Secure routing for structured p2p overlay networks
--------------------------------------------------
M. Castro et al.
The paper addresses security issues in structured peer-to-peer overlay
networks. In spite of their applicability (distributed storage, group
communication, content distribution) and their resilient properties,
p2p overlays are not secure. Misbehaving nodes can misroute, corrupt
or drop messages and routing information and assume the identity of
other nodes.
The authors describe a security model that applies to structured p2p
overlays. The secure routing addresses 3 problems: securely assigning
nodesIDs to nodes, securely maintaining the routing tables and securely
forwarding messages.
For assigning nodeIDs, the authors propose certification authorities.
However, I am not sure to what extent their CA infrastructure may become
a point of failure. Another thing is the inclusion of IP addresses in
the certificates. For static IPs this works fine, but for dynamic IPs
this becomes a problem. What about nodes behind NATs that have a finite
number of public IPs. A number of nodes will appear to have the same IP.
I don't know how this will affect the routing performances.
As a plus, I think the idea of the routing failure test is good and useful.
Received on Thu Nov 17 2005 - 11:17:32 EST
This archive was generated by hypermail 2.2.0 : Thu Nov 17 2005 - 11:17:33 EST