This paper introduces secure routing as a building block for secure
structured peer-to-peer overlay networks. Basically it argues that all
the good things promised by structured P2P like Pastry, Chord and the
likes rely on the assumption that all the nodes are well-behaved,
according to the protocol. However, even if a small fraction of the
nodes misbehave, they can cause significant disruption in the system.
They propose solutions about how to rectify this problem.
The strength of this paper lies in its identification of the 3
pre-requisites that will enable secure routing; secure assignment of
node identifiers, secure routing table maintenance and secure message
forwarding. The authors describe at length the attacks possible if we
don't satisfy each of these pre-requisites and proposes solutions to
rectify this. The proposed solutions are backed by probabilistic
analysis to show their effectiveness. The authors also propose ideas to
incorporate secure routing with other application security features such
as self-certifying data and Byzantine fault-tolerant replication to
improve performance and security.
Although the paper has considerable theory and probabilistic analysis to
support the ideas, and the authors claim to have implemented such a
system, I feel that there is a lack of practical evaluation results to
give an idea of the performance overhead, even if the security it
promises might not be easy to evaluate practically.
The paper talks about yet another improvement to structured P2P systems
to make it as attractive as it could be, highly scalable, secure,
fault-tolerant, fast lookups and all the other good things. I believe
the idea is a good one and should be extended to handle IP aliasing due
to NAT and DHCP (of course after we've figured out a practical use for
DHTs) as this is reality!
Received on Thu Nov 17 2005 - 09:27:11 EST
This archive was generated by hypermail 2.2.0 : Thu Nov 17 2005 - 10:50:02 EST