The increasing importance of peer-to-peer systems raises new challenges for authentication. These systems are open, span multiple administrative domains, and (potentially) contain malicious peers. These systems also have large numbers of unsophisticated users who expect automatic fault tolerant behavior out of the box.
Our research focus is to investigate and develop methods for achieving automatic fault tolerant authentication over open peer-to-peer networks.
Assymetric encryption methods (a.k.a public/private key encryption methods) are used to digitally sign electronic communication in order to authenticate senders and content. This authentication through digital signatures is secure if the public key is authentic. This leads to the public key authentication problem which consists of mapping identities to public keys with high confidence.
The established methods of public key authentication have limitations that make it harder to apply them in an automatic, open peer-to-peer setting:
Public Key Infrastucture. This model is centralized and hierarchical. It is at odds with the multiple administrative domains nature of emergent peer-to-peer systems.
Web of Trust. PGP popularized the web of trust among sophisticated email users. The need for human trustworthiness decisions makes it unsuitable for lay users.
We argue that these methods are not designed to achieve ubiquitous and automatic public key authentication over an open peer-to-peer networks.
Our proposal for Byzantine fault tolerant public key authentication achieves eventual authentication of public keys by using an honest majority assumption instead of relying on human judgement or the trustworthiness of any third party.
The byzantine fault tolerant public key authentication protocol is a "lazy" protocol for authenticating public keys in a peer to peer system. The protocol functions over trusted groups of peers who also take on the role of trusted authority. Trusted peers authenticate unknown public keys through a challenge response protocol as shown in Figure 1 below:
Figure 1: Challenge response protocol allows a trusted peer B to authenticate the public key of A.
The challenge response protocol permits peers to decide the authenticity of public keys. They share this knowledge with their peers by sending an authentication vote. This authentication protocol gives unanimous agreement on authenticity in the absense of malicious peers or man-in-the middle attacks as shown below:
Figure 2: Authentication of the peer A through the trusted group of B. E sends an authentication vote to B, and D is a malicious peer.
If there are disagreeing authentication votes, then the trusted peers execute a byzantine agreement protocol in order to remove the peers that are not honest thereby maintaining correctness of authentication.
There are four primary research goals for this project:
To develop and characterize autonomous byzantine fault tolerant public key authentication protocol for open peer-to-peer systems.
To establish its usability in real life systems by implementing the authentication protocol for email users.
To experiment with trust policies developed through the application of public key authentication protocol.
Byzantine Fault Tolerant Public Key Authentication in Peer-to-Peer Systems
Vivek Pathak and Liviu Iftode
Computer Networks, Special issue on Management in Peer-to-Peer Systems: Trust, Reputation and Security, Vol 50/4, March 2006.
Improving Email Trustworthiness through Peer-to-peer Sender Authentication
Vivek Pathak and Liviu Iftode
Peer-to-peer Sender Authentication for Thunderbird
This thunderbird extension implements Byzantine fault tolerant public key authentication as an overlay over SMTP. Authenticated public keys are used to provide sender and content authentication in a transparent manner. The user is permitted but not required to make any trustworthiness decisions. Please note the license governing the downloaded software .
Plugin for Thunderbird 2.0 on 64 bit Linux.
Plugin for Thunderbird 2.0 on 32 bit Linux.