1 / 45

Byzantine Fault Tolerant Public Key Authentication in Peer-to-peer Systems

Byzantine Fault Tolerant Public Key Authentication in Peer-to-peer Systems. Vivek Pathak and Liviu Iftode Department of Computer Science Rutgers University. Outline. Introduction Public key authentication Existing models Motivation for Peer-to-peer authentication Other solutions

dane
Télécharger la présentation

Byzantine Fault Tolerant Public Key Authentication in Peer-to-peer Systems

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Byzantine Fault Tolerant Public Key Authentication in Peer-to-peer Systems Vivek Pathak and Liviu Iftode Department of Computer Science Rutgers University

  2. Outline • Introduction • Public key authentication • Existing models • Motivation for Peer-to-peer authentication • Other solutions • Byzantine fault tolerant authentication • Security model • Outline of correctness and performance • Future work Byzantine Fault Tolerant Public Key Authentication in Peer-to-peer Systems

  3. Public Key Encryption • Public-private key pair • Bootstrap shared secret encryption • Validation of digital signature Byzantine Fault Tolerant Public Key Authentication in Peer-to-peer Systems

  4. Authentication of Public Keys • Mapping identities to public keys • Trusted third parties (TTP) • Certificate authority (CA) • Web of trust • PGP Byzantine Fault Tolerant Public Key Authentication in Peer-to-peer Systems

  5. Authentication through CA • Provide public key certificate • Use secure channel for bootstrapping Byzantine Fault Tolerant Public Key Authentication in Peer-to-peer Systems

  6. Authentication through CA Byzantine Fault Tolerant Public Key Authentication in Peer-to-peer Systems

  7. Authentication through CA • Represent centralized aggregation of trust • Long lived CA keys • Single point of failure • Public key revocation • Scalability with number of certified keys Byzantine Fault Tolerant Public Key Authentication in Peer-to-peer Systems

  8. Web of Trust • Informal human authentication • PGP key rings • Levels of trust Byzantine Fault Tolerant Public Key Authentication in Peer-to-peer Systems

  9. Web of Trust • Peers take on the role of CA • Decentralized trust • No single point of failure • Key authentication depends on human connections • How to apply to autonomous systems • Sophisticated users Byzantine Fault Tolerant Public Key Authentication in Peer-to-peer Systems

  10. Outline • Introduction • Public key authentication • Existing models • Motivation for Peer-to-peer authentication • Other solutions • Byzantine fault tolerant authentication • Security model • Outline of correctness and performance • Future work Byzantine Fault Tolerant Public Key Authentication in Peer-to-peer Systems

  11. Characteristics of Peer-to-peer Systems • Heterogeneous peers • Lack of trusted third parties • Hierarchical Certificate Authorities • Large scale peer-to-peer systems • Need decentralized solution • Administrative burden on CA • Scalability of key revocation Byzantine Fault Tolerant Public Key Authentication in Peer-to-peer Systems

  12. Characteristics of Peer-to-peer Systems • Autonomous operation • Unsophisticated users • Sensors and devices • Web of trust depends on constant human feedback • Short lived public keys • Peers may be attacked and recover • Public key certificates require secure channel • Malicious peers Byzantine Fault Tolerant Public Key Authentication in Peer-to-peer Systems

  13. Other Solutions • Threshold encryption systems • Share the secret among a set of parties • Defend against a few compromised parties • Secure initialization phase • Crypto based network IDs • Choose network ID as function of public key • Depends on the routing infrastructure Byzantine Fault Tolerant Public Key Authentication in Peer-to-peer Systems

  14. Outline • Introduction • Public key authentication • Existing models • Motivation for Peer-to-peer authentication • Other solutions • Byzantine fault tolerant authentication • Security model • Outline of correctness and performance • Future work Byzantine Fault Tolerant Public Key Authentication in Peer-to-peer Systems

  15. System Model • Mutually authenticating peers • Associate network end-point to public key • Asynchronous network • No partitioning • Eventual delivery after retransmissions • Disjoint message transmission paths • Man-in-the-middle attack on Ø fraction of peers Byzantine Fault Tolerant Public Key Authentication in Peer-to-peer Systems

  16. Attack Model • Malicious peers • Honest majority • At most t of the n peers are faulty or malicious peers where t = 1-6Ø/3 n • Passive adversaries • Active adversaries • Relax network-is-the-adversary model • Unlimited spoofing • Limited power to prevent message delivery Byzantine Fault Tolerant Public Key Authentication in Peer-to-peer Systems

