Problems in Reputation based Methods in P2P Networks

Transcription

1 WDS'08 Proceedings of Contributed Papers, Part I, , ISBN MATFYZPRESS Problems in Reputation based Methods in P2P Networks M. Novotný Charles University, Faculty of Mathematics and Physics, Prague, Czech Republic. Abstract. The P2P network's open and anonymous nature offers an almost ideal environment for malicious activities. One of the most effective methods, which should prevent malicious peers from subverting the system, is based on reputation. The reputation management offers possibility to detect malicious peers and avoid cooperation with them. The reputation management is mostly used only on the application layer. We focus on two open issues in the current methods which are connected with P2P layer: identity creation and routing table maintenance. We propose the new solutions of this issues which integrate a reputation on the overlay layer. Introduction The P2P network's open and anonymous nature offers an almost ideal environment for malicious activities. Anyone can participate on the P2P network and share resources without restriction. Malicious peers can exploit such environment to spread spurious content, override regular content or subvert communication between peers. The P2P networks must have a method to deal with this activities. Methods which are based on reputation have been investigated in recent years. The fundamental of this method is a reputation value which expresses an expected peer's behaviour based on observation of past behaviour and information from other peers. Although this methods have proven to be the most effective, there are still some important deficiencies which deserve our attention. This paper describes problems which are common to all current reputation techniques and drafts the possible solutions. We focus on two problems: identification creation and routing table maintenance. Both of those problems are weakness of current solutions and are connected with the P2P layer. The reputation management is mostly used only on the application layer. Our solution integrates reputation management on application layer into overlay layer. Overlay network is a virtual network created on top of another network and creates a basic communication environment for P2P network. Identification creation Every peer connected to the P2P network needs an unique identification which is created before the peer joins to the network. This identification determines the peer's position in the overlay network and designates the keys which are placed in its repository. The prevailing method of identification creation is based on asymmetric cryptography, where the identification is securely derived from the peer's public key. Every peer generates a key pair and its identification before it connects for the first time. This process is vulnerable in two ways: At first, the node can influence its position in the overlay network. The malicious node can generate key pairs so long until it finds the one, which has desired identification. If the node wanted to an exactly specific identification the cost would be too high. But the malicious node manages with identification which is sufficiently close to the desired one. For instance, the overlay network based on the distributed hash tables (DHT) Kademlia [1] uses a XOR metric. If the node wants to achieve placing the key K into its repository it must have an identification I, which is the closest to K in the XOR metric. The needed proximity depends on the filling of the identification space. There is no defence against such behaviour in a completely decentralized environment. In a partially decentralized environment, the trusted node can control assignment of identifications and avoid choosing the identification, which the node wishes. The second vulnerability consists in the fact that one physical node is able to create more virtual identifications. If a single malicious entity presents multiple identities, it can control a significant part of the 235

2 NOVOTNÝ : PROBLEM IN REPUTATION BASED METHODS IN P2P NETWORKS system. This attack is called Sybil Attack [2]. Similar problem is the possibility to create a new identity after the original identity gains a bad reputation (called whitewashing). The usual defence against artificial identities consists in costly identifiers. The node must consume a significant amount of resources or have human assistance before gains a new identification. This methods are easy to use in a system with a centralized login server, but it is difficult to apply it in a completely decentralized environment. Moreover, the use of costly identifiers isn't faultless solution because malicious peers with infinite resources can still create false identities. Other methods rely on mapping virtual identities into a physical one. For example, method called IP based safeguard (used in [3], [4]) divides address space into subsets and then independent calculation proceeds in each subset. This assumes known mapping between IP address and node's identification and it is unusable in the network, where we require anonymity. Distributed identification generation We suppose a fully decentralized and anonymized P2P network. Every peer has an asymmetric key pair and an identification securely derived from its public key. Other peers don't know mapping between IP address and the node's identification, but have a reliable way of delivering a message to the peer according to its identification. Moreover, every peer can be malicious and we can not expect its correct behaviour. The network use reputation management to reduce the probability of cooperating with malicious peers. If a new node wants to join the network, it needs an identification and an initial reputation. We propose algorithm based on reputation management which produces the identification for a new peer, see Figure 1. Figure 1: Distributed identification generation. The protocol has this steps : 1. The node contacts n random chosen peers (verifiers) and asks them for an identification creation. 2. The verifiers use CAPTCHA to check whether the node represent a human identity. 3. After the successful human check the verifiers send their restriction on the public key of node. For example, the SHA 1 hash of public key with a specific initialization vector must have at least z bits zero. 236

