Identity Theft Protection in Structured Overlays

Lakshmi Ganesh
Ben Y. Zhao

First Workshop on Secure Network Protocols (NPSec 2005)

[Full Text in GZIP PS Format, 62KB]
[Full Text in PDF Format, 73KB]

Paper Abstract

Structured peer-to-peer (P2P) overlays rely on consistent and robust key-based routing to support large-scale network applications such as multicast and global-scale storage. We identify the main attack in these networks as a form of P2P identity theft, where a malicious node in the path of a message claims it is the desired destination node. Attackers can hijack route and lookup requests to forge and destroy data to disrupt applications. We propose a solution where nodes sign proof-of-life certificates for partial node ids and distribute them to randomly chosen proof managers in the network. Source nodes can evade attackers by requesting proofs from multiple proof managers. Analysis and simulation show the approach is effective and imposes storage and communication costs that grow logarithmically with network size.