Article

The Sybil Attack

Author:

John R. DouceurAuthors Info & Claims

IPTPS '01: Revised Papers from the First International Workshop on Peer-to-Peer Systems

Pages 251 - 260

Published: 07 March 2002 Publication History

Abstract

Large-scale peer-to-peer systems face security threats from faulty or hostile remote computing elements. To resist these threats, many such systems employ redundancy. However, if a single faulty entity can present multiple identities, it can control a substantial fraction of the system, thereby undermining this redundancy. One approach to preventing these "Sybil attacks" is to have a trusted agency certify identities. This paper shows that, without a logically centralized authority, Sybil attacks are always possible except under extreme and unrealistic assumptions of resource parity and coordination among entities.

References

[1]

T. Aura, P. Nikander, J. Leiwo, "DoS-Resistant Authentication with Client Puzzles", Cambridge Security Protocols Workshop, Springer, 2000.

[2]

M. Bellare and P. Rogaway, "Random Oracles are Practical: A Paradigm for Designing Efficient Protocols", 1st Conference on Computer and Communications Security, ACM, 1993, pp. 62-73.

[3]

W. J. Bolosky, J. R. Douceur, D. Ely, M. Theimer, "Feasibility of a Serverless Distributed File System Deployed on an Existing Set of Desktop PCs", SIGMETRICS 2000, 2000, pp. 34-43.

[4]

M. Castro, B. Liskov, "Practical Byzantine Fault Tolerance", 3rd OSDI, 1999.

[5]

D. Chaum, "Untraceable Electronic Mail, Return Addresses, and Digital Pseudonyms", CACM 4 (2), 1982.

[6]

B. Chor, O. Goldreich, E. Kushilevitz, M. Sudan, "Private Information Retrieval", 36th FOCS, 1995.

[7]

I. Clarke, O. Sandberg, B. Wiley, T. Hong, "Freenet: A Distributed Anonymous Information Storage and Retrieval System", Design Issues in Anonymity and Unobervability, ICSI, 2000.

[8]

F. Dabek, M. F. Kaashoek, D. Karger, R. Morris, I. Stoica, "Wide-Area Cooperative Storage with CFS", 18th SOSP, 2001, pp. 202-215.

[9]

D. Dean, A. Stubblefield, "Using Client Puzzles to Protect TLS", 10th USENIX Security Symp., 2001.

[10]

R. Dingledine, M. Freedman, D. Molnar "The Free Haven Project: Distributed Anonymous Storage Service", Design Issues in Anonymity and Unobservability, 2000.

[11]

R. Dingledine, M. J. Freedman, D. Molnar "Accountability", Peer-to-Peer: Harnessing the Power of Disruptive Technologies, O'Reilly, 2001.

[12]

J. S. Donath, "Identity and Deception in the Virtual Community", Communities in Cyberspace, Routledge, 1998.

[13]

C. Ellison, "Establishing Identity Without Certification Authorities", 6th USENIX Security Symposium, 1996, pp. 67-76.

[14]

U. Feige, A. Fiat, A. Shamir, "Zero-Knowledge Proofs of Identity", Journal of Cryptology 1 (2), 1988, pp. 77-94.

[15]

A. Fiat, A. Shamir, "How to Prove Yourself: Practical Solutions of Identification and Signature Problems", Crypto '86, 1987, pp. 186-194.

[16]

Y. Gertner, S. Goldwasser, T. Malkin, "A Random Server Model for Private Information Retrieval", RANDOM '98, 1998.

[17]

A. Goldberg, P. Yianilos, "Towards an Archival Intermemory", International Forum on Research and Technology Advances in Digital Libraries, IEEE, 1998, pp. 147-156.

[18]

J. H. Hartman, I. Murdock, T. Spalink, "The Swarm Scalable Storage System", 19th ICDCS, 1999, pp. 74-81.

[19]

ICANN, Internet Corporation for Assigned Names and Numbers, 4676 Admiralty Way, Suite 330, Marina del Rey, CA 90292-6601, www.icann.org.

[20]

A. Juels, J. Brainard, "Client Puzzles: A Cryptographic Defense against Connection Depletion Attacks", NDSS '99, ISOC, 1999, pp. 151-165.

[21]

L. Lamport, R. Shostak, M. Pease, "The Byzantine Generals Problem", TPLS 4(3), 1982.

[22]

K. R. Lefebvre, "The Added Value of EMBASSY in the Digital World", Wave Systems Corp. white paper, www.wave.com, 2000.

[23]

D. Mazières, M. Kaminsky, M. F. Kaashoek, E. Witchel, "Separating Key Management from File System Security", 17th SOSP, 1999, pp. 124-139.

