TrustMe: Anonymous Management of Trust Relationships in Decentralized P2P Systems Aameek Singh and Ling Liu Presented by: Korporn Panyim.

Slides:



Advertisements
Similar presentations
Mobile and Wireless Computing Institute for Computer Science, University of Freiburg Western Australian Interactive Virtual Environments Centre (IVEC)
Advertisements

Supervisor :Dr. Lo'ai Ali Tawalbeh Done by: Wa’el Musa Hadi
SCSC 455 Computer Security
Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.
Kerberos 1 Public domain image of Heracles and Cerberus. From an Attic bilingual amphora, 530–520 BC. From Italy (?).
A P RESENTATION O N R ESOURCE D ISCOVERY I N T HE P EER- T O- P EER N ETWORK by Aravind Renganathan.
Last Class: The Problem BobAlice Eve Private Message Eavesdropping.
Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.
BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.
Sec-TEEN: Secure Threshold sensitive Energy Efficient sensor Network protocol Ibrahim Alkhori, Tamer Abukhalil & Abdel-shakour A. Abuznied Department of.
Location Based Trust for Mobile User – Generated Content : Applications, Challenges and Implementations Presented By : Anand Dipakkumar Joshi USC.
Denial-of-Service Resilience in Peer-to-Peer Systems D. Dumitriu, E. Knightly, A. Kuzmanovic, I. Stoica and W. Zwaenepoel Presenter: Yan Gao.
Open Problems in Data- Sharing Peer-to-Peer Systems Neil Daswani, Hector Garcia-Molina, Beverly Yang.
CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.
1 Freeriders in P2P: Pricing Incentives Don Towsley UMass-Amherst collaborators: D. Figueiredo, J. Shapiro.
An Authentication Service Based on Trust and Clustering in Wireless Ad Hoc Networks: Description and Security Evaluation Edith C.H. Ngai and Michael R.
FRIENDS: File Retrieval In a dEcentralized Network Distribution System Steven Huang, Kevin Li Computer Science and Engineering University of California,
Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Services in Mobile Ad Hoc Networks Edith Ngai and Michael R.
Paul Solomine Security of P2P Systems. P2P Systems Used to download copyrighted files illegally. The RIAA is watching you… Spyware! General users become.
Random Key Predistribution Schemes for Sensor Networks Authors: Haowen Chan, Adrian Perrig, Dawn Song Carnegie Mellon University Presented by: Johnny Flowers.
1 Denial-of-Service Resilience in P2P File Sharing Systems Dan Dumitriu (EPFL) Ed Knightly (Rice) Aleksandar Kuzmanovic (Northwestern) Ion Stoica (Berkeley)
A Trust Based Assess Control Framework for P2P File-Sharing System Speaker : Jia-Hui Huang Adviser : Kai-Wei Ke Date : 2004 / 3 / 15.
Responder Anonymity and Anonymous Peer-to-Peer File Sharing. by Vincent Scarlata, Brian Levine and Clay Shields Presentation by Saravanan.
Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture.
Pseudo Trust: Zero-Knowledge Based Authentication in Anonymous Peer-to-Peer Protocols Li Lu, Lei Hu State Key Lab of Information Security, Graduate School.
Gnutella, Freenet and Peer to Peer Networks By Norman Eng Steven Hnatko George Papadopoulos.
1 Chapter 13: Representing Identity What is identity Different contexts, environments Pseudonymity and anonymity.
Alexander Potapov.  Authentication definition  Protocol architectures  Cryptographic properties  Freshness  Types of attack on protocols  Two-way.
Freenet: A Distributed Anonymous Information Storage and Retrieval System Presentation by Theodore Mao CS294-4: Peer-to-peer Systems August 27, 2003.
Security Considerations for Wireless Sensor Networks Prabal Dutta (614) Security Considerations for Wireless Sensor Networks.
1 Introduction to Security and Cryptology Enterprise Systems DT211 Denis Manley.
Freenet. Anonymity  Napster, Gnutella, Kazaa do not provide anonymity  Users know who they are downloading from  Others know who sent a query  Freenet.
1 Measurements and Mitigation of Peer-to-Peer-based Botnets: A Case Study on Storm Worm T. Holz, M. Steiner, F. Dahl, E. Biersack, and F. Freiling - Proceedings.
Chapter 10: Authentication Guide to Computer Network Security.
Introduction Widespread unstructured P2P network
