article

Secure routing for structured peer-to-peer overlay networks

Authors:

Peter Druschel,

Ayalvadi Ganesh,

Antony Rowstron,

Dan S. WallachAuthors Info & Claims

ACM SIGOPS Operating Systems Review, Volume 36, Issue SI

Pages 299 - 314

https://doi.org/10.1145/844128.844156

Published: 31 December 2002 Publication History

Abstract

Structured peer-to-peer overlay networks provide a substrate for the construction of large-scale, decentralized applications, including distributed storage, group communication, and content distribution. These overlays are highly resilient; they can route messages correctly even when a large fraction of the nodes crash or the network partitions. But current overlays are not secure; even a small fraction of malicious nodes can prevent correct message delivery throughout the overlay. This problem is particularly serious in open peer-to-peer systems, where many diverse, autonomous parties without preexisting trust relationships wish to pool their resources. This paper studies attacks aimed at preventing correct message delivery in structured peer-to-peer overlays and presents defenses to these attacks. We describe and evaluate techniques that allow nodes to join the overlay, to maintain routing state, and to forward messages securely in the presence of malicious nodes.

References

[1]

M. Bellare and P. Rogaway. The exact security of digital signatures- How to sign with RSA and Rabin. In Advances in Cryptology - EUROCRYPT 96, Lecture Notes in Computer Science, Vol. 1070. Springer-Verlag, 1996.

Digital Library

[2]

Steve Bellovin. Security aspects of Napster and Gnutella. In 2001 Usenix Annual Technical Conference, Boston, Massachusetts, June 2001. Invited talk.

[3]

Miguel Castro, Peter Druschel, Y. Charlie Hu, and Antony Rowstron. Exploiting network proximity in peer-to-peer overlay networks. Technical Report MSR-TR-2002-82, Microsoft Research, May 2002.

[4]

Miguel Castro and Barbara Liskov. Practical byzantine fault tolerance. In Proceedings of the Third Symposium on Operating Systems Design and Implementation (OSDl'99), New Orleans, Louisiana, February 1999.

Digital Library

[5]

Ian Clarke, Oskar Sandberg, Brandon Wiley, and Theodore W. Hong. Freenet: A distributed anonymous information storage and retrieval system. In Workshop on Design Issues in Anonymity and Unobservability, pages 311--320, July 2000. ICSI, Berkeley, California.

Digital Library

[6]

Thomas H. Cormen, Charles E. Leiserson, and Ronald L. Rivest. Introduction to Algorithms. MIT Electrical Engineering and Computer Science Series. MIT Press, 1990.

Digital Library

[7]

Frank Dabek, M. Frans Kaashoek, David Karger, Robert Morris, and Ion Stoica. Wide-area cooperative storage with CFS. In Proc. ACM SOSP'01, Banff, Canada, October 2001.

Digital Library

[8]

Drew Dean and Adam Stubblefield. Using client puzzles to protect TLS. In l0th Usenix Security Symposium, pages 1--8, Washington, D.C., August 2001.

Digital Library

[9]

Roger Dingledine, Michael J. Freedman, and David Molnar. Accountability measures for peer-to-peer systems. In Peer-to-Peer: Harnessing the Power of Disruptive Technologies. O'Reilly and Associates, November 2000.

[10]

John R. Douceur. The Sybil attack. In Proceedings for the 1st International Workshop on Peer-to-Peer Systems (IPTPS '02), Cambridge, Massachusetts, March 2002.

Digital Library

[11]

M. P. Herlihy and J. M. Wing. Axioms for Concurrent Objects. In Proceedings of 14th ACM Symposium on Principles of Programming Languages, pages 13--26, January 1987.

Digital Library

[12]

A. Herzberg, M. Jakobsson, S. Jarecki, H. Krawczyk, and M. Yung. Proactive public key and signature systems. In Proc. of the 1997 ACM Conference on Computers and Communication Security, 1997.

