1 / 26

Multiple Selective Mutual Authentication Protocol for Peer-to-Peer System

Multiple Selective Mutual Authentication Protocol for Peer-to-Peer System. School of Engineering 2001099 Hyunrok Lee. Contents. 1. Introduction 2. The Problem 3. Preliminaries 4. Proposed Scheme 5. Comparison 6. Conclusion 7. Reference. 1. Introduction.

yamin
Télécharger la présentation

Multiple Selective Mutual Authentication Protocol for Peer-to-Peer System

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Multiple Selective Mutual Authentication Protocol for Peer-to-Peer System School of Engineering 2001099 Hyunrok Lee

  2. Contents 1. Introduction 2. The Problem 3. Preliminaries 4. Proposed Scheme 5. Comparison 6. Conclusion 7. Reference

  3. 1. Introduction • The Internet three valuable fundamental assets • A huge amount of information • Increasing bandwidth • Growing power of computing resources • Limitation of client-server model • P2P model • Peer-to-peer computing • Peer • A principal that simultaneously can have both client and server processes. • Sharing of computing resources and services by direct exchange or share between arbitrary network peers[2] • Pure P2P • Hybrid P2P

  4. 1. Introduction (cont.) • Trust model • Trust modeling • Web of Trust model • Hierarchical Trust (PKI) model • Trust quantifying • Trust computation

  5. 2. The Problem • Different security problem between client-server model and peer-to-peer model • Most of P2P systems provide no provisions for mutual authentication or private information.[6][7][8][9] • Weak authentication mechanism • PGP-based Freenet[12] does not have legal force. • P2P model may have temporary association • P2P model should provide anonymity • Except the case of serious commercial transaction. • No authentication protocol based on view of trust model • Trust between peers begins to mirror those real-world relationships. • SMAP[1] did not consider trust model.

  6. 3. Preliminaries • Key feature of peer-to-peer model[4] • Discovering other peers • Querying peers for resources • Sharing resource with other peers • Pure peer-to-peer model

  7. 3. Preliminaries (cont.) • Hybrid peer-to-peer • A simple discovery server • Discovery and lookup server • Discovery, lookup, and content server

  8. 3. Preliminaries (cont.) • Well-known insecure peer-to-peer file sharing • Napster[10] • Central discovery and lookup server • Weak authentication • Gnutella[11] • Pure p2p • Provide only anonymity. • Freenet • Pure p2p • PGP based authentication • No legal force • Retrieving user’s public key every operation • Require specific server – Key Distribution Center

  9. 3. Preliminaries (cont.) • Selective authentication scheme[1] • Two main technique • Mutual authentication based on X.509 certificate • Key establishment protocol based on public-key encryption • Support Anonymity • Support Strong Authentication • Selective mechanism • Two Procedure • Exclusion Protocol • Authentication scheme is excluded. • Communicate with each other (without session key) • Inclusion Protocol • Mutually strong authentication is included. • Communicate with each other (with time-invariant session key)

  10. 3. Preliminaries (cont.) • Protocol. Selective mutual authentication protocol (SMAP) • SUMMARY: A sends B one message, and B responds with one message that include extra selective field. And then key establishment is performed. • RESULT: (according to user choice) (1) Mutual peer authentication and time-variant session key transport with key authentication (2) Peer authentication exclusion 1. Notation. • PX(y) denotes the result of applying X’s encryption public key to data y. • SX(y) denotes the result of applying X’s signature private key to y. • rA, rB are never re-used numbers (to detect replay and impersonation). • certXis a certificate binding peer X to a public key suitable for both encryption and signature verification. • selE is a selective field that notifies peer authentication exclusion. • selS is a selective field that notifies mutual peer authentication inclusion. • nulldenotes the confirmation about communication.(without authentication) • reqcert denotes more information, such as X.509 certificate, is required.

  11. 3. Preliminaries (cont.) 2. System setup. • (a) Peer chooses a value of selective field. • (b) Each peer has its public key pair for signatures and encryption. • (c) A must acquire (and authenticate) the encryption public key of B. (This may require additional messages and computation.) 3. Protocol messages. (An asterisk denotes items are optional.) • First of all initiator must choose given two operations selE, selS. • Exclusion protocol: A  B: selE (1-E) A  B: null (2-E) • Inclusion protocol: • Let DA = (tA, rA, B, data1*, PB(k1)*), DB = (tB, rB, A, rA, data2*, PA(k2)*). A  B: selS (1-S) A  B: reqcert (2-S) AB: certA, DA, SA(DA) (3) AB: certB, DB, SB(DB) (4)

  12. Alice David Charlie Bob 3. Preliminaries (cont.) • Trust Model in PGP [3] • Web of trust • No Legal force • Trust Values • Complete trust • Fully trusted to certify others public keys • Marginal trust • Marginally trusted to certify others public keys • Not trusted ?

