Securing private peer-to-peer networks
ForfatterFredriksen, Lars A.
This thesis describes the research of grading security in private Peer-to-Peer (P2P) networks, and ultimately the development of “The Socialized.Net Embedded – Cryptography Version” (Tsnecv). Tsnecv is a revision of “The Socialized.Net Embedded” (Tsne) which is the embedded version of Njål Borch’s doctorate “The Socialized.Net”. Tsne is a P2P file sharing application which builds it private P2P network as an Ad-Hoc or Distributed Transient Network. Tsnecv focuses on applying different levels of security to the network with respect to authentication of peers and access to resources, primarily through the use of public key cryptography and assignment of varying trust to peers that meet in the network. The goal is to establish secure authenticated communications in such a way that peers may be assigned different policies with respect to access of files and resources, and in this way introduce different levels, or rather grade the security and trust of other peers. An exiting feature is the possibility to use a wireless device to perform a search among the files of all your friends’ and friends’ friends, or other people you have passed by, and automatically having your living room media PC stream the live audio. Files are accessed based on user groups. Someone who forms an Ad-Hoc (spontaneous) network with your wlan unit while passing you by, may autonomously assign you a low trust level, and thus probably access to few or no files. Your close friends however, may grant you access to everything but their most private files. An important aspect was attempting a transparent integration between Tsne and the new levels of security and the mechanisms used to obtain them. It was attempted to inconvenience the users as little as possible, while keeping the accessibility of available resources as high as possible for all peers, while still allowing as much control as possible. Not only is it important to be able to grade the security at different levels, but it would be nice if users did not have to stop and ask each other for passwords, keys, secrets or to carry memory sticks in case they meet someone new and interesting. In other words, to keep the autonomy as intact as possible and the resources plentiful while allowing peers to control access to their shared resources. Public (as in asymmetric) key encryption was the choice of tool to achieve authentication of nodes. Web Of Trust was used as a starting point for the exchange of keys, but Tsnecv grades both nodes and networks at different levels of security, so in some cases you may meet someone new and exchange a key autonomously and publicly, but still consider the security of the key and the association of an identity to the key strong enough to securely authenticate a peer at a later time. Keywords: P2P private peer-to-peer trust security access authentication
ForlagUniversitetet i Tromsø
University of Tromsø
Følgende lisensfil er knyttet til denne innførselen: