Presentation is loading. Please wait.

Presentation is loading. Please wait.

Michael Sirivianos Xiaowei Yang Stanislaw Jarecki Presented by Vidya Nalan Chakravarthy.

Published byWilliam Shaw Modified over 8 years ago

Similar presentations

Presentation on theme: "Michael Sirivianos Xiaowei Yang Stanislaw Jarecki Presented by Vidya Nalan Chakravarthy."— Presentation transcript:

1 Michael Sirivianos Xiaowei Yang Stanislaw Jarecki Presented by Vidya Nalan Chakravarthy

2 Contents Introduction Design Overview Robust incentives Credit management Unauthorized content distribution Preliminary evaluation Implementation Experimental results Conclusions

3 Motivation Cost efficient solution to handle demand peaks Robust incentives for client co-operation Discourage unauthorized content exchange

4 Online Content Distribution Issue Cost effective solution to handle peak usage Over-provisioning Solutions Content Distribution networks Free CDNs Dandelion

5 Online Content Distribution – Solutions Content distribution networks Example: Akamai Services are costly Free CDNs Examples: Coral, CoDeen and Cob-Web Lack viable model to scale

6 Online Content Distribution – Solutions Dandelion Cost effective solution to handle flash crowds Utilizes clients’ bandwidth Redirects requests to other clients with the content

7 Online Content Distribution – Solutions Flash crowd scenario Dandelion Server Server Peer-serving mode

8 BitTorrent Vs Dandelion `BitTorrent uses rate based tit for tat Susceptible to manipulation No motivation to upload after completion of download No incentives for uploading in BitTorrent

9 Design Overview Robust Incentives Credit Management Discouraging unauthorized content distribution

10

11 Dandelion server Distributes small and large static files Responds to client requests with content Enters peer-serving mode when overloaded Redirects requests to other clients with the content Maintains virtual economy Robust incentives Credits used for future downloads

12 Data Distribution (I) Server splits data into chunks Chunks are disseminated independently Allows clients to upload on receipt of a chunk Increases efficiency of distribution pipeline Incentivizes clients to upload chunks to earn credits for downloading other missing chunks Chunk1Chunk 2Chunk3

13 Data Distribution (II) Dandelion Server Chunk 1 Chunk 2 Chunk 1 Chunk 2 Chunk 3

14

15 Key challenges Prevent client cheating Client does not upload any data Client uploads garbage and claims credit Maintain low processing and bandwidth costs

16 Solution Cryptographic fair exchange mechanism Dandelion server mediates exchanges Non – repudiable complaint mechanism

17 Peer serving protocol Clients have password protected accounts with server establish a secure channel to obtain shared session keys Message exchange during a flash crowd event is as shown:

18 Peer serving protocol Step 1: 1

19 Peer serving protocol Step2: 1 2

20 Peer serving protocol Step 3: 1 2 3

21 Peer serving protocol Step 4: 1 2 3 4

22 Peer serving protocol Step 5: 1 2 3,5 4

23 Peer serving protocol Step 6: 1 2 3,5 4,6

24 Peer serving protocol Step 7: 1,7 2 3,5 4,6

25 Peer serving protocol Step 8: 1,7 2,8 3,5 4,6

26 Peer serving protocol A’s commitment does not verify due to Transmission error or A misbehaving or B misbehaving Server warns B and does not return encryption key k It does not update A’s or B’s credit B re-requests the chunk from A or another client

27 Peer serving protocol If B receives repeated invalid commitments from A, it should disconnect from A and blacklist it If server receives repeated decryption requests from B with invalid commitments from A, B is blacklisted

28 Peer serving protocol

29 Complaint Mechanism If decrypted file is invalid, B complains to the server Complaint message contains A’s commitment Digest of the encrypted chunk Encryption of key k A cannot repudiate it

30 Complaint Mechanism If commitment verifies Server checks if commitment is computed over a valid chunk If it does not verify, A is misbehaving If commitment does not verify B is misbehaving

31

32 Credit Management Clients spend Δ c > 0 Clients earn Δ r > 0 To prevent colluders from increasing sum of their credit, Δ c = Δ r

33 Credit Management Users with paid accounts User purchases initial credit Content provider redeems credit for monetary rewards Motivates client to upload to earn credit Accounts without monetary transactions New clients are given a portion of credit Accumulates credits for uploading

34 Multiple registration Boosting credit by registering multiple times Not an issue with paid accounts User purchases initial credit Issue in free content distribution Sybil attacks similar to Farsite and Pastiche Requires a registration process

35

36 Unauthorized content distribution Uploading to unauthorized users No strong incentives Server can refrain giving credit to unauthorized users Verify legitimacy of requests Avoid wasting bandwidth on unauthorized users Clients are held responsible for uploading to unauthorized users

37 Preliminary Evaluation Prototype Implementation Experimental Results

38 Prototype Implementation Cryptographic operations Openssl C library Credit management system Database engine of Sqlite library Architecture - combination of Asymmetric Multi Process Event Driven Architecture Staged Event Driven Architecture

39 Database Operations Main thread reads request from network sends requests to disk access or database access helper threads Helper thread finishes and sends requests to another thread pool Use zero-copy sendfile() for chunk transmission

