PGSP: a protocol for secure communication in peer-to-peer system

摘要

The Internet today is seeing the evolution of peer-to-peer (P2P) applications and interaction. Such interaction implies a direct communication between two end nodes of the Internet. P2P applications currently are facilitated by a central server, largely to ensure the authenticity of users. However; we foresee two issues with such a system - time/bandwidth usage for facilitation and non availability of a central facilitation server for P2P networks. We propose a security protocol called PGSP (peer group security protocol), relying on tamperproof hardware, to authenticate two peer nodes mutually. PGSP also establishes a secure channel between any two nodes without any central facilitation and, thus, allows for the two nodes to exchange a public-private key pair at the time of interaction. PGSP fits well with the resurrecting duckling security paradigm (Stajano, F. and Anderson, R., Proc. 3rd AT&T Software Symp., 1999). Once the hardware is imprinted for authentication, PGSP is robust against man-in-the-middle attack, passive eavesdropping and active impersonation attacks, ensuring source authentication, data confidentiality and data integrity. The proposed scheme is scalable to the addition of both new nodes and new P2P applications/groups to every node, and is cost-effective.