Digital Library

[13]

Ari Juels and John Brainard. Client puzzles: A cryptographic defense against connection depletion attacks. In Internet Society Symposium on Network and Distributed System Security (NDSS '99), pages 151--165, San Diego, California, February 1999.

[14]

Nancy Lynch, Dahlia Malkhi, and David Ratajczak. Atomic data access in content addressable networks. In Proceedings for the 1st International Workshop on Peer-to-Peer Systems (IPTPS '02), Cambridge, Massachusetts, March 2002.

Digital Library

[15]

Ralph C. Merkle. Secure communications over insecure channels. Communications of the ACM, 21 (4):294--299, April 1978.

Digital Library

[16]

Sylvia Ratnasamy, Paul Francis, Mark Handley, Richard Karp, and Scott Shenker. A scalable content-addressable network. In Proc. ACM SIGCOMM'01, San Diego, Califomia, August 2001.

Digital Library

[17]

Antony Rowstron and Peter Druschel. Pastry: Scalable, distributed object location and routing for large-scale peer-to-peer systems. In Proc. IFIP/ACM Middleware 2001, Heidelberg, Germany, November 2001.

Digital Library

[18]

Antony Rowstron and Peter Druschel. Storage management and caching in PAST, a large-scale, persistent peer-to-peer storage utility. In Proc. ACM SOSP'01, Banff, Canada, October 2001.

Digital Library

[19]

Emil Sit and Robert Morris. Security considerations for peer-to-peer distributed hash tables. In Proceedings for the 1st International Workshop on Peer-to-Peer Systems (IPTPS '02), Cambridge, Massachusetts, March 2002.

Digital Library

[20]

Ion Stoica, Robert Morris, David Karger, M. Frans Kaashoek, and Hari Balakrishnan. Chord: A scalable peer-to-peer lookup service for lnternet applications. In Proc. ACM SIGCOMM'01, San Diego, California, August 2001.

Digital Library

[21]

Ben Y. Zhao, John D. Kubiatowicz, and Anthony D. Joseph. Tapestry: An infrastructure for fault-resilient wide-area location and routing. Technical Report UCB//CSD-01-1141, U. C. Berkeley, April 2001.

Cited By

Cholez TIgnat C(2024)Sybil Attack Strikes Again: Denying Content Access in IPFS with a Single ComputerProceedings of the 19th International Conference on Availability, Reliability and Security10.1145/3664476.3664482(1-7)Online publication date: 30-Jul-2024
https://dl.acm.org/doi/10.1145/3664476.3664482
de Vos MIshmaev GPouwelse J(2024)DeScan: Censorship-resistant indexing and search for Web3Future Generation Computer Systems10.1016/j.future.2023.11.008152(257-272)Online publication date: Mar-2024
https://doi.org/10.1016/j.future.2023.11.008
Gangadharaiah SBhajantri L(2024)Secure data dissemination and routing in Internet of ThingsInternational Journal of Information Technology10.1007/s41870-024-01848-4Online publication date: 28-Apr-2024
https://doi.org/10.1007/s41870-024-01848-4
Show More Cited By

Index Terms

Secure routing for structured peer-to-peer overlay networks
1. Networks
  1. Network protocols
    1. Network layer protocols
      1. Routing protocols
2. Software and its engineering
  1. Software organization and properties
    1. Contextual software domains
      1. Operating systems
        Communications management

Recommendations

An efficient and secure overlay network for general peer-to-peer systems
Ranking factors in peer-to-peer overlay networks

A large number of peer processes are distributed in a peer-to-peer (P2P) overlay network. It is difficult, maybe impossible for a peer to perceive the membership and location of every resource object due to the scalability and openness of a P2P network. ...
Locality in structured peer-to-peer networks

Distributed hash tables (DHTs), used in a number of structured peer-to-peer (P2P) systems, provide efficient mechanisms for resource placement and location. A key distinguishing feature of current DHT systems, such as Chord, Pastry, CAN and Tapestry, is ...

