Download - Marcin Matuszewski marcin.matuszewski@nokia
![Page 1: Marcin Matuszewski marcin.matuszewski@nokia](https://reader036.vdocuments.us/reader036/viewer/2022082407/56812bad550346895d8fdcd2/html5/thumbnails/1.jpg)
P2PSIP Security Analysis
draft-matuszewski-p2psip-security-requirements-02draft-song-p2psip-security-eval-00
71st IETF - Philadelphia, PA, USA P2PSIP WG Meeting
Marcin Matuszewski [email protected] Jan-Erik Ekberg [email protected] Pekka Laitinen [email protected] Song Yongchao [email protected] Y. Zhao [email protected]
![Page 2: Marcin Matuszewski marcin.matuszewski@nokia](https://reader036.vdocuments.us/reader036/viewer/2022082407/56812bad550346895d8fdcd2/html5/thumbnails/2.jpg)
Challenges Facing P2PSIP Security
• Nodes in the overlay are highly autonomous– They could do what they want to do
• The functions of the overlay – Realized by the services between peers– Two basic services: routing service and storage
service
• So the requested actions from the peers who provide service are suspicious– It may not be served according to the service
agreements
![Page 3: Marcin Matuszewski marcin.matuszewski@nokia](https://reader036.vdocuments.us/reader036/viewer/2022082407/56812bad550346895d8fdcd2/html5/thumbnails/3.jpg)
P2PSIP Security Analysis
P2P
Layers
Application
Distributed storage/ replication
Routing maintenance/KBR/NAT/FW traversal
Transport Security with each layer must be considered
List some of security threats, not Complete!
![Page 4: Marcin Matuszewski marcin.matuszewski@nokia](https://reader036.vdocuments.us/reader036/viewer/2022082407/56812bad550346895d8fdcd2/html5/thumbnails/4.jpg)
Security On Routing
• Intermediate peers may– Discard the message– Forward to the wrong next-hop– Modify messages before forwarding
• Open issues– Should the peer (As a Client) check whether
the peer (As a Server) serve the request properly?
– Or just ignore these misbehavior?
![Page 5: Marcin Matuszewski marcin.matuszewski@nokia](https://reader036.vdocuments.us/reader036/viewer/2022082407/56812bad550346895d8fdcd2/html5/thumbnails/5.jpg)
Security On Routing
• Any peer who is on the path to the destination peer May– Claim it is the peer being responsible for the
key– It also called Identity Attack
• What could the peer sending the message do?– Accept the results unconditionally– Or do some check?
![Page 6: Marcin Matuszewski marcin.matuszewski@nokia](https://reader036.vdocuments.us/reader036/viewer/2022082407/56812bad550346895d8fdcd2/html5/thumbnails/6.jpg)
Security On Storage
• A malicious peer may – Publish a large amount of useless data into
the overlay?– It may make valid PUT operation fail?
• Open issue– Does the P2PSIP need a mechanism to
prevent or reduce the adverse effect?
![Page 7: Marcin Matuszewski marcin.matuszewski@nokia](https://reader036.vdocuments.us/reader036/viewer/2022082407/56812bad550346895d8fdcd2/html5/thumbnails/7.jpg)
Security On Storage
• Any peer may – Put malicious information, such as a victim’s r
eachability information;– May launch DDoS attack on the victim;
• P2P overlay Should not be a DDoS engine by attackers
![Page 8: Marcin Matuszewski marcin.matuszewski@nokia](https://reader036.vdocuments.us/reader036/viewer/2022082407/56812bad550346895d8fdcd2/html5/thumbnails/8.jpg)
Discussions
• What’s the scope of the security considerations?– Ignore most of the malicious behavior while
designing protocol?– Or establish framework to reduce the adverse
effect from the malicious behavior?
• Are the security considerations proposed in current proposals enough?