  17. Authentication Model • Challenge-response protocol • No active attacks • Man in the middle attack • Limited number of attacks • Proof of possession of Ka {b,a,Challenge,Ka(r)}b , {a,b,Response,r}a B A KA KA(NB) NB Byzantine Fault Tolerant Public Key Authentication in Peer-to-peer Systems

  18. D D C C B B A A E E F F Authentication Model • Distributed Authentication • Challenge response from multiple peers • Gather proofs of possession • Lack of consensus on authenticity • Malicious peers • Man-in-the-middle attack Byzantine Fault Tolerant Public Key Authentication in Peer-to-peer Systems

  19. D C B A F E Authentication Correctness • Validity of proofs of possession • {e,a,Challenge,Ka(r)}e , {a,e,Response,r}a • All messages are signed • Required for proving malicious behavior • Recent proofs stored by the peers Byzantine Fault Tolerant Public Key Authentication in Peer-to-peer Systems

  20. Byzantine Agreement Overview • Publicize lack of consensus • Authenticating peer sends proofs of possession to peers • Each peer tries to authenticate A • Sends its proof-of-possession vector to every peer • Byzantine agreement on authenticity of KA • Majority decision at every peer • Identify malicious peers • Complete authentication Byzantine Fault Tolerant Public Key Authentication in Peer-to-peer Systems

  21. Byzantine Agreement Correctness Overview • Consider proofs received at a peer P Φn on compromised path to A t malicious peers Φn on compromised path to P Set of Peers of P Byzantine Fault Tolerant Public Key Authentication in Peer-to-peer Systems

  22. Byzantine Agreement Correctness Overview • t + 2Øn may not arrive • P receives at least n-t-2Øn proofs • t + 2Øn may be faulty • P receives at least n-2t-4Øn correct agreeing proofs • P decides correctly by majority if n-2t-4Øn > t + 2Øn • Agreement is correct if t < 1-6Ø/3 n Byzantine Fault Tolerant Public Key Authentication in Peer-to-peer Systems

  23. Trust Groups • Execute Authentication on smaller Trust groups • Quadratic messaging cost • Peer interest • Trusted group • Authenticated public keys • Not (overtly) malicious • Probationary group • Un-trusted group • Known to be malicious Byzantine Fault Tolerant Public Key Authentication in Peer-to-peer Systems

  24. Growth of Trust Groups • Governed by communication patterns • Discovery of new peers • Authentication of discovered peers • Addition to trusted set • Discovery of un-trusted peers Byzantine Fault Tolerant Public Key Authentication in Peer-to-peer Systems

  25. Evolution of Trust Groups • Covertly malicious peers • May wait until honest majority is violated • Lead to incorrect authentication • Periodic pruning of trusted group • Unresponsive peers • Remove older trusted peers from trust group • Reduce messaging cost • Randomize trusted group membership • Group migration event • Probability of violating honest majority Byzantine Fault Tolerant Public Key Authentication in Peer-to-peer Systems

  26. Bootstrapping Trust Group • Authentication needs an honest trust group • Initialize a Bootstrapping trust group • Needed for cold start • Authenticate each bootstrapping peer • Size of bootstrapping trust group • Recover from trusting a malicious peer n > 3/1-6Ø Byzantine Fault Tolerant Public Key Authentication in Peer-to-peer Systems

  27. Public Key Infection • Optimistic trust • Lazy authentication • Reduced messaging cost • Cache of undelivered messages • Use peers for epidemic propagation of messages • Anti-entropy sessions eventually deliver messages • Infect peers with new undelivered messages Byzantine Fault Tolerant Public Key Authentication in Peer-to-peer Systems

  28. Public Key Infection • Use logical and vector timestamps • Determine messages to exchange for anti-entropy • Detect message delivery • Double exponential drop in number of uninfected peers with time • Number of cached messages is in O(nlogn) Byzantine Fault Tolerant Public Key Authentication in Peer-to-peer Systems

  29. Simulation • Implemented Byzantine Fault Tolerant Authentication as a C++ library • Simulation program • Make library calls and keeps counters • Study effects of • Group size • Malicious peers Byzantine Fault Tolerant Public Key Authentication in Peer-to-peer Systems

  30. Effects of Group Size • Constant Cost for trusted peers • Probationary peers process O(n2) messages • Trust graph does not affect the cost • Randomized trusted sets from Bi-directional trust Byzantine Fault Tolerant Public Key Authentication in Peer-to-peer Systems

