A Holistic Approach Towards Peer-to-Peer Security and Why Proof of Work Won’t Do

Bernd Prünster, Christian Paul Kollmann, Bojan Suzic, Dominik Ziegler

Research output: Chapter in Book/Report/Conference proceedingConference paperpeer-review

Abstract

Separation of identity and location is one of the key properties of peer-to-peer networks. However, this separation can be abused to mount attacks against the network itself. Our contribution in this matter is twofold: First, we present a security-first design for P2P networking based on self-certifying identifiers. It provides message authenticity, integrity of routing tables, and authenticated communication, is resistant (and not only resilient) against many typical peer-to-peer-specific attacks, and guarantees uniform identifier distribution. The second aspect of our contribution disproves the often-quoted assumption that proof-of-work-based identifier generation can sufficiently hinder certain peer-to-peer attacks such as the Sybil attack. This finding seriously questions previously roposed proof-of-work-based defence mechanisms and leads to the only conclusion possible: Proof-of-work-based measures to limit arbitrary identifier generation do not stand the test of reality.
Original languageEnglish
Title of host publicationSecurity and Privacy in Communication Networks
EditorsRaheem Beyah, Bing Chang, Yingjiu Li, Sencun Zhu
Place of PublicationCham
PublisherSpringer International
Pages122-138
Number of pages16
Publication statusPublished - 2018
Event14th EAI International Conference on Security and Privacy in Communication Networks - , Singapore
Duration: 8 Aug 201810 Aug 2018
http://securecomm2018.eai-conferences.org/

Publication series

Name Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
Volume255

Conference

Conference14th EAI International Conference on Security and Privacy in Communication Networks
Abbreviated titleSecureComm 2018
Country/TerritorySingapore
Period8/08/1810/08/18
Internet address

Cite this