1(11) Peer to peer networking

Transcription

1 1(11) Peer to peer networking Carl Berg Chalmers 2005

2 2(11) Table of contents Introduction Abstract 3 History 4 Technical overview 5 Comparison to the client/server approach 6 Requirements of an effective P2P network 7 Problems with P2P networks 8 P2P security 9 Uses/Areas of P2P 10 Future of P2P 11 Conclusion 11 References 11

3 3(11) Introduction - Abstract P2P or Peer to peer is described by whatis.com as a communication model in which each party has the same capabilities and each party can initiate a communication session. This communication model differs a bit from the more traditional client/server communication model. The P2P model can be described as giving each node in a network both client and server capabilities. On the Internet, the P2P model can typically be used for a group of computers with the same software to connect with each other to share files and communicate within the group. Technically there is a distinction between P2P systems as centralized or decentralized systems. The centralized system is characterized by one or more main servers that keep information about the content of the network and where it's located. The server can then be queried by the nodes that can then find out where the information or data is located and then initialize a session with that node. The decentralized system does not use a central server to manage the network and nodes. In this model, a node entering the network has to make a connection to one of the nodes already in the network. Queries are then propagated through the network between neighboring nodes. There are also hybrids between these two models, for instance where some nodes may have more bandwidth and processing power, they can act as supernodes or servers for weaker nodes.

4 4(11) History P2P systems emerged in the late 1990's on a global scale with the flagship software called Napster. Napster was then a software used for file-sharing and instant messaging between nodes in a network. Napster's user friendly interface along with cheaper Internet connections made it very popular and provided home users to download music to their computers for free. Napster's popularity however became a big concern to record companies and in 2000, Napster was sued by the rock band Metallica. This started a costly legal battle between record companies and Napster. In 2001 they reached an agreement that Napster was to become a service for paying customers. The Napster network was then shut down until the new version of Napster was finished in The end of Napster as a free way to download music was thought to be the death of P2P systems, but actually caused a variety of new P2P file sharing software of different kinds to emerge like Kazaa, Gnutella, edonkey and more. In the last few years there has also emerged software for other uses than file sharing. Skype is a new and free P2P system for making phone calls over the Internet. Skype has quickly become a successful company and recently launched a service for making phone calls to the regular telecom-network from the Skype-program. The P2P evolution of file sharing software is often divided into three generations. The first generation with applications such as Napster used a centralized network with a few main servers keeping information of nodes and files in the network. This was a quite simple approach to P2P, where queries were made to the server which replied with files that matched the query on the nodes attached. This easily maintained model however made it easy for the network to be shut down, simply by shutting down the central servers. The second generation after Napster s demise with applications like Gnutella chose a different approach to P2P. These applications chose the de-centralized type of P2P networks, which could not be shut down through a few main servers. A new node connects to a certain number of hosts, already in the network, which would become your neighbors. Searching in this type of network would start with sending queries to the neighbors, who would propagate the query to their neighbors and so on. The main advantage of this would be that there is no need for a central server which could be shut down. The disadvantage of this is that searches could be very slow and sub-networks, without connection to the whole network, could be created. The third generation kept the idea of a de-centralized network, but created a few enhancements to the main idea, such as supernodes which means that certain nodes with good resources would act as a server for a part of the network. There are quite a few applications that use this kind of P2P model, such as Kazaa, Morpheus and Grokster which are all connected to the same network called Fasttrack. Fasttrack has also had a few legal problems but it still remains operational and may be the largest P2P network today.