40 Network Operations use TCP are asynchronous are executed by thread processing the last stage of the request

41 Design features: Exploits parallelism Good performance with both small and large files number of concurrent connections/pending requests are kept separate from number of threads that can be handled by the OS

42 Experimental results Server tasks in a flash crowd event 1. Process key decryption requests One HMAC operation and block cipher decryption One query and two updates on credit database Transmits decryption key 2. Send short responses Types of client requests Request for decryption keys Requests for file chunks directly from server

43 Server Operations Cryptographic operations are highly efficient Symmetric encryption is cheap Bottleneck – download link

44 Client Operations Client’s processing overhead does not affect its upload or download throughput

45 Peer serving mode

46 Results Smaller chunk size reduces performance gain more load on the server due to decryption key requests Cost of complaining is higher Involves reading chunk, encrypting, hashing Cost is not incurred repeatedly Misbehavers are blacklisted

47 Conclusions Contributions: Robust incentives Discouraging unauthorized peers Can be used for copyright-protected digital goods Drawbacks of Dandelion Less efficient than BitTorrent tracker Less scalable than BitTorrent Distribute dandelion server and credit banks over multiple trusted nodes to improve scalability

48

Download ppt "Michael Sirivianos Xiaowei Yang Stanislaw Jarecki Presented by Vidya Nalan Chakravarthy."

Similar presentations

Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.

Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.
Security by Design A Prequel for COMPSCI 702. Perspective “Any fool can know. The point is to understand.” - Albert Einstein “Sometimes it's not enough.

Security by Design A Prequel for COMPSCI 702. Perspective “Any fool can know. The point is to understand.” - Albert Einstein “Sometimes it's not enough.
Incentives Build Robustness in BitTorrent Bram Cohen.

Incentives Build Robustness in BitTorrent Bram Cohen.
Clayton Sullivan PEER-TO-PEER NETWORKS. INTRODUCTION What is a Peer-To-Peer Network A Peer Application Overlay Network Network Architecture and System.

Clayton Sullivan PEER-TO-PEER NETWORKS. INTRODUCTION What is a Peer-To-Peer Network A Peer Application Overlay Network Network Architecture and System.
Cryptography and Network Security

Cryptography and Network Security
SSL CS772 Fall 2011. Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.

SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.
Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, 2010. ICWCSC 2010. International.

Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.
1 Communication Networks Kolja Eger, Prof. Dr. U. Killat 1 From Packet-level to Flow-level Simulations of P2P Networks Kolja Eger, Ulrich Killat Hamburg.

1 Communication Networks Kolja Eger, Prof. Dr. U. Killat 1 From Packet-level to Flow-level Simulations of P2P Networks Kolja Eger, Ulrich Killat Hamburg.
CompSci 356: Computer Network Architectures Lecture 21: Content Distribution Chapter 9.4 Xiaowei Yang

CompSci 356: Computer Network Architectures Lecture 21: Content Distribution Chapter 9.4 Xiaowei Yang
Towards Efficient Simulation of Large Scale P2P Networks

Towards Efficient Simulation of Large Scale P2P Networks
Real-Time Authentication Using Digital Signature Schema Marissa Hollingsworth BOISECRYPT ‘09.

Real-Time Authentication Using Digital Signature Schema Marissa Hollingsworth BOISECRYPT ‘09.
CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.

CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.
Cryptography and Network Security Chapter 17

Cryptography and Network Security Chapter 17
SEDA: An Architecture for Well-Conditioned, Scalable Internet Services Matt Welsh, David Culler, and Eric Brewer Computer Science Division University of.

SEDA: An Architecture for Well-Conditioned, Scalable Internet Services Matt Welsh, David Culler, and Eric Brewer Computer Science Division University of.
Network Coding for Large Scale Content Distribution Christos Gkantsidis Georgia Institute of Technology Pablo Rodriguez Microsoft Research IEEE INFOCOM.

Network Coding for Large Scale Content Distribution Christos Gkantsidis Georgia Institute of Technology Pablo Rodriguez Microsoft Research IEEE INFOCOM.
Vault: A Secure Binding Service Guor-Huar Lu, Changho Choi, Zhi-Li Zhang University of Minnesota.

Vault: A Secure Binding Service Guor-Huar Lu, Changho Choi, Zhi-Li Zhang University of Minnesota.
Cryptography Basic (cont)

Cryptography Basic (cont)
FRIENDS: File Retrieval In a dEcentralized Network Distribution System Steven Huang, Kevin Li Computer Science and Engineering University of California,

FRIENDS: File Retrieval In a dEcentralized Network Distribution System Steven Huang, Kevin Li Computer Science and Engineering University of California,
Edward Tsai – CS 239 – Spring 2003 Strong Security for Active Networks CS 239 – Network Security Edward Tsai Tuesday, May 13, 2003.

Edward Tsai – CS 239 – Spring 2003 Strong Security for Active Networks CS 239 – Network Security Edward Tsai Tuesday, May 13, 2003.
SSH : The Secure Shell By Rachana Maheswari CS265 Spring 2003.

SSH : The Secure Shell By Rachana Maheswari CS265 Spring 2003.

Similar presentations

Ads by Google