Secure routing in peer-to-peer distributed hash tables

摘要

Distributed hash tables (DHTs) provide efficient and scalable lookup mechanisms for locating data in peer-to-peer (p2p) networks. Several issues, however, prevent DHT-based p2p networks from being widely deployed -- one of which is security. Malicious peers may modify, drop, misroute lookup requests, or even collude to deny the availability of target data. To address these security concerns, we propose an extension to Chord named Sechord. The main idea is that the source can determine whether the next hop is valid or invalid by estimating how far the next hop is from its finger pointer. If the next hop is too far away from the finger pointer, especially compared to the average distance between two consecutive peers, the source can infer some ongoing malicious activities. Our modifications require no trust between two nodes except node join. Moreover, each node utilizes locally available information to evaluate hops encountered during the lookup routing process for validity. Thesemodifications have been implemented and evaluated in the presence of malicious nodes. Our results show that Sechord significantly enhances the security of structured p2p systems at the expense of slightly increased hop count.