marcin matuszewski marcin.matuszewski@nokia
DESCRIPTION
P2PSIP Security Analysis draft-matuszewski-p2psip-security-requirements-02 draft-song-p2psip-security-eval-00 71st IETF - Philadelphia, PA, USA P2PSIP WG Meeting. Marcin Matuszewski [email protected] Jan-Erik Ekberg [email protected] - PowerPoint PPT PresentationTRANSCRIPT
P2PSIP Security Analysis
draft-matuszewski-p2psip-security-requirements-02draft-song-p2psip-security-eval-00
71st IETF - Philadelphia, PA, USA P2PSIP WG Meeting
Marcin Matuszewski [email protected] Jan-Erik Ekberg [email protected] Pekka Laitinen [email protected] Song Yongchao [email protected] Y. Zhao [email protected]
Challenges Facing P2PSIP Security
• Nodes in the overlay are highly autonomous– They could do what they want to do
• The functions of the overlay – Realized by the services between peers– Two basic services: routing service and storage
service
• So the requested actions from the peers who provide service are suspicious– It may not be served according to the service
agreements
P2PSIP Security Analysis
P2P
Layers
Application
Distributed storage/ replication
Routing maintenance/KBR/NAT/FW traversal
Transport Security with each layer must be considered
List some of security threats, not Complete!
Security On Routing
• Intermediate peers may– Discard the message– Forward to the wrong next-hop– Modify messages before forwarding
• Open issues– Should the peer (As a Client) check whether
the peer (As a Server) serve the request properly?
– Or just ignore these misbehavior?
Security On Routing
• Any peer who is on the path to the destination peer May– Claim it is the peer being responsible for the
key– It also called Identity Attack
• What could the peer sending the message do?– Accept the results unconditionally– Or do some check?
Security On Storage
• A malicious peer may – Publish a large amount of useless data into
the overlay?– It may make valid PUT operation fail?
• Open issue– Does the P2PSIP need a mechanism to
prevent or reduce the adverse effect?
Security On Storage
• Any peer may – Put malicious information, such as a victim’s r
eachability information;– May launch DDoS attack on the victim;
• P2P overlay Should not be a DDoS engine by attackers
Discussions
• What’s the scope of the security considerations?– Ignore most of the malicious behavior while
designing protocol?– Or establish framework to reduce the adverse
effect from the malicious behavior?
• Are the security considerations proposed in current proposals enough?