5 5(11) Technical overview The Centralized P2P network (Napster) The centralized P2P network is not considered to be a pure P2P network as it uses the client/server model to some extent. The client/server model is often used to organize the network and storing tables or hash tables with the contents and information of the nodes with their corresponding IP-addresses. Connections or sessions can then be established directly between nodes in the network without a server needed. The main advantage of this kind of network is the simplicity. Nodes can easily be connected and disconnected from the network just by notifying the server. Searching in this kind of network is also an easy task as the server keeps all the necessary information about the network. The server can reply with information such as which nodes that have a certain file and their respective connection speed. The main drawback of this kind of network is the server. If the server is crashes or is shut down, the whole network is shut down and nodes have no means to contact each other. This makes the network vulnerable but from a legal and a security point of view. However, this is not a problem only for the P2P system, but comes more from the general client/server implementation. There can be improvements to the problem, such as having more than one server and potentially a hierarchical server system, but it is still more vulnerable than for example a pure de-centralized system. The De-Centralized P2P network (Gnutella) The de-centralized P2P network is considered to be pure P2P as no servers are involved. Every node in the network acts as its own client/server. Nodes can enter and leave the net without any server knowing about it. The main advantage of this kind of network is the lack of central which makes this it virtually impossible to shut down. The main drawback in this kind of system is its complexity. As no point of authority is given in the net, there s no way for nodes to know who has the information it needs. Therefore every searching node needs to propagate their searches through the network. The propagation of searches in this kind of network is called flooding. The query passes through every node in the network and every node has to function as a router for the query and pass it along. If the information queried for is found, a reply can be sent back using the same path as it had arrived. To avoid a broadcast-storm in the network, each search has a time-to-live counter that decreases with the hop count as it propagates throughout the network. The problem with the de-centralized network is that slow nodes with low bandwidth and slow computers can introduce choke-points in the network, slowing down the propagation of searches, and so far there has been no solution except for the introduction of supernodes, which would make the network a hybrid P2P.

6 6(11) Hybrid P2P network (Kazaa) The hybrid P2P network is generally considered to be a de-centralized network, as there are no fixed servers within the system. However, the hybrid P2P is not a pure P2P network as the network can allow certain nodes to act as local servers. These servers are called supernodes, and consist of regular nodes with high bandwidth and good processing capabilities, that acts as a local server for some nodes and also connects to other supernodes. The supernodes are not chosen beforehand, but as they enter the network, which makes the network very dynamic. This hybrid kind of network has the advantages of both centralized and decentralized network. Searches are more quickly propagated in the network as the introduction of supernodes can prevent choke-points from slowing down searches. The possible drawback is that this kind of network may not be as fast as a centralized network and the de-centralized model will cause more search-traffic in the network, but otherwise this kind of network has mainly the advantages centralized and de-centralized networking. Comparison to the Client/Server approach The client/server architecture is a very common architecture used heavily in networks and on the Internet. Despite the popularity of the architecture there are some problems evident. Some of these are: Robustness The services in a client/server based network are fragile. In a pure client/server network, the availability of a service relies on a server running on a single machine and one or a few communication-links that connect the server to the network. Resilience Scalability High demand If services become interrupted, they will remain unavailable until the faulty device has been replaced. As the client/server services grew more popular, the number of users being able to be serviced does not grow as fast. As the user request for services can vary depending on the time of day or month, sport events etc, the equipment can easily become overloaded. Vulnerability As a server poses as the single point of service in this kind of system, it will become vulnerable to attacks, especially denial of service, but also masquerading and data pollution. These problems are of course well known and have to some extent been solved. For example redundancy can be worked into the system to prevent a crash or device failure to cause the service to go down. Backup and information recovery systems exist to bring a service back quickly. Some servers can reside on machines that has been altered to give less functionality for anything else than service, thus preventing the machine from attacks. In comparison to the client/server server problems, the P2P architecture has the following characteristics: Dependency The P2P architecture is much less dependant on individual devices and the sub network, where a server would reside. Resilience Scalability The P2P architecture also has an improved resilience as sought after files exist in multiple copies. The scalability is also improved in comparison to client/server architecture. The service-capacity can grow close to proportionally to the number of users, as the users themselves can provide with resources.

