Master of Puppets: Trusting Silicon in the Fight for Practical Security in Fully Decentralised Peer-to-Peer Networks

Publikation: Beitrag in Buch/Bericht/KonferenzbandBeitrag in einem KonferenzbandForschungBegutachtung

Abstract

This paper presents a practical solution to Sybil and eclipse attacks in a fully decentralised peer-to-peer context by utilising trusted computing features of modern Android devices. We achieve this by employing hardware-based attestation mechanisms introduced in recent Android versions and bind each P2P network node identifier to a distinct physical device. In contrast to resource-testing approaches, this binding makes it impossible for attackers to rely on cheap cloud computing resources to outperform legitimate users. We address well-known P2P challenges by applying trusted computing approaches, which were previously only theorised in this context. This results in a system that can now actually be implemented on a global scale. We thoroughly mind bandwidth, power and performance constraints to achieve a ready-to-use solution whose only requirement is the possession of a recent Android phone.
Originalspracheenglisch
TitelProceedings of the 16th International Joint Conference on e-Business and Telecommunications
Herausgeber (Verlag)SciTePress - Science and Technology Publications
Seiten252--259
Band2: SECRYPT
DOIs
PublikationsstatusVeröffentlicht - Jul 2019

Fingerprint

Peer to peer networks
Silicon
Cloud computing
Hardware
Bandwidth
Testing
Trusted computing

Dies zitieren

Prünster, B., Fasllija, E., & Mocher, D. W. (2019). Master of Puppets: Trusting Silicon in the Fight for Practical Security in Fully Decentralised Peer-to-Peer Networks. in Proceedings of the 16th International Joint Conference on e-Business and Telecommunications (Band 2: SECRYPT, S. 252--259). SciTePress - Science and Technology Publications. https://doi.org/10.5220/0007926702520259

Master of Puppets: Trusting Silicon in the Fight for Practical Security in Fully Decentralised Peer-to-Peer Networks. / Prünster, Bernd; Fasllija, Edona; Mocher, Dominik Wilhelm.

Proceedings of the 16th International Joint Conference on e-Business and Telecommunications. Band 2: SECRYPT SciTePress - Science and Technology Publications, 2019. S. 252--259.

Publikation: Beitrag in Buch/Bericht/KonferenzbandBeitrag in einem KonferenzbandForschungBegutachtung

Prünster, B, Fasllija, E & Mocher, DW 2019, Master of Puppets: Trusting Silicon in the Fight for Practical Security in Fully Decentralised Peer-to-Peer Networks. in Proceedings of the 16th International Joint Conference on e-Business and Telecommunications. Bd. 2: SECRYPT, SciTePress - Science and Technology Publications, S. 252--259. https://doi.org/10.5220/0007926702520259
Prünster B, Fasllija E, Mocher DW. Master of Puppets: Trusting Silicon in the Fight for Practical Security in Fully Decentralised Peer-to-Peer Networks. in Proceedings of the 16th International Joint Conference on e-Business and Telecommunications. Band 2: SECRYPT. SciTePress - Science and Technology Publications. 2019. S. 252--259 https://doi.org/10.5220/0007926702520259
Prünster, Bernd ; Fasllija, Edona ; Mocher, Dominik Wilhelm. / Master of Puppets: Trusting Silicon in the Fight for Practical Security in Fully Decentralised Peer-to-Peer Networks. Proceedings of the 16th International Joint Conference on e-Business and Telecommunications. Band 2: SECRYPT SciTePress - Science and Technology Publications, 2019. S. 252--259
@inproceedings{7dfe0cafc0854598bbfc453ffa1fa815,
title = "Master of Puppets: Trusting Silicon in the Fight for Practical Security in Fully Decentralised Peer-to-Peer Networks",
abstract = "This paper presents a practical solution to Sybil and eclipse attacks in a fully decentralised peer-to-peer context by utilising trusted computing features of modern Android devices. We achieve this by employing hardware-based attestation mechanisms introduced in recent Android versions and bind each P2P network node identifier to a distinct physical device. In contrast to resource-testing approaches, this binding makes it impossible for attackers to rely on cheap cloud computing resources to outperform legitimate users. We address well-known P2P challenges by applying trusted computing approaches, which were previously only theorised in this context. This results in a system that can now actually be implemented on a global scale. We thoroughly mind bandwidth, power and performance constraints to achieve a ready-to-use solution whose only requirement is the possession of a recent Android phone.",
author = "Bernd Pr{\"u}nster and Edona Fasllija and Mocher, {Dominik Wilhelm}",
year = "2019",
month = "7",
doi = "10.5220/0007926702520259",
language = "English",
volume = "2: SECRYPT",
pages = "252----259",
booktitle = "Proceedings of the 16th International Joint Conference on e-Business and Telecommunications",
publisher = "SciTePress - Science and Technology Publications",

}

TY - GEN

T1 - Master of Puppets: Trusting Silicon in the Fight for Practical Security in Fully Decentralised Peer-to-Peer Networks

AU - Prünster, Bernd

AU - Fasllija, Edona

AU - Mocher, Dominik Wilhelm

PY - 2019/7

Y1 - 2019/7

N2 - This paper presents a practical solution to Sybil and eclipse attacks in a fully decentralised peer-to-peer context by utilising trusted computing features of modern Android devices. We achieve this by employing hardware-based attestation mechanisms introduced in recent Android versions and bind each P2P network node identifier to a distinct physical device. In contrast to resource-testing approaches, this binding makes it impossible for attackers to rely on cheap cloud computing resources to outperform legitimate users. We address well-known P2P challenges by applying trusted computing approaches, which were previously only theorised in this context. This results in a system that can now actually be implemented on a global scale. We thoroughly mind bandwidth, power and performance constraints to achieve a ready-to-use solution whose only requirement is the possession of a recent Android phone.

AB - This paper presents a practical solution to Sybil and eclipse attacks in a fully decentralised peer-to-peer context by utilising trusted computing features of modern Android devices. We achieve this by employing hardware-based attestation mechanisms introduced in recent Android versions and bind each P2P network node identifier to a distinct physical device. In contrast to resource-testing approaches, this binding makes it impossible for attackers to rely on cheap cloud computing resources to outperform legitimate users. We address well-known P2P challenges by applying trusted computing approaches, which were previously only theorised in this context. This results in a system that can now actually be implemented on a global scale. We thoroughly mind bandwidth, power and performance constraints to achieve a ready-to-use solution whose only requirement is the possession of a recent Android phone.

U2 - 10.5220/0007926702520259

DO - 10.5220/0007926702520259

M3 - Conference contribution

VL - 2: SECRYPT

SP - 252

EP - 259

BT - Proceedings of the 16th International Joint Conference on e-Business and Telecommunications

PB - SciTePress - Science and Technology Publications

ER -