P2PWNC Wireless Community Network

1
P2PWNCWireless Community Network

• CMSC 711 Computer Networks
• Yee Lin Tan
• Adam Phillippy

2
Introduction

• Ubiquitous Internet access is a necessity
• Email, web, VoIP, messaging, remote network
  access
• Current state
• Internet access far from ubiquitous
• Required infrastructure not yet in place
• Wireless Internet Service Providers (WISPs)
• Coverage limited to selected hotspots
• Wireless LAN (WLAN)
• Deployed in homes, schools, airports, etc.
• Idea
• Why not unite all WLANs to provide ubiquitous
  access to the Internet?

3
Peer-to-Peer Wireless Network Confederation
(P2PWNC)

• Framework for uniting WLAN hotspots
• Community of administrative domains that offer
  wireless internet access to each others users
• P2P network of domain agents (DA)

4
Peer-to-Peer Wireless Network Confederation
(P2PWNC)

• Administrative Domain
• Examples
• Residential hotspot with 1 access point
• WISP with access points in many locations
• Domain Agent (DA)
• Each administrative domain maintains 1 DA
• Physical node that represents the WLAN
• Responsibilities
• Regulates wireless service provision and
  consumption
• Eliminates need for roaming agreements

5
Peer-to-Peer Wireless Network Confederation
(P2PWNC)

• Simple accounting mechanism based on
  token-exchange
• When roaming in another P2PWNC domain
• To compensate for resources consumed, home DA
  transfers tokens to visited DA

6
P2PWNC Design

• Based on reciprocity
• Domains must provide resources to visitors
• So that their own users can consume resources of
  other P2PWNC domains when roaming

7
Distinctive Characteristics

• Open to all
• No registration or central authority
• Joining P2PWNC is similar to joining a
  file-sharing network
• Free to use
• No barrier to entry
• Reciprocity drives the system
• Autonomous domains
• Each domain decides how much resources it wants
  to provide to visitors
• Protects privacy
• Identity and location privacy

8
P2P Systems

• Communities of economic agents cooperating for
  mutual benefit without centralized control
• Characteristics
• Makes use of otherwise underused resources
• Agent autonomy
• Scalability, fault-tolerance, reliability

9
P2PWNC as a P2P System

• Underused resources
• Residential hotspots typically operate only at a
  small percentage of maximum throughput
• Cost-sharing
• Distribute cost among participating
  administrative domains
• High cost for a single provider to cover large
  areas
• Hardware
• Administration, operations, maintenance
• Decentralized control
• Distributed accounting to track who owes who and
  how much
• Agent autonomy
• Can dynamically adjust provisioning rates

10
Architectural Overview

• Unique logical name for each DA
• Can reuse DNS name
• Registered users
• Local users of a particular domain
• Examples
• Residential hotspot all household members
• WISP all subscribers
• Roaming users
• Visiting users from another domain

11
DA Modules

• Name service
• Maps logical P2PWNC domain names to IP addresses
  of DAs
• Authentication
• Maintains a database of registered users along
  with security credentials
• Traffic-policing
• Logs and shapes internet traffic
• Allocates specific amounts of bandwidth to
  visitors
• WLAN
• Firewall, DHCP, DNS, access point control
• Distributed accounting
• Secure storage of accounting data

12
DA Modules (2)

• Consumer-strategy
• Home DAs consumer-strategy is contacted when
  roaming user wants service
• Decides if transaction should continue
• Pays required tokens to visited DAs
  provider-strategy module
• Provider-strategy
• Decides whether to provide service to visitor
• Decides current service prices

13
DA Modules (3)

• Privacy-enhancement
• Protects identity privacy
• Hides user name and home DA of roaming user from
  visited DA
• Protects location privacy
• Hides visited DA from home DA
• Distributed Hash Table
• Low-level module used by name service and
  distributed accounting

14
Security and Privacy Issues

• Abuse by untrustworthy visitors
• Illegal activities
• Traffic logging by untrustworthy providers
• Possible solution tunneling through trusted
  gateway (e.g. home DA)
• Identity privacy
• Possible solution create a new alias for every
  new connection?
• Identity and location privacy
• Possible solution Mix network

15
Mix network
Peer A (mix 1)
Peer B (mix 2)
Alias_X_at_B MIX, C, STOP, X C B
Alias_X_at_C STOP, X C
Alias_X_at_A MIX, B, MIX, C, STOP, X C B A
Peer P (provider)
Peer C (home)
My P2PWNC ID is Alias_X_at_A
Credentials include real ID and a mix chain
encrypted using nested public-key encryptions
X_at_C
Idea credit David ChaumSlide credit
George Polyzos
16
Economic Considerations

• Optimal system parameters
• Consumer/Provider strategies, token prices
• Secure distributed accounting subsystem
• Monitors peer contribution and consumption
• Uses cryptographically secure tokens (cannot be
  forged)
• Domain strategies
• How to charge usage
• KBytes or hour, current congestions levels,
  identity of consumer
• How to balance conflicting requirements
• Want best possible service for its own roaming
  users
• Must provide service to visitors to earn tokens
  for use by roaming users
• May affect service provided to its own local users

17
Economic Considerations (2)

• Offline DAs
• Problem
• Roaming user requests service from visited DA
• Visited DA unable to contact home DA
• Possible Solution (decentralized version)
• Home DA distributes token allowances to users
• User pays without intervention of home DA
• Token generation
• How DAs first acquire tokens
• Distributed banks generate tokens and distribute
  to new entrants

18
Economic Considerations (3)

• Domain heterogeneity
• Different in terms of
• Coverage size
• Coverage location
• Number of registered users
• Problem
• Domains with few visitors, difficult to earn
  tokens
• Possible solution set high token prices
• More general problem
• How to make sure a few domains dont monopolize
  all tokens?