7 7(11) High demand Vulnerability P2P systems are less vulnerable to high-peak demand. This is because the load is divided between different nodes and different physical locations. P2P systems are less vulnerable to attacks as an attacker would have to attack the whole network to be able to interrupt a service. Requirements of an effective P2P network For a P2P architecture to be constructed, a specification of the infrastructure and how the nodes in this structure should interact, has to be made. Some important issues here are: Network Protocols Name conventions Metadata Search mechanism Software A physical network with an appropriate scale has to exist. The Internet is an example of such a network with wide availability in which P2P services could be implemented. Protocols have to be implemented to provide a platform for communication between nodes in the network. There exists a few protocols today, and more are being researched. Nodes in the network needs to have ways of identifying themselves. For example the socket information (IP-address, port number etc) or an application-specific naming convention could be used. There would also be a need for naming of the digital information in the network. A common approach for this is to generate a hash-string of the binary data within the file. This would cause files with different names, but the same data to be identified as the same file. Files within the network would need some kind of describing data, for instance originator, publisher, title, date and version. When sharing information in a network, there would be a need for a way to search the network for the file or data you want. Searches can be implemented to stop when one matching file is found, or to stop when a certain number of hits has been accomplished. A software would be needed that would implement the client and server functions needed. There exist a lot of applications and often multiple applications within the same network, which would require the software to use common standards and protocols.

8 8(11) Participants For a network to be formed at all there has to be participants. There are various ways for a network to get participants. - Central provision: A school, university or company may choose to make their devices available. - Volunteer users: Users may choose to contribute with computer resources or memory space for a project. A project like this is seti@home, where users in the network contribute by letting their machines perform calculations and sending back the results. This is not really a P2P-network as the network mainly functions with a client server approach. - Service using: Users may join the network because they want to use the service provided by the network. This is currently the most common approach for getting participants to the network. Problems with P2P networks So far the main thing discussed in this report has been the advantages of P2P systems, but as with most technologies, there are drawbacks and problems. One of the main problems in the P2P systems today are attacks like masquerading, such as falsified files that don t match its descriptors, and pollution attacks, like altered versions of known files. There are solutions to these problems like hashing of file-content and digital signatures, much like client/server architectures use. However these solutions can produce a new set of issues like: Determinism Central control Security Client/server architectures embody determinism, whereas P2P systems behave more unpredictably and volatile in the locations of processing services and digital files. This can cause the following problems: - Attempts to revisit old locations of files that may not still be there. - Trust-based dealing with particular organizations may be difficult to achieve. The lack of central control can make it difficult to avoid chokepoints in the network. It is also difficult to establish authority in a P2P network and users are difficult to trace and be accounted for. Therefore some P2P networks will be used for purposes of violating copyright laws and such. As always, security flaws will emerge, and be dealt with over time as protocols and applications are modified to provide better security. Today, file sharing applications often embed different typed of spyware or adware in order to make money from software that otherwise is free.

9 9(11) P2P Security Security in P2P systems is perhaps the major drawback that prevents use of P2P in company networks. Misuse of a file sharing program could cause secret company information to become public for the rest of the world to see. With the use of file sharing P2P applications come a few security issues: Theft Bandwidth Bugs Encryption cracking Virus and Trojans Companies could potentially loose millions of dollars due to stolen property such as source code etc. For example; source code could be compressed in a zip-file and disguised as something else, a P2P application could share the file that could be downloaded by anyone within the same network. A file sharing application in a company or an organizational network could cause the system to slow down significantly. For example have school or campus networks become overloaded due to students using the quick internet connection in school for file-sharing. Bugs in unproven P2P applications could potentially crash a system with important services, causing a company to loose money. Distributed P2P processing is a well known type of use in P2P systems. In significant networks, this could cause a dangerous cracking mechanism. A brute force attack on encrypted systems can be an easy task if the network is large enough. In 1999 Distributed.Net and Electronic Frontier Foundation launched a brute force attack on the 56-bit DES encryption algorithm. The algorithm was broken within 24 hours and Distributed.Net was able to test 245 billion keys per second. At the time, the 56-bit DES algorithm was the strongest encryption the US government allowed for export. P2P applications and applications downloaded with P2P applications could easily contain viruses, trojans or backdoors. The modified applications could then be used for extracting information from the infected computer or giving an intruder access to your system. A hacked P2P program could also give access to files the user has not chosen to share.

