Trustme anonymous management of trust relationships in decentralized p2p system
This presentation is the property of its rightful owner.
Sponsored Links
1 / 20

TrustMe: Anonymous Management of Trust Relationships in Decentralized P2P System PowerPoint PPT Presentation


  • 86 Views
  • Uploaded on
  • Presentation posted in: General

TrustMe: Anonymous Management of Trust Relationships in Decentralized P2P System. Aameek Singh, Ling Liu College of Computing, Georgia Tech International Conference on Peer-to-Peer Computing ( P2P’03 ) Presenter: Jianming Zhou. Introduction.

Download Presentation

TrustMe: Anonymous Management of Trust Relationships in Decentralized P2P System

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Trustme anonymous management of trust relationships in decentralized p2p system

TrustMe: Anonymous Management of Trust Relationships in Decentralized P2P System

Aameek Singh, Ling Liu

College of Computing, Georgia Tech

International Conference on Peer-to-Peer Computing (P2P’03)

Presenter: Jianming Zhou


Introduction

Introduction

  • Open and anonymous nature of P2P invites malicious behavior

    • Sharing harmful content, viruses, etc.

  • Need decentralized mechanism to tack

    • Trust Management

      • Trust based reputation metrics

        • Measure the trustworthiness of a peer

          • Transaction-based v.s. user-based rating

        • Dynamically assign a trust value based on peer reviews

  • Issues

    • Trust Model : What reputation metrics to use

    • Access Protocol : How to access and secure their use


Secure access protocol

Secure Access Protocol

  • Questions:

    • Where should the trust value of a peer be stored?

    • How to securely access other peers’ trust value?

  • Desired Feature

    • Security: protect trust hosting peer from attacks

    • Reliability: Queries get true value

    • Accountability: able to identify malicious peer


Problems of existing protocols

Problems of existing protocols

  • Poll-based (Cornelli, et al[4])

    • Every peer before interacting with another peer broadcasts a trust query for that peer

    • All peers that have interacted with that peer send their votes which are combined locally

    • Public Key Cryptography used to secure

  • Problems:

    • No persistence: incomplete review counting due to peer offline; vulnerable to malicious group cooperation

    • No anonymity: identify disclosure in query message; peers giving poor trust value subject to revenge/threat such as DoS attacks.

    • Tedious decision-making: Peer needs to contact all voters to confirm.


Problem of existing protocols

Problem of existing protocols

  • DHT-based (Eigenrep[8])

    • Mother peers (Hash from peer ID) hold trust value

    • Peer hash ID and query trust value from mother peers

    • Peer decides trust value by majority rule

  • Shortcomings:

    • Insecure communication: vulnerable to MIB.

    • DHT threats: routing tampering, malicious lookup..

    • No anonymity: mother peers disclosure

    • Group threats: malicious group hold value for each other


Trustme protocal

TrustMe Protocal

  • Terms:

    • THA peer: peer hold trust value for a particular peer

    • Pi: peer i’s private key

    • Bi: peer i’s public key

    • SPi: peer i’s special private key

    • SBi: peer i’s special public key

    • TV: trust value

    • TS: time stamp

    • |: concatenate

    • BS: bootstrap server

    • ID: peer identifier

    • BID: special peer identifier assigned by BS

    • K(M): Encryption of message M by key K

    • Offering peer: peer offering resource

    • Querying peer: peer querying for trust value


Trustme infrastructure

TrustMe: infrastructure

  • Bootstrap Server (BS)

    • Entry point for peers to enter the network

    • Acts as a kind of certification authority

    • Possess a private-public key pair <PBS, BBS>

    • BBS is publicly available to all peers

  • Each Peer

    • Possess two pair of private-public keys <Pi, Bi> and <P’i, B’i>

    • BS assigned ID : BIDi=PBS(“Valid Node”|B’i)

  • BS maintains a list of active peers


Trustme protocal1

TrustMe: Protocal

  • General idea

    • Peer A broadcasts to query trust value of Peer B

    • THA peers for B reply with trust value

    • Peer A decides to interact with B based on trust value

    • Peer A reports new trust value of Peer B

    • THA peers for B update

  • Leverage smart public-key cryptography

  • Stages:

    • Peer Join, Trust Query, Trust Reply, Peer Interaction, Trust Report, Peer leave


Trustme anonymous management of trust relationships in decentralized p2p system

Bootstrap server:

<PBS,BBS>

Generate: <SPi,SBi>

BIDi = PBS(“Valid node”|Bi’ )

Peer i:

<Pi,Bi>

<Pi’,Bi’>

2

Bi, Bi’

3

Assign THA Peer

<IDi, Bi, SPi, SBi>

1

Join

Peer j:

<Pj,Bj>

<Pj’,Bj’>

6

Collecting Proof-of-interaction

Px(TS|Bi|IDi)

5

Pi(TS|Bx|IDx)

Reply with Peer I’s trust value:

IDi|Bi|SBi|SPi(TV|TS|BIDj|P’j(TS))

