Secure Peer Joining Process in Structured P2P System

Wei Song1,2, Yuelong Zhao1 1 School of Computer Science and Engineering,South China University of Technology

2 Faculty of Computer, Guangdong University of Technology ,Guangzhou, China color_unsw@126.com, ylzhao1@ scut.edu.cn

Abstract

Secure joining process has become the most challenging problem in P2P system. This paper presents a joining process with security in P-Grid system including authentication of entry peer and new peer. The core idea to ensure security authentication is to use multiple consultant peers and a quorum-based method to make a decision. From preliminary analysis of the process, high successful probability of authentication will be obtained with honest peers in majority. Also Byzantine fault will be tolerated if a quorum is set well. 1. Introduction

Structured P2P systems use distributed hash tables (DHT), for example Chord [1], Pastry [2], P-Grid, to establish a certain association among peers and resources. A key identity space and routing tables are used to make the association possible. Rules for updating routing tables as nodes join and fail must be established and should not be altered. If routing table is destroyed or revised unexpectedly, the whole lookup services will be affected or even ruined. It would likely to be disrupted in peer joining process. If the entry point is malicious or been attacked, new peer will get wrong routing information and build a wrong routing table of its own which will mislead the other new peers in the future. In [3], security considerations for DHT have been discussed. Attacks are categorized into two kinds, attacks against the routing and attacks against the data storage system. This paper focuses on secure joining process in P-Grid system. 2. P-Grid overview

P-Grid is a next generation peer-to-peer platform for distributed information management. References [4, 5, 6, 7, 8] about P-Grid present the construction and routing algorithms on virtual binary search tree.

Figure 1.Example P-Grid [7]

In P-Grid, peers construct the binary tree by pair-wise random interactions dividing gradually the key space in partitions defined by binary string the so-called peers’ paths (denoted by path (peer)). Every peer takes over responsibility for one partition. Each peer records two kinds of information as showed in Figure 1. One is data references table that each peer (denoted by a) maintains a set of references to the other peers that store data items indexed by keywords k for which path (a) is a prefix. The other is a routing table. Each item refers to the address of at least one other peer that is responsible for the other side of the binary tree at that level. A set of peers will responsible for a same partition, that is, they have same path. Those peers are called replica peers of one path.

3. Secure Peer Joining Process 3.1 Joining Methods and Joining Process

Entry point server and out-of-band method are two peer joining ways. In this paper, we use the idea in P-Grid that peers meet randomly, no matter why they meet [4]. The random encounters can be initiated by performing random walks on a pre-existing

International Conference on Intelligent Information Hiding and Multimedia Signal Processing

978-0-7695-3278-3/08 $25.00 © 2008 IEEE

DOI 10.1109/IIH-MSP.2008.34

126

unstructured overlay network [6]. In another words, all peers can serve as entry point to the network.

Typical joining process of new peer consists of three steps:1)Encounter an entry point;2)Use routing information of entry point to construct new peer’s routing table according to a certain mechanism; 3) Inform its presence to existing peers.

In P-Grid when two peers encounter, they will compare path each other to decide how to change their routing table and partition key space. Analyzing the process we can figure out secure issues on joining process. Various P2P systems have two things in common that is entry-point may be faulty and new node may be malicious. Due to the openness and anonymity of peers, entry point could be faulty which will offer incorrect routing information and cause new peer has wrong information of system. This fault occurs when using one entry-point to join the system. Moreover, each node only has partial information of the whole overlay network. Even if the entry point is not faulty, it still needs to consult other peers about the routing information. In a serious case, faulty peers may collude. Collusive peers may mislead the new peer to see a totally different overlay network [9].Also new node is not trusted by system. It may spoof and impersonate [10].

3.2 Secure Consideration of Joining Process in P-Grid

In P-Grid, all peers can serve as entry point to the network. It also means a set of malicious peers can work as entry points. It will be more dangerous that malicious peers cross-registered in the legitimate network and collude together. So, secure joining process consists of two phases: authentication of entry point and authentication of new peer. 3.2.1 Authentication of Entry Point. Entry point may have three cases of malicious behaviors: 1) Entry point claims a wrong association between a public key and its Id. 2) Entry point declares its wrong path in P-Grid and make a wrong routing table. New peer will get unavailable information and less service, even no service of system due to misleading of entry point. 3) Entry point alters its routing table, which will bring the same results as the second behavior above.

