1. 1 Collusive Piracy Prevention in P2P Content Delivery Networks Source: IEEE Transactions on Computers, vol. 58, no. 7, pp. 970-983, 2009 Authors: Xiaosong Lou, and Kai Hwang Speaker: Shu-Fen Chiou ( 邱淑芬 )

2. 2 Introduction Distributed P2P network Application: File sharing Roles: Peers: Normal users. Colluders: Pay but share files illegally. Pirates: Not pay and want to get files illegally. Transaction Server: Give the copyright when users paying the money. Private Key Generator (PKG) Distribution agent (also called bootstrap server): Peers ask several peers as their agent.

3. 3 解決的問題 問題 : 在 P2P 檔案分享的環境中，會有不想付費的使用 者 (pirate) 想得到檔案。也會有已付費取得檔案的使用 者 (colluder) 非法分享檔案。 本篇論文主要要解決 pirate 的問題，要使得當 pirate 要 取得檔案時一定不會拿到完整正確的檔案，另外也盡 量偵測並避免 colluder 的問題。

4. 4 Requirements Peer endpoint address is forgery proof. Authorization tokens cannot be shared by peers. Pirates cannot poison legitimate clients. Stolen private key are useless to pirates.

5. 5 Copyright-protected P2P Networks

6. 6 Mechanisms for Copyright Protection MechanismProtocol Requirements Secure file Indexing File index format is modified to include token and IBS signature. Peer Authorization Protocol (PAP) Peer sends digital receipt to bootstrap agent and obtain an authorization token. The token must be refreshed periodically. Proactive Content Poisoning The token and IBS signature check all download request and responses. Sending clean or poisoned content, accordingly. Random Collusion Prevention Distribution agents randomly recruit decoys to probe for colluders. Collusion reports are weighted against client trust rates.

7. 7 Secure file Indexing

8. 8 Protected peer joining process {Bootstrap address, E k (digital_rceipt, Bootstrap_Agent_session_key)} E k (digital_rceipt) Algorithm 1: Token Generation

9. 9 Token Generation Customer peerBootstrap agentPKG Check receipt λ= Decrypt(Receipt) p = Observe(requestor) Token T = OwnerSign(f, p, ts) Reply = {k, p, ts, T} Request private key k {Encrypt(Reply)} Generate k Decrypt(Reply)

10. 10 Observe requester Bootstrap server ask peer ’ s router to get its real endpoint to check whether correct with digital receipt.

11. 11 Proactive Content Poisoning Algorithm 2: Peer Authorization Protocol

12. 12 Peer Authorization Protocol Input: T = token, t s = timestamp, S = peer signature, and φ(λ, p) = file index for file at endpoint p Output: Peer authorization status True: authorization granted False: authorization denied Procedures : 01: Parse (input) = {T, t s, S, φ(λ, p) } // Check all credentials from a input request 02: p = Observe(requestor); // detect peer endpoint address p 03: if {Match (S, p) fails}, //Fake endpoint address p detected return false; 04: endif 05: if {Match(T, t s, K) fails}, return false; // Invalid or expired token detected 06: endif 07: return true;

13. 13 Random Collusion Prevention i j Collusion vector C={c i } Trust vector T={t i } e.g.

14. 14 Security analysis Peer endpoint address is forgery proof IP spoofing: Pirate will not receive file. Intercept the token: Observe(). Authorization tokens cannot be shared by peers T = OwnerSign(f, p, t s ) Pirates cannot poison legitimate clients File index Stolen private key are useless to pirates Endpoint address is public key. Observe().

15. 15 Experimental results εis collusive rate chunk poisoning rate δ as the probability of a pirate to receive a poisoned chunk. 1000 pirates

16. 16 Conclusions Our protection scheme gives higher priority to satisfy honest clients. This system is fair to the majority of honest clients who enjoy P2P content delivery services.

17. 17 本篇之優缺點及可能研究方向 優點 : Pirates 在 P2P 檔案分享中是一個很重要的議 題。沒有辦法完全杜絕 pirates 的情形下，利 用檔案分享時是將檔案分割成很多小片段傳 輸，而 pirates 是無法收到一份成功的檔案。 安全和模擬分析很完整。

18. 18 本篇之優缺點及可能研究方向 缺點： 若 Bootstrap agents (Distributed agents) 也 是共謀者，那麼也有可能會讓 peers 認為此 pirate 是合法的。 Observe 這個方式是否真可實行，抱持著懷 疑的態度。

19. 19 本篇之優缺點及可能研究方向 可能研究方向： 針對 pirates 的問題進行研究，加入之前讀得 reputation 相關的論文，研究是否也能達到 可以偵測出 pirates 及 colluders 並避免 pirates 不會得到正確的檔案。