Trust Query of peer I : IDi

4

Report Peer X’s trust value for peer I:

IDi|SBi(“Report”|V| Bx |Px (Pi(TS|Bx|IDx)))

7

Peer x:

<Px,Bx>

<Px’,Bx’>


Trustme query reply

TrustMe: Query/Reply

  • Query: pj query trust value of pi1,pi2,pi3…,pn

    • Q(j,{i1,i2,i3,…,in}) = IDi1|IDi2|IDi3|…|IDin

    • Broadcast query message + P2P forwarding mechanism guarantee privacy

  • Reply: THA px holding trust value of pi

    • R(x,i)=IDi|Bi|SBi|SPi(TV|TS|BIDx|P’x(TS))

      • IDi: trust value for Pi

      • Bi: for future communication with pi

      • SBi: decrypt SPi(M)

      • SPi: Guarantee reply from THA peer

      • BIDx: ensure valid replying is from px(Given B’x), + malicious THA peers can be blacklisted by their BID

      • TS/ P’x(TS): prevent reply attack


Trustme anti attack 1

TrustMe: Anti-attack 1

  • Manipulating Reply Message:

    R(x,i)=IDi|Bi|SBi|SPi(TV|TS|BIDx|P’x(TS))

    • Malicious THA Peer

      • Send wrong value (solution:▼)

        • multiple THA Peers + Majority rule

        • Punishment (BIDx blacklist)+ random THA peer assignment to reduce possibility of malicious cooperation

      • Send wrong value using other BID (▼)

        • Use P’x(TS)

    • Malicious non-THA Peer

      • Replay a genuine message (▼)

        • TS: old messages are discarded

      • Fake <SPi, SBi> keys (▼)

        • Multiple THA Peers=> Content Conflict=>Identify


Trustme interact anti attack 2

TrustMe: Interact/Anti Attack 2

  • Collecting Proof-of-Interaction (pi pj)

    • Exchage Pi(TS|Bj|IDj) of each other.

      • Prevents replay (TS)

      • Cannot be generated in a fake manner

      • Bjand IDjare used for protection against using a message from Peer i’s interaction with some other peer

  • Manipulating Proof-of-Interaction Messages:

    • Replay message (▼)

      • TS : Timestamp

    • Fake (Pj, Bj) (▼)

      • Impossible for offering peer because THA Peer send Bj to Pi in reply message.

      • To prevent query peer fake: offering peer requests its public key from its THA peer


Trustme report anti attack 3

TrustMe: Report/Anti-attack 3

  • Report: update trust value to THA Peers

    • Pj files a report for Pi

      IDi|SBi(“Report”|V|Bj|Pj(Pi(TS|Bj|IDj)))

    • Only THA Peer can read (SPi)

    • THA Peer need Pj’s ID which can be obtained by decrypting with Bj and Bi

    • Bj and Pj to prevent unlikely scenario that malicious peers get Pi(TS|Bj|IDj)


Trustme peer join leave

TrustMe: Peer Join/Leave

  • Peer Join

    • Peer posses two pair of Keys ( <Pi, Bi>,<P’i, B’i> )

      • Why use two pairs <Pi,Bi> and <P’i,B’i>

        • <P’i,B’i> used only while acting as a THA peer

        • Prevents mapping of public key to identifier after prolonged monitoring of the network Bootstrap server needs to assign a THA peer (Peer x)

    • Create a new private-public key pair <SPi, SBi>

      • Only the THA peer will have the knowledge of SPi

      • Used for secure transmission of trust values for the reply and the report phase

    • Securely transmits <IDi,Bi,SPi,SBi> to Peer x

      • Broadcast a message: BIDx|PBS(BIDx|B’x(IDi|Bi|SPi|SBi))

      • Only BS can generate and only Peer x can read


Trustme peer leave

TrustMe: Peer Leave

  • Peer Leave

    • Create a new THA peer for peers it was responsible for

    • Its trust information is dumped after it is not accessed for some time

    • Not discuss how to handle unexpected leaving!


Trustme benefits

TrustMe: Benefits

  • Persistence:

    • All reviews are counted and stored distributed

  • No Central Trusted Authority

    • BS is just a form of certification authority

    • All trust mechanism within the network

  • Small decision time

    • Only one reply message needed for decision

  • Ease of contribution

    • Easy to contribute its trust value for another peer

    • Just sending one reply message


Analysis experiments

Analysis: Experiments

  • Effect of persistence

    • Non-persistent systems can report highly misleading values

    • Having as little as 10 malicious peers acting together can rate the peer being untrustworthy, even when it is not


Analysis

Analysis:

  • Cost:

    • TrustMe costs more because of more broadcasts

    • Cost varies little with increase in number of THA peers


Analysis1

Analysis:

  • Response Time

    • Caching improves response times

    • Increase in number of THA peers also improves response time


Conclusion

Conclusion

  • Anonymous trust management possible

  • TrustMe provides secure and reliable access to trust values in a decentralized P2P system

  • Compatible with existing Gnutella style systems


  • Login