The core idea of authentication of entry point is that new peer should contact a set of other entry point peers to find information of initial entry point, so that to make sure whether the initial entry point is in proper behavior. We call those other entry point peers as consultant peers. Three important things must be taken into account: 1) whether new peer can successfully contact sufficient consultant peers? We assume that size of P-Grid is large enough that new peer can

randomly meet multiple consultant peers. 2) Whether enough information about initial entry point can be returned? In P-Grid, information of peer, which mainly include peer’s Id, physical address, public key and current search path in P-Grid, will be stored in two kinds of places. One is to store peer (denoted as p) in a set of peers which are responsible for the path using Idp as the key value, that is, peer’s information is treated as normal data file. The other is routing table whose item refers to the address of at least one other peer that is responsible for the other side of the binary tree at each level. In a general form,

Idp=x1x2…xm, xi∈ {0, 1}, 1≤i≤m Path(p)= l1…ln , li∈ {0, 1}, 1≤i≤n The number of possible places where p is stored is replicamax+

replicamax is the max number of replica peers which are responsible for the path using Idp as the keyword. It is impossible and no need to get in touch with all the peers. We can randomly select k peers. If information less than k are returned, more requests will continue to be sent. 3) How to make a decision with information returned? We have a premise here that P-Grid has honest peers in majority. A quorum-based method is used to judge the set of information returned which will has the tolerance of Byzantine Fault. 3.2.2 Authentication of New Peer. We place emphasis on the public key authentication of new peer mainly to avoid attacks such as spooling and impersonation. Considering openness and anonymity of peers, behaviors of peers are not always consistent, quorum-based approach is used here to make sure of one’s public key. 3.3 Authentication Algorithm of Entry Point

Authentication of entry point consists of three issues: 1) Authentication of entry point’s public key. 2) Checking of entry point’s path. Peer’s path is used when two peers encounter. To detect forged path, we must check whether routing table and path are conflict. For path (Idp) =000, its routing table only has three types of references: 1, 01, and 001. If other types appear, a conflict happens. A sophisticated case will be that the routing table is forged according to the forged path. Checking authenticity of routing table will solve this problem.3) Checking of entry point’s routing table. Path (Idp) =11, an item of its routing table is 0:s, t. There are two ways to judge whether peer s and peer t are opposite peers on the first bit. One is to contact s and t to get their current path. The other is to get in touch with peers whose path is 1***, that is, if s and t are also referred in the other peers with path of 1***, the item in p is to be trusted. Figure 2 is a brief form

∑=

−n

i

in

12

127

of P-Grid, which omits the detail of routing table. New peer N randomly encounters p2.

Figure 2. Example of entry point authentication

Timestamp to avoid relay attack is omitted in the simple form of every message. Detailed process of authentication of entry point is described below using notation in Table 1.

Table 1.Notation in authentication process Idi Identity of peer i, usually in binary form. Addri Physical address of peer i, usually its IP address. Ei Public key of peer i. Di Private key of peer i. r Random number. Di (x) x is signed by peer i Ei(x) x is encrypted by peer i RTi Routing table of peer i. path(i) Path of peer i. checkpk(Di (r)) Request for checking public key of peer i using

random number signed by peer i. checktable(path(i)) Request for checking path of peer i.

Step1: New peer N sends message {IdN, addrN, EN,r, DN (IdN, addrN, EN,r)} to the entry point e, which is p2 here. This message tells basic information of new peer to entry point e and asks for public key of entry point e.

Step2: Entry point e returns message { EN (Ide, addre, Ee, De (r), path(e), RTe)} .

Step3: New peer N checks whether there exists conflict in path (e) and RTe . If there exists, new peer will abandon this entry point and find another one and start from step 1 again.

Step4: Randomly encounter other k consultant peers. Here k=4 peers p4, p5, p8, p10 is selected. Msg[i] is refer to the message sent to consultant peer i, i∈[1,k] .

Msg[i]= {IdN, addrN, EN, checkpk(De (r)) ,checktable(path(e)),DN (IdN, addrN, EN, checkpk(De (r)) ,checktable(path(e)))}

Step5: Peers (denoted by p) which store public key of e will return confirmation { EN (Idp, addrp,r, Ee)}.N uses a vector to store messages from every peer. r from each peer will be checked whether they are equal. If not equal, a quorum-based method is used to select public key to compare with the one peer N gets. If it is equal, then the public key is accepted. Otherwise, new peer will abandon this entry point and find another one and start from step 1 again.

Step6: Peers (denoted by p) which have routing table of same items with e will return a set of peers in routing table. Here peers 6, 8, 11, 12 return { EN (Idp,

addrp, RTp)} . N also uses a vector to store messages from every peer. A quorum-based method is also used to select peers in every bit level of routing table.

After those main six steps, new peer N will trust entry peer e and accept what e has offered.

3.4 Authentication Algorithm of New Node

We consider peers in routing table and data reference table are trusted peers to the host peer, that is, their public keys is accepted by host peer. Also, host peer is trusted by them. Detailed process of authentication of entry point is described below.

Step1: Entry peer e receives new peer’s public key EN in the first step in section D. e sends message to peers it trusts such as peers in routing table or in data file table. {Epi (Ide, Idpi,r, De(IdN, EN))} Here pi may be p12,p3, p14.

Step2: Each trusted peer pi of e will check N by sending request to N.{ EN (Idpi, IdN, Epi ,Dpi (Idpi, IdN, EN(r)))}

Step3:N responses to each request.{ DN (Idpi, IdN, r)} Step4: pi sends information getting from N to e.{ Dpi

( DN (Idpi, IdN, r))} Step5: e compares r from every pi. If they are equal,

public key of N is authenticated. If not, a quorum-based method is used to select public key (denoted by ENcheck) according to r. if ENcheck= EN , new peer’s public key is accepted.