  31. Effects of Malicious Peers • Rapid increase of messaging cost • With group size • With proportion of malicious peers • Byzantine agreement has quadratic messaging cost Byzantine Fault Tolerant Public Key Authentication in Peer-to-peer Systems

  32. Conclusion • Autonomous authentication without trusted third party • Incremental approach to security • Suited for low value peer-to-peer systems • Tolerate malicious peers • Suited for applications spanning multiple administrative domains • Scalable to large peer-to-peer systems • Eliminate total trust and single point of failure • Made feasible by using stronger network assumptions • Network adversary is not all powerful Byzantine Fault Tolerant Public Key Authentication in Peer-to-peer Systems

  33. Outline • Introduction • Public key authentication • Existing models • Motivation for Peer-to-peer authentication • Other solutions • Byzantine fault tolerant authentication • Security model • Outline of correctness and performance • Future work Byzantine Fault Tolerant Public Key Authentication in Peer-to-peer Systems

  34. Future Work • Applications • Provide key authentication capability to Open-SSH • SSH daemons can authenticate their peers • Provide a concise authentication summary to the user • Why the public key of the server is believed/not believed to be what is stated Byzantine Fault Tolerant Public Key Authentication in Peer-to-peer Systems

  35. Future Work • Applications contd. … • Spam identification through public key authentication • Existing solutions • Filtering: Machine learning to classify contents • Results in misspellings in spam messages • False positive rate independent of sender importance • Postage: Sender pays to send email • End-to-end argument • Safe sender lists • Need to authenticate sender Byzantine Fault Tolerant Public Key Authentication in Peer-to-peer Systems

  36. Future Work • Sender Authentication • Piggyback authentication protocol on email messages • Messages are signed • They can be delivered to peers indirectly • SMTP allows extension fields • Authenticate senders with existing infrastructure • Incremental deployment • Use digital signature to verify messages from authenticated senders • Allow messages from safe senders pass through • Eliminate false positives from spam filters Byzantine Fault Tolerant Public Key Authentication in Peer-to-peer Systems

  37. Future Work • Enhancements to the mechanism • Address denial of service • Keep track of work done on behalf of any peer • Peers are authenticated • Agreement on work done on behalf of peers • Use authenticated load information to prevent denial of service • Need economic model • Avoid expensive public key cryptography Byzantine Fault Tolerant Public Key Authentication in Peer-to-peer Systems

  38. Future Work • Enhancements to the model • Authenticate public keys in Ad-hoc network • Lack the network IDs assumed • Apply to vehicular computing • Does the public key belong to the car on GWB? • Working on Geographical Authentication • Study hybrid trust models • Hierarchical, peer-to-peer, web of trust Byzantine Fault Tolerant Public Key Authentication in Peer-to-peer Systems

  39. Q&A Byzantine Fault Tolerant Public Key Authentication in Peer-to-peer Systems

  40. Authentication Protocol Byzantine Fault Tolerant Public Key Authentication in Peer-to-peer Systems

  41. Objective • Security is an increasing concern • Privacy • Authenticity • Fault tolerance • Secure communication across the internet • Distributed computation with semi-trusted principals : Smart messages • Cost effective security Byzantine Fault Tolerant Public Key Authentication in Peer-to-peer Systems

  42. Privacy • Encryption • Computational cost • Energy requirements • Our approach: nearly complete privacy • Weakened keys, shortened key lifetime • Tradeoff key lifetime for computational cost at constant security • Cost effective encryption on commodity hardware Byzantine Fault Tolerant Public Key Authentication in Peer-to-peer Systems

  43. Trust • Trusted third party model • Used in most security implementations • Single-point of security failure • Our model : distributed trust • Authentication of public key is done by a vote of peers • Addition of new participants • Assumption: majority can not be corrupted Byzantine Fault Tolerant Public Key Authentication in Peer-to-peer Systems

  44. Performance • Lazy authentication protocol for updating the public keys to peers • Uses distributed trust to authenticate the new keys • Allows admission of new peers • Dynamical encryption in Linux kernel • Interrupt free processing • Choose key lifetime based on system limitations Byzantine Fault Tolerant Public Key Authentication in Peer-to-peer Systems

  45. Status and Plan • Implemented encryption server on Linux • Preliminary point to point performance evaluation • Investigating security of distributed trust with dynamic membership • Paper in preparation • Targeting active networks and mobile agents Byzantine Fault Tolerant Public Key Authentication in Peer-to-peer Systems

More Related