[24]

A. J. Menezes, P. C. van Oorschot, S. A. Vanstone. Handbook of Applied Cryptography. CRC Press, 1997.

[25]

R. C. Merkle, "Secure Communications over Insecure Channels", CACM 21, 1978, pp. 294-299.

[26]

T. Narten, R. Draves, "Privacy Extensions for Stateless Address Autoconfiguration in IPv6", RFC 3041, 2001.

[27]

K. Ohta, T. Okamoto, "A Modification to the Fiat-Shamir Scheme", Crypto "88, 1990, pp. 232-243.

[28]

M. K. Reiter, A. D. Rubin, "Crowds: Anonymous Web Transactions", Transactions on Information System Security 1 (1), ACM, 1998.

[29]

A. Rowstron, P. Druschel, "Storage Management and Caching in PAST, a Large-Scale, Persistent Peer-to-Peer Storage Utility", 18th SOSP, 2001, pp. 188-201.

[30]

F. R. Schreiber, Sybil, Warner Books, 1973.

[31]

A. Shamir, "An Efficient Identification Scheme Based on Permuted Kernels", Crypto '89, 1990, pp. 606-609.

[32]

S. Turkle, Life on the Screen: Identity in the Age of the Internet, Simon & Schuster, 1995.

[33]

VeriSign, Inc. 487 East Middlefield Road, Mountain View, CA 94043, www.verisign.com.

[34]

M. Waldman, A. D. Rubin, L. F. Cranor, "Publius: A Robust, Tamper-Evident Censorship-Resistant Web Publishing System", 9th USENIX Security Symposium, 2000, pp. 59-72.

[35]

Wave Systems Corp. 480 Pleasant Street, Lee, MA 01238, www.wave.com

[36]

J. J. Wylie, M. W. Bigrigg, J. D. Strunk, G. R. Ganger, H. Kilite, P. K. Khosla, "Survivable Information Storage Systems", IEEE Computer 33 (8), IEEE, 2000, pp. 61-68.

[37]

P. Zimmerman, PGP User's Guide, MIT, 1994.

Cited By

Avelas DHeydari HAlchieri EDistler TBessani AKuznetsov PGelles ROlivetti D(2024)Probabilistic Byzantine Fault ToleranceProceedings of the 43rd ACM Symposium on Principles of Distributed Computing10.1145/3662158.3662810(170-181)Online publication date: 17-Jun-2024
https://dl.acm.org/doi/10.1145/3662158.3662810
Byun SSarker AChang SKalita J(2024)Secure Aggregation for Privacy-preserving Federated Learning in Vehicular NetworksACM Journal on Autonomous Transportation Systems10.1145/36576441:3(1-25)Online publication date: 13-Apr-2024
https://dl.acm.org/doi/10.1145/3657644
Jin XGong ZJiang JWang CZhang JWang ZBaeza-Yates RBonchi F(2024)RCTD: Reputation-Constrained Truth Discovery in Sybil Attack Crowdsourcing EnvironmentProceedings of the 30th ACM SIGKDD Conference on Knowledge Discovery and Data Mining10.1145/3637528.3671803(1313-1324)Online publication date: 25-Aug-2024
https://dl.acm.org/doi/10.1145/3637528.3671803
Show More Cited By

Index Terms

The Sybil Attack
1. Security and privacy
2. Software and its engineering
  1. Software organization and properties
    1. Software system structures
      1. Distributed systems organizing principles

Index terms have been assigned to the content through auto-classification.

Recommendations

Quantifying Resistance to the Sybil Attack
Financial Cryptography and Data Security

Sybil attacks have been shown to be unpreventable except under the protection of a vigilant central authority. We use an economic analysis to show quantitatively that some applications and protocols are more robust against the attack than others. In our ...
The sybil attack in sensor networks: analysis & defenses
IPSN '04: Proceedings of the 3rd international symposium on Information processing in sensor networks

Security is important for many sensor network applications. A particularly harmful attack against sensor and ad hoc networks is known as the Sybil attack [6], where a node illegitimately claims multiple identities. This paper systematically analyzes the ...
Sybil attack resistant location privacy in VANET

Vehicular ad hoc networks VANETs are more susceptible to Sybil attack where a malicious vehicle compromises a road side unit RSU and behaves as multiple vehicles. Thus, an efficient mechanism is essential to identify the attacker, compromised RSU, and ...