Figure 3. Example of new peer authentication

4. Analysis

This section gives a preliminary analysis of the successful probability of authentication of entry point using notation in Table 2.Consider that a consultant peer sends two kinds of query messages: query for authentication of public key and routing table. Rsent is calculated in equation below:

Rsent=replicamax+length(path(e))* replicamax We suppose that the max number of peers in one

item of routing table is equal to replicamax. Thus, max number of peers that k consultant peers wish to contact is Rsent*k.

Under normal circumstances, Rreturn≤Rsent*k.

128

Suppose there are f malicious peers in Rreturn peers return. The probability P (i) of Rreturn peers with i malicious peers is given by the following binomial probability:

To tolerate Byzantine faults, f and Rreturn should satisfy inequality Rreturn≥3f+1.So probability of successfully forming a quorum of tolerating Byzantine faults is:

Since peers construct P-Grid system in a completely

randomized manner, it is unlikely that all malicious peers collaborate, especially k consultant peers. Consulting different kinds of places where peer’s information is stored will greatly decrease the possibility of collusion in malicious peers. Therefore we can conclude that P is the successful probability of authentication of entry point. Figure 4 shows successful probability of authentication of entry point.

00.10.20.30.40.50.60.70.80.9

1

0.05 0.15 0.25 0.4 0.8 m

proba

bil

ity

of

authe

nti

cati

on

Figure 4. Successful probability of entry point authentication when f=6 and Rreturn=20

Analysis of successful probability of authentication of new peer is the same as entry peer. It will not be elaborated any more.

Table 2. Notation in analysis replicamax max number of replica peers. f Number of malicious peers. k Number of consultant peers. Rreturn Number of peers which return information. P(i) Probablity of R peers with i malicious peers. m Probablity of individual peers being malicious e Entry peer length(x) Length of a binary string x. path(i) Path of peer i. Rsent max number of peers that a consultant peer contact with.

5. Conclusions and Future Work

In this paper we introduce a secure joining process in P2P system. To ensure security, not only the authenticity of new peer and entry peer but also the routing table of entry peer is checked. From analysis, we know in large scale P-Grid system with honest peers in majority, high successful probability of authentication will be obtained. Collusion among malicious peers will be avoided in a degree largely because of the completely randomized algorithms in P-Grid and consulting various storing places of peers. Properties of P2P system, such as decentralization and scalability, are still kept. The work presented in this paper is a first step. Now, we are doing simulation experiments to analyze related theory and algorithm.

6. References [1] Ion Stoica, Robert Morris, David Karger, M. Frans, Kaashoek, Frank Dabek, “Chord: A Scalable Peer-To-Peer Lookup Service for Internet Applications” http://pdos.csail.mit.edu/papers/chord:sigcomm01/chord_sigcomm.pdf. [2] A. Rowstron, P. Druschel, “Pastry: Scalable, Distributed Object Location and Routing for Large-scale Peer-to-Peer Systems”,http:// research.microsoft.com/~antr/PAST/pastry.pdf. [3] E. Sit and R. Morris, “Security Considerations for Peer-to-Peer Distributed Hash Tables" in Proc. of First Int’l Workshop on P2P Systems (IPTPS '02), Cambridge, MA. March 2002. [4] Karl Aberer, “P-Grid: A Self-organizing Access Structure for P2P Information Systems. Proc,”Int’l Conf. Cooperative Information Systems, LNCS. Springer-Verlag, Heidelberg, Germany, 2001: pp.179-194. [5] Karl Aberer, Magdalena Punceva, “Improving Data Access in P2P Systems ,” http://www.p-grid.org/publications/papers/IC2002.pdf. [6] Karl Aberer, Anwitaman Datta, Manfred Hauswirth, “Indexing Data-oriented Overlay Networks,” http://www.p-grid.org/publications/papers/VLDB2005.pdf. [7] Karl Aberer, Anwitaman Datta, Manfred Hauswirth, “Effcient, Self-contained Handling of Identity in Peer-to-Peer Systems,” http://www.p-grid.org/publications/papers/TKDE2004.pdf. [8] Datta A,Hauswirth M,Aberer K, “Beyond “web of trust”: enabling P2P E-commerce,” http:// lsirpeople.epfl.ch/hauswirth/papers/CEC2003.pdf. [9] Ying Chen, Kai Hwang,“Byzantine Fault Tolerance of Inverse de Bruijn Overlay Networks for Secure P2P Routing,” http:// gridsec.usc.edu/files/TR/TPDS-Chen-Hwang-Oct20-2006final.pdf. [10] V. Pathak and L. Iftode, “Byzantine Fault Tolerant Public Key Authentication in Peer-to-Peer Systems,” Computer Networks, Special issue on Management in Peer-to-Peer Systems: Trust, Reputation and Security, Vol. 50, No.4, March 2006.

∑

−

=

=3/1R

0

return

)(i

iPP

129