  13. CA4 CA5 CA6 CA1 CA2 CA3 RootCA User D User C User A User B 3. Preliminaries (cont.) • Trust Model in PKI [5] • Hierarchical Trust Model • Strict rule • Cross Certificate for performance • Hard to reflect trust relationship of real world • Legal Force

  14. 3. Preliminaries (cont.) • Trust Model in distributed computing [13] • Propose a model for trust based on distributed recommendations. • Consider reputation of each entity based on multi-domain • Support dynamic revocation / refresh • Propose Trust quantifying / calculation method • Trust is divided into • Direct • Indirect ( Recommendation ) • Multiple trust value • Recommendation protocol ONLY

  15. 3. Preliminaries (cont.) • Direct Trust Value semantics • Recommender Trust Value Semantics

  16. 3. Preliminaries (cont.) • Recommendation Protocol RRQ ::= Requestor_ID, Rquest_ID, Target_ID, Categories, RequestorPKC, GetPKC, Expiry Categories ::= SET OF {Category Name} Recommendation ::= Requestor_ID, Request_ID, Rec_Path, [SEQUENCE OF {Recommendation_Set, TargetPKC} | NULL] Rec_Path ::= SEQUENCE OF {Recommender_ID} Recommendation_Set ::= SET OF Recommendation_Slip Recommendation_Slip ::= SET OF SEQUENCE {Target_ID, Category_Name, Trust_Value, Expiry}

  17. 3. Preliminaries (cont.) • Recommendation Protocol Example • Alice  Bob  Cathy  Eric •  Recommender trust relationship •  Direct trust relationship Request recommendation 1. Alice  Bob : Alice, rrqA01, Eric, [Car_Service], T, 20011231 2. Bob  Cathy : Bob, rrqB01, Eric, [Car_Service], T, 20011231 3. Cathy  Bob : Bob, rrqB01, [Cathy], [ (Eric, Car_Service, 3, 20011231) ] 4. Bob  Alice : Alice, rrqA01, [Cathy, Bob], [ (Eric, Car_Service, 3, 20011231) ] , PKERIC If change trustworthy, 5. Cathy  Bob : [Cathy], [ (Eric, Car_Service, 1, 20011231) ] 6. Bob  Alice : [Cathy, Bob], [ (Eric, Car_Service, 1, 20011231) ]

  18. 3. Preliminaries (cont.) • Trust Quantifying & Computation Computing Trust tvp(T) = tv(R1)/4 X tv(R2)/4 X … X tv(Rn)/4 X rtv(T) Where tv(Ri) : recommenders trust value rtv(T) : The recommended trust value of target T given in the recommendation tvp(T) : The trust value of target T derived from recommendation received through return path p. tv(T) = Average (tv1(T), … , tvp(T)) Ex) tv1(Eric) = tv(Bob)/4 X tv(Cathy)/4 X rtv(Eric) = 2/4 X 3/4 X 3 = 1.125 tv2(Eric) = 2.500 tv(Eric) = Average( tv1(Eric), tv2(Eric)) = Average( 1.125, 2.500 ) = 2.375

  19. ServiceProvider RootCA ServiceProvider ServiceProvider CA2 CA1 Sysop Sysop Sysop Peer Peer Peer Peer Peer Peer Peer Peer Peer Peer Peer Peer Peer Peer Peer Peer Peer 4. Proposed Scheme • Trust model Hierarchical Model … … … … Web of Trust Community 1 Community 2 … … … …

  20. 4. Proposed Scheme (cont.) • Multiple Selective Mutual Authentication Protocol(MSMAP) • Overview • Based on SMAP[1] • Hybrid Trust • Multiple Selective Mutual Authentication under view of hybrid trust • Use the result of trust value computation • Assume that Standard P2P Protocol is established • All peer CAN communicate with each other Result of trust value computation tv(peer) < 0 refuse all process 0 ≤ tv(peer) < 1.5  request formal certificate from CA 1.5 ≤ tv(peer) < 3  request informal certificate from Service Provider 3 ≤ tv(peer) ≤ 4  request self-signed certificate (Public Key)