3 Discussion NOVOTNÝ : PROBLEM IN REPUTATION BASED METHODS IN P2P NETWORKS 4. The node generates key pairs so long until it find a pair which fulfil all restrictions. 5. The node sends the public key to the verifiers. 6. The verifiers check the own restriction and create a certificate which proves node's authenticity. This certificate is spread through the reputation management. The certificate is valid only a limited time, its purpose is to give the node a chance to prove its trustworthiness. The protection against artificial identities has two steps. The node needs human assistance to fill up CAPTCHA in the step 2 and consume resources to key generation in the step 4. The step 4 avoids generation arbitrary identifiers as well. The node have a chance to chose the strength of restrictions according to its performance. The strength of the restriction is expressed by the probability P, that a randomly generated key fulfils the restriction. This probability is included in the certificate and is used to determine node trustworthiness. The more difficult key generation means higher reputation. The certificate includes information only about one satisfied restriction, but the node has to fulfil all restrictions. Hence, the nodes have to prove their identity by all certificates. On the basis of all these certificates, every peer is able to compute amount of work, which the original node consumed on identifier's generation. It is possible that one or more verifiers is malicious and helps other malicious peers to gain a new identifiers. The integration into reputation management should avoid this. The peers ignore certificates signed by low trustworthy verifiers. Further, it is possible that malicious node with a lot of resources fulfils all restrictions and generates several artificial identities. This identities have a high initial reputation but only for limited time. If the node does not prove its trustworthiness in next transactions, it will lose the reputation. Open problems and Future Work The malicious requirement on the node identifier can be considered as an additional restriction in the step 4. Let's suppose that the additional restriction (called malicious restriction) requires that a derived key is equal with a specific key at least in p bits. The high efficient node is able to fulfil the malicious restriction together with restrictions from the verifiers. The type of malicious restriction depends on the metric which is used in the overlay network. Our goal is to propose the set of restrictions which is difficult to fulfil together with restrictions from the verifiers. Routing table maintenance In an overlay network, a message goes through the several peers (hops) before reaching its final destination. Every peer makes a decision on the next hop according to its routing table. The routing table is built as a result of the cooperation of a number of peers. Each hop can forward a message to an incorrect successor or not forward it at all. This behaviour can be caused by a malicious character of the peer or by a wrong record in the routing table. Adversaries can send a message with an incorrect routing update and invalidate the routing tables of other peers. One solution is to define strong constraints on the set of peers which can fill slot in the routing table [5]. But these constraints reduce the possibilities of the algorithm that uses network proximity to improve routing efficiency by selecting a proper peer on each slot in a routing table. A better solution uses two routing tables, one for efficient routing, and one that constraints routing entries [6]. The first routing table is used for normal operation and the second one only when the first attempt fails. Using reputation management in routing table maintenance We integrate reputation management into routing table maintenance. The peer can reject a routing update from the peer which is not trustworthy. However, trustful peers can spread incorrect routing updates as well, moreover the rejection of many updates can result into lack of routing information. We propose the system, where every peer holds probability for each routing entry, which represents the probability of successful delivery of messages sent through this route. The probability cannot be replaced by peer's trustworthiness because this value does not refer to one peer only but describes a behaviour of all peers on the path. In addition, the real probability can change any time, because the hops on the path were changed. This value is distributed within the routing updates or through reputation management. 237