Comments

Information & Contributors

Information

Published In

cover image ACM SIGOPS Operating Systems Review

ACM SIGOPS Operating Systems Review Volume 36, Issue SI

OSDI '02: Proceedings of the 5th Symposium on Operating Systems Design and Implementation

Winter 2002

398 pages

ISSN:0163-5980

DOI:10.1145/844128

Issue’s Table of Contents

Copyright © 2002 Copyright is held by the owner/author(s).

Permission to make digital or hard copies of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for third-party components of this work must be honored. For all other uses, contact the Owner/Author.

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 31 December 2002

Published in SIGOPS Volume 36, Issue SI

Check for updates

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

131
Total Citations
View Citations
2,839
Total Downloads

Downloads (Last 12 months)46
Downloads (Last 6 weeks)2

Reflects downloads up to 11 Aug 2024

Other Metrics

View Author Metrics

Citations

Cited By

Cholez TIgnat C(2024)Sybil Attack Strikes Again: Denying Content Access in IPFS with a Single ComputerProceedings of the 19th International Conference on Availability, Reliability and Security10.1145/3664476.3664482(1-7)Online publication date: 30-Jul-2024
https://dl.acm.org/doi/10.1145/3664476.3664482
de Vos MIshmaev GPouwelse J(2024)DeScan: Censorship-resistant indexing and search for Web3Future Generation Computer Systems10.1016/j.future.2023.11.008152(257-272)Online publication date: Mar-2024
https://doi.org/10.1016/j.future.2023.11.008
Gangadharaiah SBhajantri L(2024)Secure data dissemination and routing in Internet of ThingsInternational Journal of Information Technology10.1007/s41870-024-01848-4Online publication date: 28-Apr-2024
https://doi.org/10.1007/s41870-024-01848-4
Zhao SHua ZXia Y(2023)SecDFS: A Secure and Decentralized File System2023 IEEE 29th International Conference on Parallel and Distributed Systems (ICPADS)10.1109/ICPADS60453.2023.00097(623-630)Online publication date: 17-Dec-2023
https://doi.org/10.1109/ICPADS60453.2023.00097
Yoon M(2023)AccountNet: Accountable Data Propagation Using Verifiable Peer Shuffling2023 IEEE 43rd International Conference on Distributed Computing Systems (ICDCS)10.1109/ICDCS57875.2023.00050(48-61)Online publication date: Jul-2023
https://doi.org/10.1109/ICDCS57875.2023.00050
Stokkink QIleri CEpema DPouwelse J(2023)Web3 Sybil avoidance using network latencyComputer Networks10.1016/j.comnet.2023.109701227(109701)Online publication date: May-2023
https://doi.org/10.1016/j.comnet.2023.109701
Verma RDhanda N(2023)Blockchain types: A characteristic viewDistributed Computing to Blockchain10.1016/B978-0-323-96146-2.00013-9(69-85)Online publication date: 2023
https://doi.org/10.1016/B978-0-323-96146-2.00013-9
Benčić FPodnar Žarko I(2022)Aurora-Trinity: A Super-Light Client for Distributed Ledger Networks Extending the Ethereum Trinity ClientSensors10.3390/s2205183522:5(1835)Online publication date: 25-Feb-2022
https://doi.org/10.3390/s22051835
Neu JSridhar SYang LTse DAlizadeh MHerlihy MNarula N(2022)Longest Chain Consensus Under Bandwidth ConstraintProceedings of the 4th ACM Conference on Advances in Financial Technologies10.1145/3558535.3559777(126-147)Online publication date: 19-Sep-2022
https://dl.acm.org/doi/10.1145/3558535.3559777
Qiu HJi TZhao SChen XQi JCui HWang S(2022)A Geography-Based P2P Overlay Network for Fast and Robust Blockchain SystemsIEEE Transactions on Services Computing10.1109/TSC.2022.3189667(1-14)Online publication date: 2022
https://doi.org/10.1109/TSC.2022.3189667
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Issue’s Table of Contents