Privacy-Preserving P2P Data Sharing with OneSwarm -Piggy.
Wireless and Security CSCI 5857: Encoding and Encryption.
BitTorrent Presentation by: NANO Surmi Chatterjee Nagakalyani Padakanti Sajitha Iqbal Reetu Sinha Fatemeh Marashi.
MOBILE AD-HOC NETWORK(MANET) SECURITY VAMSI KRISHNA KANURI NAGA SWETHA DASARI RESHMA ARAVAPALLI.
An efficient secure distributed anonymous routing protocol for mobile and wireless ad hoc networks Authors: A. Boukerche, K. El-Khatib, L. Xu, L. Korba.
Peer to Peer Research survey TingYang Chang. Intro. Of P2P Computers of the system was known as peers which sharing data files with each other. Build.
SecureMR: A Service Integrity Assurance Framework for MapReduce Author: Wei Wei, Juan Du, Ting Yu, Xiaohui Gu Source: Annual Computer Security Applications.
1 Section 10.9 Internet Security Association and Key Management Protocol ISAKMP.
Freenet: A Distributed Anonymous Information Storage and Retrieval System Presenter: Chris Grier ECE 598nb Spring 2006.
PRIVACY PRESERVING SOCIAL NETWORKING THROUGH DECENTRALIZATION AUTHORS: L.A. CUTILLO, REFIK MOLVA, THORSTEN STRUFE INSTRUCTOR DR. MOHAMMAD ASHIQUR RAHMAN.
Authentication Applications Unit 6. Kerberos In Greek and Roman mythology, is a multi-headed (usually three-headed) dog, or "hellhound” with a serpent's.
10. Key Management. Contents Key Management  Public-key distribution  Secret-key distribution via public-key cryptography.
Chapter 21 Distributed System Security Copyright © 2008.
Evoting using collaborative clustering Justin Gray Osama Khaleel Joey LaConte Frank Watson.
Rushing Attacks and Defense in Wireless Ad Hoc Network Routing Protocols ► Acts as denial of service by disrupting the flow of data between a source and.
Presented by: Sanketh Beerabbi University of Central Florida.
1 Peer-to-Peer Technologies Seminar by: Kunal Goswami (05IT6006) School of Information Technology Guided by: Prof. C.R.Mandal, School of Information Technology.
Partition and multi-path transmission-An encryption-free reputation sharing protocol in Gnutella-like peer-to-peer network Author: X. X. Ma, and Z. G.
Freenet “…an adaptive peer-to-peer network application that permits the publication, replication, and retrieval of data while protecting the anonymity.
Trust Management in P2P systems Presenter: Lintao Liu April 21th, 2003.
On the Security of Polling Protocols in Peer-to-Peer Systems Bartlomiej Sieka (U. Illinois-Chicago) Ajay D. Kshemkalyani (U. Illinois-Chicago) Mukesh Singhal.
BY: CHRIS GROVES Privacy in the Voting Booth. Reason for Privacy Voters worry that their vote may be held against them in the future  People shouldn’t.
A Reputation-Based Approach for Choosing Reliable Resources in Peer-to-Peer Networks E. Damiani S. De Capitani di Vimercati S. Paraboschi P. Samarati F.
LOOKING UP DATA IN P2P SYSTEMS Hari Balakrishnan M. Frans Kaashoek David Karger Robert Morris Ion Stoica MIT LCS.
TrustMe: Anonymous Management of Trust Relationships in Decentralized P2P System Aameek Singh, Ling Liu College of Computing, Georgia Tech International.
The EigenTrust Algorithm for Reputation Management in P2P Networks Sepandar D.Kamvar Mario T.Schlosser Hector Garcia-Molina.
Lecture 11 Overview. Digital Signature Properties CS 450/650 Lecture 11: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.
SPEAKER: HONG-JI WEI DATE: Efficient and Secure Anonymous Authentication Scheme with Roaming Used in Mobile Networks.
Fall 2006CS 395: Computer Security1 Key Management.
P2P Networking: Freenet Adriane Lau November 9, 2004 MIE456F.
Decentralized Trust Management for Ad-Hoc Peer-to-Peer Networks Thomas Repantis Vana Kalogeraki Department of Computer Science & Engineering University.
SECURITY. Security Threats, Policies, and Mechanisms There are four types of security threats to consider 1. Interception 2 Interruption 3. Modification.
Dr. Nermi hamza.  A user may gain access to a particular workstation and pretend to be another user operating from that workstation.  A user may eavesdrop.
Presentation by Theodore Mao CS294-4: Peer-to-peer Systems
NET 536 Network Security Lecture 8: DNS Security
Presentation transcript:

TrustMe: Anonymous Management of Trust Relationships in Decentralized P2P Systems Aameek Singh and Ling Liu Presented by: Korporn Panyim

Introduction Decentralized Peer-to-Peer (P2P) resource sharing application has become more popular among the WWW communities Gnutella, Kazaa, Freenet… The nice feature of such system is the anonymity of the requester and the provider of a resource However, the open nature of P2P networks also makes the system vulnerable to malicious attempts How can we trust other peers?

Introduction-2 A community-based reputations scheme is used to estimate the trust worthiness and predict the future behavior of peers Each peer decides whether to interact with other peers based on reputation-based trust value A high trust value  good performance  good reputation  more trustworthy A low trust value  poor performance  low reputation  low trustworthy One example: eBay model

Trust-enabled P2P resource sharing networks: an overview A typical transaction will be as follow: The requester peer queries for a particular resource It will receive offers from various peers who are willing to provide that resource The requester then request for trust value of those provider peers and select the one who has the best reputation After an interaction, requester rates the provider based on its performance and vice versa Two important issues: What trust metrics are effective for computing the reputation- based trust? How to distribute, store, and access the trust values of peers securely?

TrustMe An anonymous and secure protocol for maintaining and accessing trust rating in formation Support mutual anonymity in managing peers’ trust relationship Peers who access trust rating of other peers remain anonymous Also, peers who report other peers’ trust value remain anonymous Ensure security, reliability and accountability

Anonymity : Why it is essential? From a security point of view, anonymity has been regarded as a rogue element How can we trust anonymous person? However, to force a peer to show its identity may become a huge threat If a malicious person can identify the peers who are reporting its poor trust value, it can launch targeted attacks to those peers Spam, threatening s, or DoS attacks This could demotivate peers from publicly reporting one’s poor trust value A peer may want to maintain anonymity while querying for another peer’s trust value A corporation seeking new suppliers without letting their current supplier know about it

Protocol Design Considerations Anonymity: a peer should be able to hide its identity while querying for other’s trust value or reporting one’s trust value Voters have the right to secret ballot Persistency: the trust metrics should be persistent For a peer B, all peers who have interacted with B should have their vote counted, even they are not present Protect malicious who is always present in the network from dominating a peer’s total trust value Fast decision making: Previous proposed scheme requires requester to contact all peers individually - too lengthy and tedious Protocol should be fast in decision making process - small decision time

Notations used in TrustMe THA peer: a peer which holds the trust value for a particular peer Private key : P Public key : B Encryption message M by a key K : K(M)

TrustMe: protocol steps Each peer holds a couple of public-private key pairs Bootstrap server assigns the trust value of a peer (Peer B) to other peers (THA peers) Peer B and other peers don’t know who are THA peers of B Peer A interested in querying B’s trust value can broadcast a trust query for peer B Peer B’s THAs reply with the trust value With the trust value, peer A can decide to interact with peer B or not After an interaction, peer A can file a report for peer B Contain peer A’s new trust value for peer B THAs can modify new trust rating for peer B

Keying materials used Bootstrap server: (P BS, B BS ) Any peer i : (P i, B i ) - providing/receiving service (P’ i, B’ i ) - used while serving as the THA BID i = P BS (“Valid Node” | B’ i ) Assigned by bootstrap server when joining the network to ensure validity of peer THA peer of peer i : (ID i, B i, SP i, SB i ) (SP i, SB i ) - Special-Private and Special-Public key of THA of peer i Assigned by bootstrap server To provide authentication and secure transmission for message regarded to peer i from/to THA peer

Protocol details There are four phases in the entire protocol: Query Reply Collecting Proof-of-Interaction Report

Query Phase Peer j, intending to query for the trust value of Peer i, broadcast the trust query message containing ID i Q(j, {i 1, i 2, …, i n }) = ID i1 |ID i2 |…|ID in Because of the message forwarding mechanism of P2P, privacy is provided to the querying peer

Reply Phase Peer x, THA peer of peer i, generate reply message and forward back to the network Need to ensure that querying peer can identify it to be generated by a THA peer and that it has not been modified

Reply Phase-2 The reply message looks like this: R(x, i) = ID i |B i |SB i |SP i (TV |TS |BID x |P’ x (TS)) Note that any peer can read this message. With TS, it provides caching opportunity for later use SP i ensure that message is coming from a THA peer of peer i BID x = P BS (“Valid Node”|B’ x ) P’ x (TS) prevent others from using fake BID x

Collecting Proof-of-Interaction Phase Whenever two peers (Peer i and j) interact, they exchange a proof of interaction with each other From i to j : P i (TS |B j |ID j ) From j to i : P j (TS |B i |ID i ) TS is used to prevent replay attack B j and ID j is used to ensure that this message is to peer j

Report Phase After having an interaction, peer j broadcast a report message indicating its new trust value V for peer i We need to make sure that only THA of peer i can read this message and that the report message is actually from peer j who interacted with peer i The message looks like this: ID i |SB i (“Report” |V |B j |P j (P i (TS |B j |ID j ))) P i (TS |B j |ID j ) is Proof-of-Interaction

TrustMe vs. Various Attacks Manipulating Replay messages Manipulating Proof-of-Interaction messages

Manipulating Reply Messages A malicious THA peer can send a wrong trust value in the reply message R(x, i) = ID i |B i |SB i |SP i (TV |TS |BID x |P’ x (TS)) Use majority vote from number of THA peers for a single peer Other THA peers can also identify which THA is sending a wrong trust value A malicious non-THA peer can replay a real reply message Use of timestamp TS can prevent such attack

Manipulating Proof-of-Interaction Messages Malicious peer can replay old Proof-of- Interaction message Use of timestamp TS can prevent such attack

Conclusion TrustMe provides anonymity to both trust host (THA) and trust querying peer Query message contains only ID of target peer THA peers for peer i are randomly assigned Persistency is achieved Trust value is kept at THA even voter left the network Storing and accessing trust value is done in decentralized manner Bootstrap server dose not get involve in trust mechanism Decision making is done quickly Only reply message from THA is enough Convenient to report trust value Use broadcasting

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.