10 10(11) Uses/Areas of P2P There are a few different areas in which P2P systems have become popular and useful. The architecture first became popular through the various file-sharing systems that have been discussed thoroughly throughout this report. There are however more areas where P2P systems can be used. Examples of a few different areas: File sharing Calculation Storage Instant Messaging Telephony This is a widely used type of P2P-system. Its main usage is to distribute files within a network. This might however also be a good idea for companies and workgroups to be able to share files. It could also be a forum for free publications. An example is the seti@home P2P system that uses computers within the network for calculation and analyze of data picked up from telescopes in the search for extra terrestrial life. This kind of network is used mainly for calculation of data and is not a pure P2P system, the data is sent to a server when analyzed, however it is an important example of a possible use of a P2P system. There also exist other calculation networks like code-cracking networks for testing different encrypting algorithms. Many computers today are connected to the Internet and have more storage capacity than they need to use. An idea would be to use a P2P system to be able to use extra storage capacity within a network. The storage would have to be redundantly distributed and well encrypted, but it might be a good idea to use extra storage available, just like the extra processing power that can be used in the calculation system, described above. P2P systems are often used within instant messaging (like icq, aol, yahoo, msn messenger). Centralized P2P-systems can successfully be used to initiate conversations, chats, file transfers, work presentations. A node or user can initiate contact with a central server who keeps track of all the users within the system who can establish contact and sessions with each other. An emerging use of P2P systems is internet telephone communication, where users can initiate contact and talk to each other. Like instant messaging, users will log into a central server who keeps track of users that are online and offline. Users can then, with help of their computers, headset or a connected telephone talk to other users. An application that provides this type of service is Skype (developed by Niklas Zennström who also has been working on the file sharing application Kazaa). Skype has evolved over a few years and also has a paying service where users can make phone calls to the regular phone network (Skype Out) as well as taking calls from the regular phone network (Skype In). Skype In is their latest addition to their list of services and is in the writing moment available in Sweden, Denmark, Finland, Great Britain, France, Hong Kong and USA. Internet telephony is an interesting new field in the P2P networks, and shows that there is also a commercial value in P2P networks.

11 11(11) Future of P2P It is fair to say that P2P systems are playing an important role in the use of the internet today. Even if file sharing possibly still is the largest use of P2P systems at this day, there exist other areas of use. In the near future it is likely that there will appear more use for P2P systems. P2P systems will never replace the client/server architecture, as some information will need authentication to be accessed and P2P systems are constantly victims of change and are still considered a bit unstable for important information. However the open source community have adapted more quickly to the use of P2P systems. Linux distribution and Linux application are often made accessible through P2P systems like bittorrent. This would be an advantage, not needing to have expensive high demand equipment to host files, but using a P2P system for distribution as there are likely other users with the files you want. Non commercial and free software will probably use P2P systems more frequently to reduce costs of hosting files themselves. So far only a few major organizations have developed or talked about P2P systems. A corporative use of P2P could be the share of information. Companies often try to open up their organization and share competence among its employees and P2P could be a tool for this. The P2P system is likely considered to be a too unstable platform of communication at this point. Another disadvantage is that P2P applications can slow a system down by using a lot of bandwidth and computational power processing searches and uploading files for instance. There is certainly a future for P2P systems although they need to be proven from a security point of view to be used also in the corporate world. Conclusions P2P is a potent architecture with interesting possibilities for the future. It is no replacement to the client/server architecture, but a good compliment. Its drawback of increasing bandwidth use is not an important issue to home users as high speed internet connections is becoming cheaper with time. System critical files distribution will probably always take place with a server/client architecture, as P2P architecture still is considered unstable and not secure enough, but P2P shows a lot of promise and security issues is constantly being dealt with. P2P systems will certainly be used in the future as well and probably in other areas of communication too. Even if file sharing is main usage today, there will probably emerge a lot of new technologies in the future using P2P. References 1. P2P Networks 2. Peer-to-Peer (P2P) - An Overview 3. Between rhizomes and trees: P2P Information Systems 4. Mac-P2P.com: Peer to Peer (P2P) Introduction and History 5. The P2P Report - Knowledge Management Research Center CIO