Pseudo Trust: ZeroKnowledge Based Authentication in Anonymous PeertoPeer Protocols

1
Pseudo Trust Zero-Knowledge Based Authentication
in Anonymous Peer-to-Peer Protocols
Li Lu, Lei Hu
State Key Lab of Information Security, Graduate
School of Chinese Academy of Sciences
Jinsong Han, Yunhao Liu, Lionel M. Ni
Dept. of Computer Science and Engineering, Hong
Kong University of Science and Technology
Jinpeng Huai
School of Computer Science, State Key Lab of
Software Developing Environment, Beihang
University
2
Authentication

• To make one person trust another one.
• Who is talking to whom must be as valid as whom
  he or she claimed.
• Is he/she the valid person who is searching a
  public database?
• Is he/she the valid person who provide you a
  movie without virus?
• Is the collaborating company legal?
• Is a cheater who send you an e-mail?

3
However

• Your machine may be accessed by a hacker.
• You may receive fraudulent. advertisement via
  e-mail.
• The goal of authentication A host will
  communicate with a server while he can determine
  its identity.

4
Anonymity or Privacy

• the right to be let alone one of the rights most
  cherished by people.
• Who is talking to whom should be confidential or
  private in the Internet.
• Who is searching a public database?
• Which movie are you downloading?
• Which companies are collaborating?
• Who are you talking to via e-mail?

5
However

• Your machines IP uniquely identifies you across
  web sites.
• Nothing illegal about cross-referencing.
• The goal of Internet anonymity A host can
  communicate with a server while nobody can
  determine its identity

www.ticket-agency.com
www.insurance-advertisement.com
6
Previous approaches Authentication

• Authentication in P2P is used to help evaluating
  reputations of peers. To know Who want to
  download or searching from Whom.
• Indeed, current P2P trust designs are
  identity-based, where one peer does not trust
  another before knowing its identity.
• Not trying to protect the identitys anonymity
  of peers.

7
Previous approaches Anonymity

• Anonymity is the state of being indistinguishable
  from other members of some group. Dont know Who
  is Searching or Downloading What from Whom.
• Main goal is to hide initiators and responders
  real identities, such as IP address, post
  address, etc.
• Not trying to authenticate the validity of peers.

8
Anonymity Examples Mix Onion
A
B
C
D
A?B?C?D
IPC
Public keys IP
IPD
M
9
Anonymity Example APFS
Server
Client
However, APFS is just for file delivery, without
identity authentication.
10
Tradeoff

• Authentication is Identity-based
• Leaking the real identity of peer, such as IP
  address, post address
• Anonymity is to hide the identity.
• Vulnerable to many active attacks, especially
  impersonation and man-in-middle-attack.

11
Basic goal A New Mutual Anonymity Authentication
for P2P

• Non ID-based authentication
• No need to know real identity of peer before
  authentication.
• Pseudonym-based authentication.
• Invulnerable to many active attacks.
• Impersonation
• Man-in-Middle-Attack
• Replay
• Lightweight efficient pseudonym generation and
  authentication.

12
Query and Downloading in Unstructured P2P Systems

• Flooding based query
• Reversed path based response
• Direct downloading

Initiator Query Responder Response Downloading
13
Pseudonym generation
We use cryptographic hash function to generate
pseudonym PI
Where moduli , and
are two big primes.
These two primes are kept as peers secrets. Due
to the one-way and collision-resistant properties
of hash function, a malicious peer cannot
impersonate other peers pseudonym.
14
Our Design Pseudo Trust
Query Sending
Responder R
Query q
Initiator I
15
Response
Responder R
Response prove your pseudonym.
Query q
Initiator I
16
Mutual authentication
Responder R
Proof verification
Challenge message
Request verification
Authentication request
Proof generation
Initiator I
Onion Path between I and
Similar procedure for Initiator authenticating
responder
Responder authenticates initiator.
17
Remarks on mutual authentication

• The zero-knowledge identification protocol is
  used to implement pseudonym-base authentication.
• Session key exchange is embedded in the mutual
  authentication.
• After authentication, initiator and responder can
  use the session key to protect file
  confidentiality and integrity. For example, using
  symmetric-key encryption and massage
  authentication code.

18
Several important issues

• Security
• Anonymity degree
• Impersonation
• Man-in-Middle-attack
• Overhead
• Traffic overhead
• Cryptographic overhead
• Response time of queries

19
Security Analysis

• Completely anonymity
• Resistant to impersonation and replay.
• Man-in-Middle attacker gets nothing from
  authentication
• Resistant to inner attacks
• Tail nodes are attackers.
• Initiator or responder is attack.

20
Trace Driven Simulation

• Physic network Gnutella
• Overlay network DSS Clip2 trace
• In a variety of network sizes ranging from
  hundreds to thousands.
• For each simulation, we take the average result
  from 1,000 runs.

21
Response Time

• The response time of APFS is approximately 3
  times that of overt Gnutella, while PT is around
  7 times that of overt Gnutella.
• The time consumed in anonymous paths of PT
  constitutes a major part of the whole latency.
• The time consumption of authentication is indeed
  trivial.

22
Traffic Overhead

• The figure above plots the extra traffic cost
  brought about by authentication procedures.
• Traffic stretch is defined as the traffic cost
  ratio between PT plus Gnutella, and Gnutella only

23
Prototype Implementation

• We implemented a prototype in our labs at the
  Chinese Academy of Sciences, the campus of
  Beihang University and Hong Kong University of
  Science and Technology.
• We test
• The extra computation overhead caused by PT.
• Overall latency of pseudo identity authentication
  procedures in the Internet environment

24
Computational Overhead
Proof generation
Pseudonym certificate generation
Verification
25
Time Consumption in Message Transmission
CAN test
MAN test
WAN test
26
Thank you!
Li Lu, Lei Hu
State Key Lab of Information Security, Graduate
School of Chinese Academy of Sciences
Jinsong Han, Yunhao Liu, Lionel M. Ni
Dept. of Computer Science and Engineering, Hong
Kong University of Science and Technology
Jinpeng Huai
School of Computer Science, State Key Lab of
Software Developing Environment, Beihang
University