side support: Linux (and Linksys), Windows

IPSEC-ESP-RFC 3948: UDP encapsulation of IPSec ESP Packets (used after a NAT detection process detects a NAT) NAT traversal a problem for IPSec, but: Support for NAT-T in Windows, Windows Mobile and in the Openswan Linux VPN gateway that we are using

VoIP for Windows Mobile (version 3.0)

Deployment: the Athens Wireless Metropolitan Network

AWMN is one of the largest WMNs globally, with more than 3000 nodes P2PWNC version 3.0 is designed to be compatible with most AWMN nodes Setup of AWMN Node #66 in MMlab is finally underway! AWMN and P2PWNC

P2PWNC Publications and Website 1. E. C. Efstathiou and G. C. Polyzos, “ Self-Organized Peering of Wireless LAN Hotspots, ” European Transactions on Telecommunications, vol. 16, no. 5, (Special Issue on Self-Organization in Mobile Networking), Sept/Oct [12% acceptance rate] 2. E. C. Efstathiou and G. C. Polyzos, “ Peer-to-Peer Wireless Network Confederation, ” in Encyclopedia of Virtual Communities and Technologies, S. Dasgupta, ed., Idea Group Reference, E. C. Efstathiou and G. C. Polyzos, “ P2PWNC: A Peer-to-Peer Approach to Wireless LAN Roaming, ” in Handbook of Wireless Local Area Networks: Applications, Technology, Security, and Standards, M. Ilyas, S. Ahson, eds., CRC Press, E. C. Efstathiou, P. A. Frangoudis, and G. C. Polyzos, “ Stimulating Participation in Wireless Community Networks, ” IEEE INFOCOM 2006, Barcelona, Spain, April 2006 (to appear). [18% acceptance rate] 5. P. A. Frangoudis, E. C. Efstathiou, and G. C. Polyzos, “ Reducing Management Complexity through Pure Exchange Economies: A Prototype System for Next Generation Wireless/Mobile Network Operators, ” 12 th Workshop of the HP Openview University Association (HPOVUA), Porto, Portugal, July E. C. Efstathiou and G. C. Polyzos, “ Can Residential Wireless LANs Play a Role in 4G? ” 4G Mobile Forum (4GMF) Annual Conference, San Diego, CA, July E. C. Efstathiou and G. C. Polyzos, “ A Self-Managed Scheme for Free Citywide Wi-Fi, ” IEEE WoWMoM Autonomic Communications and Computing Workshop, Taormina, Italy, June E. C. Efstathiou, “ Self-Organized Peering of Wireless LANs, ” IEEE INFOCOM 2005 Student Workshop, Miami, FL, March E. C. Efstathiou and G. C. Polyzos, “ Trustworthy Accounting for Wireless LAN Sharing Communities, ” 1 st European PKI Workshop, Samos Island, Greece, June E. C. Efstathiou and G. C. Polyzos, “ Designing a Peer-to-Peer Wireless Network Confederation, ” IEEE LCN Workshop on Wireless Local Networks (WLN), Bonn, Germany, Oct P. Antoniadis, C. Courcoubetis, E. C. Efstathiou, G. C. Polyzos, and B. Strulo, “ Peer-to-Peer Wireless LAN Consortia: Economic Modeling and Architecture, ” 3 rd IEEE International Conference on Peer-to-Peer Computing, Link ö ping, Sweden, Sept E. C. Efstathiou and G. C. Polyzos, “ A Peer-to-Peer Approach to Wireless LAN Roaming, ” ACM MOBICOM Workshop on Wireless Mobile Applications and Services on WLAN Hotspots (WMASH), San Diego, CA, Sept P. Antoniadis, C. Courcoubetis, E. C. Efstathiou, G. C. Polyzos, and B. Strulo, “ The Case for P2P Wireless LAN Consortia, ” 12 th IST Summit on Mobile/Wireless Communications, Aveiro, Portugal, June 2003.