19
Summary of DA Responsibilities

• Regulate prices for service
• Make sure visitor traffic does not adversely
  affect traffic from registered users
• Ensure best possible treatment for own
  (registered) users that are roaming

20
Business Models - Who can make a profit

• Upstream ISPs that allow P2PWNC may be preferred
  by customers
• Pay-as-you-go domains
• Vendors can sell pre-paid cards containing P2PWNC
  user id and credentials
• Virtual P2PWNC
• Virtual DA obtains tokens from P2PWNC domains
  outside normal interaction model
• Sells tokens in the form of pre-paid cards

21
Business Models Who can make a profit (2)

• P2PWNC domain aggregators
• Host DA for multiple small WLANs
• Similar to web hosting
• Vendors of DA modules
• Provide consumer-strategy and provider-strategy
  modules
• Hotspot indexing engines
• Tune DA parameters
• Security and privacy enhancements

22
Operational Issues

• Need more economic analysis and simulations
• How P2PWNC and token-based incentive operate in
  real-world environment
• Regulatory obstacles
• Some ISPs prohibit sharing of broadband
  connections

23
P2PWNC Implementation

• http//mm.aueb.gr/research/p2pwnc
• GPL Licensed
• AP Linksys WRT54GS
• Firmware
• Client QTEK 9100
• C and Java

24
Implementation Assumptions

• Good
• No central authority
• Users may use unlimited, free IDs
• User consumption is not homogeneous
• Software can be modified/hacked
• Teams (domains) will try and cheat
• Teams will collude
• Not so good
• Team consumption is homogeneous
• Team members trust each other
• ISPs allow connection sharing

25
Teams, users, and receipts (IOUs)
Team AP
Team member
26
Receipt accounting
C
CONN
CACK
RCPT
RREQ
RCPT
RREQ
RREQ
t0 w2
t0 w1
?
RCPT
P
R
provider, team timestamp, weight
t0 w2
27
Centralized
28
Decentralized
R
R
R
29
Decentralized

• One receipt server per team
• Gossiping protocol
• Devices carry a sample of receipts
• Consumers share receipts with providers
• Adds overhead for verifying receipts
• Incomplete view of the receipt graph

30
Receipt graph
F
E
G
G
B
B
A
I
D
D
C
H
C
H
Does C owe H?
31
Maxflow decision

• Probability of me granting you service

What IOU
What you owe me
32
Maxflow (bottle neck flow)
F
E
G
B
A
Min C-H cut
I
D
C
H
33
Abuse

• Uncooperative teams
• Evident from receipt graph
• Other teams will stop providing service
• DOS attacks
• Centralized server is vulnerable
• Decentralized servers have secret IPs
• Teams do not communicate via Internet
• Colluding teams

34
Naive collusion
F
G
X0
B
X2
X1
I
H
C
35
Sophisticated collusion
F
G
X1
B
X2
X0
I
X3
H
C
36
Generalized Maxflow

• Look for collusion hub X0
• Discount suspicious paths
• Discount flow passing through vertices with a
  high sum of outgoing edge weights
• Discount flow passing through many vertices
• Assumes homogeneous team usage

37
Security

• Team leader
• Public/private keys for team identity
• Signs member certificates
• Team members
• Public/private keys for member identity
• All receipts are signed
• Elliptic Curve Digital Signature Algorithm
  (ECDSA)
• Signing faster than verification
• Mobile devices have limited computing power
• No central authority (decentralized)

38
Security
39
Simulation

• Providers and consumers make decisions based on
  benefit-to-cost ratio
• Evolutionary learning
• Providing cost, consuming benefit
• Simulate interaction across 500 rounds
• 1 new team added per round
• 300 total teams

40
Strategies

• Switch to best strategy after each round
• Most teams adopt cooperative strategies
• After 500 rounds
• 175 Reciprocative teams
• 100 Unconditional cooperator teams
• 20 Random cooperator teams
• 5 Unconditional defector teams

41
Strategy
42
Questions

• Will it work in the real world?
• Sporadic usage
• Receipt history flushing
• Is it scalable?
• Maxflow could get expensive
• What about heterogeneous team usage?
• Variable cost of bandwidth
• Who is responsible for the APs traffic?
• Will the RIAA believe it wasnt you?

43
P2PWNC Publications

• Initial idea
• A Peer-to-Peer Approach to Wireless LAN Roaming.
  Efstathiou EC, Polyzos GC. ACM WMASH, 2003.
• Implementation details
• Stimulating Participation in Wireless Community
  Networks. Efstathiou EC, Frangoudis PA, Polyzos
  GC. IEEE INFOCOM, 2006.

44
Receipt repository
45
Collusion
46
Maxflow overhead
47
Cryptographic overhead
48
Real-World Example - FON

• Largest WiFi community in the world
• Idea
• Members (aka Foneros) share wireless Internet
  access at home
• In return, get free WiFi wherever there is a
  Fonero Access Point
• Use Fonero login
• How to become a member
• Buy a WiFi router (aka La Fonera) from FON

49
More about FON

• 3 types of Foneros (members)
• Linuses
• People who share home WiFi to get free WiFi
  wherever there is a FON Access Point
• Aliens
• People who do not share their WiFi but want
  access to a FON Access Point
• Charged 3 per day
• Bills
• Businesses who want to make money off their WiFi
• Dont want free roaming
• Get 50 of money Aliens pay
• Can advertise on their own personalized FON
  Access Point homepage