Comments

Information & Contributors

Information

Published In

cover image Guide Proceedings

IPTPS '01: Revised Papers from the First International Workshop on Peer-to-Peer Systems

March 2002

337 pages

ISBN:3540441794

Publisher

Springer-Verlag

Berlin, Heidelberg

Publication History

Published: 07 March 2002

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

750
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 30 Aug 2024

Other Metrics

View Author Metrics

Citations

Cited By

Avelas DHeydari HAlchieri EDistler TBessani AKuznetsov PGelles ROlivetti D(2024)Probabilistic Byzantine Fault ToleranceProceedings of the 43rd ACM Symposium on Principles of Distributed Computing10.1145/3662158.3662810(170-181)Online publication date: 17-Jun-2024
https://dl.acm.org/doi/10.1145/3662158.3662810
Byun SSarker AChang SKalita J(2024)Secure Aggregation for Privacy-preserving Federated Learning in Vehicular NetworksACM Journal on Autonomous Transportation Systems10.1145/36576441:3(1-25)Online publication date: 13-Apr-2024
https://dl.acm.org/doi/10.1145/3657644
Jin XGong ZJiang JWang CZhang JWang ZBaeza-Yates RBonchi F(2024)RCTD: Reputation-Constrained Truth Discovery in Sybil Attack Crowdsourcing EnvironmentProceedings of the 30th ACM SIGKDD Conference on Knowledge Discovery and Data Mining10.1145/3637528.3671803(1313-1324)Online publication date: 25-Aug-2024
https://dl.acm.org/doi/10.1145/3637528.3671803
Wang CPujol DNayak KMachanavajjhala ACalandrino JTroncoso C(2023)Private proof-of-stake blockchains using differentially-private stake distortionProceedings of the 32nd USENIX Conference on Security Symposium10.5555/3620237.3620326(1577-1594)Online publication date: 9-Aug-2023
https://dl.acm.org/doi/10.5555/3620237.3620326
Chen HDeng XWang YWu YZhao DAgmon NAn BRicci AYeoh W(2023)Sybil-Proof Diffusion Auction in Social NetworksProceedings of the 2023 International Conference on Autonomous Agents and Multiagent Systems10.5555/3545946.3598787(1379-1387)Online publication date: 30-May-2023
https://dl.acm.org/doi/10.5555/3545946.3598787
Fernandez GBrito AHartono ASardar MFetzer CFu SCarnevale LRana OVillari M(2023)LLD: A Last-Level Defense for Application Integrity and ConfidentialityProceedings of the IEEE/ACM 16th International Conference on Utility and Cloud Computing10.1145/3603166.3632127(1-10)Online publication date: 4-Dec-2023
https://dl.acm.org/doi/10.1145/3603166.3632127
Sober MKobelt MScaffino GKaaser DSchulte SHong JLanperne MPark JCerny TShahriar H(2023)Distributed Key Generation with Smart Contracts using zk-SNARKsProceedings of the 38th ACM/SIGAPP Symposium on Applied Computing10.1145/3555776.3577677(231-240)Online publication date: 27-Mar-2023
https://dl.acm.org/doi/10.1145/3555776.3577677
Karakostas DKiayias AZacharias THerlihy MNarula N(2022)Blockchain Nash Dynamics and the Pursuit of ComplianceProceedings of the 4th ACM Conference on Advances in Financial Technologies10.1145/3558535.3559781(281-293)Online publication date: 19-Sep-2022
https://dl.acm.org/doi/10.1145/3558535.3559781
Zou HZhang YQue XLiang YCrowcroft J(2022)Efficient federated learning under non-IID conditions with attackersProceedings of the 1st ACM Workshop on Data Privacy and Federated Learning Technologies for Mobile Edge Network10.1145/3556557.3557951(13-18)Online publication date: 17-Oct-2022
https://dl.acm.org/doi/10.1145/3556557.3557951
Cheng YDeng XLi YYan XPennock DSegal ISeuken S(2022)Tight Incentive Analysis on Sybil Attacks to Market Equilibrium of Resource Exchange over General NetworksProceedings of the 23rd ACM Conference on Economics and Computation10.1145/3490486.3538378(792-793)Online publication date: 12-Jul-2022
https://dl.acm.org/doi/10.1145/3490486.3538378
Show More Cited By

View Options

View options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Table of Contents