4 NOVOTNÝ : PROBLEM IN REPUTATION BASED METHODS IN P2P NETWORKS There are two aspects which the node must take into account before accepts a new routing on the basis of information from other peers (referees): the referee's trustworthiness and where the routing was in the routing table on the referee. The position in the routing table designates how many peers were reachable through this routing entry and determine the usability of information about the delivery probability. Implementation in Pastry Each Pastry [7] node has a unique 128 bit nodeid, which is considered as a sequence of digits with base 2 b. A routing table is organized into log 2b (N) rows with 2 b 1 entries each. The 2 b 1 entries in row n of the routing table refer to a node whose nodeid match the current node's in the first n digits and n+1th digit has one of 2 b 1 possible values. Each entry in the routing table refers to one of potentially many nodes whose nodeid has the appropriate prefix. The original Pastry chooses the closest to the current node according to network proximity. Our approach allows to take into account network proximity and path reliability together. Let us consider the situation where a peer makes a decision about insertion a new routing entry. The peer has information from n referees. Each referee i provides this information: P i the probability that messages sent through this route reache final destination (from the referee's point of view). R i row number in the routing table on the referee. The reputation management adds value T i, which represents the referee's trustworthiness. The probability P is calculated as weighted average of P i, where weights reflect referee's trustworthiness and position in its routing table, as shown in Figure 2. R represents the row number where a new entry will be inserted. P= n i =1 n i =1 P i = T i 2 b R i R Figure 2: Derivation of the probability of the message delivery according to information from the referees. If the R = R i the weight is equal to referee trustworthiness. Otherwise, the weight is proportional to the ratio of amount of nodes which were reachable through this route on the referee, to amount of nodes which will be reachable through this route on this node. Discussion Every peer is able to calculate estimate probability of the message delivery for each node. This probability along with information about network proximity is used for the decision if the node is reliable for a given entry in the routing table. The routing table growths by one real value for each routing entry. This value should be updated after each successful or failed message sending. It is preferable to keep two values which represent numbers of delivered and failed messages. The desired probability can be calculated from these values any time. When the node creates a new routing entry it initializes numbers of delivered and failed messages according to the obtained probability and a number of nodes which are reachable through this route. Open problems and Future work There is one fundamental problem which we have not mentioned yet. The path between nodes can be changed any time, hence the value connected with this path is changed too. Moreover, behaviour of some nodes on the path can change too. The node can not sufficiently react to rapid changes because it gathers information only from its experience. The further solutions should invoke recalculation after some changes or time. Nevertheless, this method is unusable in the network, where we expect frequent changes. The future work should verify this method in the simulation. 238

5 Conclusion NOVOTNÝ : PROBLEM IN REPUTATION BASED METHODS IN P2P NETWORKS In this paper, we presented the two problems which are connected with peer to peer networks. Both related to the overlay which P2P networks are built on. In the first proposal the peers cooperate to create a new identification for a newcomer, the goal is to forbid creating a new identification whenever the malicious peer likes. The second proposal use information from other peers to choose the next hop with the maximal probability to deliver message to receiver. The fundamental of both proposals is an integration of reputation management, which is used on the application layer. The advantage of this integration is possibility to share information between the application layer and overlay layer. References [1]: P. Maymounkov, D. Maziéres. Kademlia: A Peer to peer Information System Based on the XOR Metric, In 1st International Workshop on Peer to peer Systems, pp , 2002 [2]: J. R. Douceur. The Sybil Attack, Microsoft Research, pp , 2002 [3]: L. Yu, W. Susilo, R. Safavi Naini. X2BT Trusted Reputation System: A Robust Mechanism for P2P Networks. The 5th International Conference on Cryptology and Network Security (CANS 2006), Lecture Notes in Computer Science 4301, pp , Springer Verlag, 2006 [4]: P. Dewan, P. Dasgupta, PRIDE: Peer to Peer Reputation Infrastructure for Decentralized Environments, In: WWW Alt. 2004, pp ACM Press, New York, 2004 [5]: E. Sit, R. Morris. Security Considerations for Peer to Peer Distributed Hash Tables, Proceedings of the 1st International Workshop on Peer to Peer Systems, pp , 2002 [6]: M. Castro, P. Druschel, A. Ganesh, A. Rowstron, D. S. Wallach. Secure routing for structured peer to peer overlay networks, OSDI '02: Proceedings of the 5th symposium on Operating systems design and implementation, pp , 2002 [7]: A. Rowstron, P. Druschel. Pastry: Scalable, decentralized object location and routing for large scale peerto peer systems". IFIP/ACM International Conference on Distributed Systems Platforms (Middleware), Heidelberg, Germany, pp