Title |
Laisvai parenkamo mazgo identifikatoriaus įtakos DHT tinklo saugumui analizė / |
Translation of Title |
Analysis of security implications in DHT network if node id can be selected arbitrarily. |
Authors |
Kriukas, Julius |
Full Text |
|
Pages |
50 |
Keywords [eng] |
DHT ; P2P ; security ; Eclipse ; Sybil |
Abstract [eng] |
Distributed Hash Table models and its security implications, has long been a subject of interest. This thesis is based on the assumption that practical implementations do not enforce random node id generation regardless of the fact that theoretical models require node ids to be chosen by random and distributed in the address space uniformly. To measure the impact on the DHT network security if the assumption holds an analysis of attack complexity in both cases is performed. Results indicate that the complexity grows from O(1) to O(M) if the node id cannot be selected arbitrarily (M is the number of nodes in DHT network). Stated assumption is confirmed by analysing classic node id protection methods and performing analysis of BitTorrent DHT network. The reason for the lack of node id protection in practice is considered to be the complexity and performance penalty of the classic methods. To facilitate the implementations of DHT networks a new method to ensure random node id generation and copy protection is provided. Proposed method utilizes MACs based on shared keys to provide a proof of the ownership of the node id while still providing means to protect it from being copied. Efficiency of the proposed method is evaluated by conducting an experiment. In order to protect small DHT networks against a Sybil attack a method to control the speed of node id generation is also proposed. |
Type |
Master thesis |
Language |
Lithuanian |
Publication date |
2013 |