  21. 4. Proposed Scheme (cont.) Multiple Selective mutual authentication protocol (MSMAP) • SUMMARY: A sends B one message, and B responds with one message that include extra selective field. After B request recommendation to peers and then key establishment is performed. • RESULT: (according to user choice) (1) Mutual peer authentication and time-variant session key transport with key authentication using different source of certificate based on trustworthy. (2) Peer authentication exclusion 1. System setup. • (a) Peer chooses a value of selective field. • (b) Peer request and response recommendation to other peers • (c) Each peer has its public key pair for signatures and encryption. • (d) A must acquire (and authenticate) the encryption public key of B. (This may require additional messages and computation.)

  22. 4. Proposed Scheme (cont.) 2 . Notation. • PX(y) denotes the result of applying X’s encryption public key to data y. • SX(y) denotes the result of applying X’s signature private key to y. • rA, rB are never re-used numbers (to detect replay and impersonation). • certXis a certificate binding peer X to a public key suitable for both encryption and signature verification. • selE is a selective field that notifies peer authentication exclusion. • selS is a selective field that notifies mutual peer authentication inclusion. • nulldenotes the confirmation about communication.(without authentication) • reqFcert denotes more information, such as X.509 certificate from legal CA, is required. • reqIcertdenotes more information, such as informal certificate from service provider, is required. • reqScertdenotes more information, such as self-signed certificate, is required. • peers are arbitrary peers between community members • refuse denote that stop all mutual authentication process. So it means refuse communication with that peer

  23. 4. Proposed Scheme (cont.) 3. Protocol messages. (An asterisk denotes items are optional.) • First of all initiator must choose given two operations selE, selS. • Exclusion protocol: AB: selE(1-E) AB: null(2-E) • Inclusion protocol: • Let DA = (tA, rA, B, data1*, PB(k1)*), DB = (tB, rB, A, rA, data2*, PA(k2)*). AB : selS(1-S) peers B : Request trust recommendation (2-S) peers B : Recommendation result (3-S) computing trust A B : refuse when tv(peer) < 0(4-S) reqFcert when 0≤ tv(peer) < 1.5 reqIcert when 1.5 ≤ tv(peer) < 3 reqScert when 3 ≤ tv(peer) ≤ 4 AB : certA, DA, SA(DA) (5) AB : certB, DB, SB(DB) (6)

  24. 5. Comparison

  25. 6. Conclusion • P2P computing rapidly span. • Lack of security of P2P • Proposed Multiple Selective Mutual Authentication Protocol (MSMAP) support • Strong authentication • Legal force • Real trust relationships • Anonymity • Cost effective • Future Work • Formalized trust quantifying and calculation are needed • Span the proposed scheme generally.

  26. 7. References • [1] Hyun-rok Lee “Selective mutual authentication scheme for peer-to-peer system.” 2001 Spring semester Modern cryptology term paper in ICU • [2] P2P Working Group Homepage “http://www.peer-to-peerwg.org/whatis/index.html” • [3] P.Zimmermann, “Why do you need PGP ?” “http://www.pgpi.org/doc/whypgp/en” • [4] Lance Olson .NET P2P: Writing Peer-to-Peer Networked Apps with the Microsoft .NET Framework, MSDN magazine 2001.2. • [5] R.Perlman, “An Overview of PKI Trust Models,” IEEE Network Magazine, 1999 • [6] Soribada Homepage “http://www.soribada.com” • [7] Open4u Homepage “http://www.open4u.co.kr” • [8] CuteMX Homepage “http://www.cutemx.com” • [9] Aimster Homepage “http://www.aimster.com” • [10] Napster Homepage “http://www.napster.com” • [11] Gnutella Homepage “http://gnutella.wego.com” • [12] Freenet Homepage “http://freenet.sourceforge.net” • [13] Alfarez Abdul-Rahman and Stephen Hailes, “A Distributed Trust Model” Proceedings of the workshop on New security paradigms workshop, 1997, Pages 48 – 60 • [14] Alfred J. Manezes, Paul C.van Oorschot, Scott A. Vanstone, Handbook of Applied Cryptography, CRC press • [15] W. Stallings, Cryptography and Network Security, Prentice Hall, 1999

More Related