Open Access  Subscription or Fee Access

Peer-to-peer (P2P) networks are vulnerable to peers who cheat, propagate malicious code, leech on the network, or simply do not cooperate. The traditional security techniques developed for the centralized distributed systems like client-server networks are insufficient for P2P networks by the virtue of their centralized nature. The absence of a central authority in a P2P network poses unique challenges for reputation management in the network. These challenges include identity management of the peers, secure reputation data management, Sybil attacks, and above all, availability of reputation data. In this paper, we present a cryptographic protocol for ensuring secure and timely availability of the reputation data of a peer to other peers at extremely low costs. The past behavior of the peer is encapsulated in its digital reputation, and is subsequently used to predict its future actions. As a result, a peer’s reputation motivates it to cooperate and desist from malicious activities. The cryptographic protocol is coupled with self-certification and cryptographic mechanisms for identity management and countering Sybil attack. We illustrate the security and the efficiency of the system analytically and by means of simulations in a completely decentralized Gnutella-like P2P network.

Like A Certificate Peer-To-Peer Networks, Distributed Systems, Security, Reputations and Identity Management.

H. Garett, ―Tragedy of Commons,‖ Science, vol. 162, pp. 1243-1248, 1968.

Stoica, R. Morris, D. Liben-Nowell, D. Karger, M.F. Kaashoek, F. Dabek, and H. Balakrishnan, ―Chord: A Scalable Peer-to-Peer Lookup Service for Internet Applications,‖ Proc. ACM SIGCOMM, pp. 149-160, Aug. 2002.

S. Ratnasamy, P. Francis, M. Handley, R. Karp, and S. Schenker, ―A Scalable Content-Addressable Network,‖ SIGCOMM Computer Comm.. Rev., vol. 31, no. 4, pp. 161-172, 2001.

A. Rowstron and P. Druschel, ―Pastry: Scalable, Decentralized Object Location, and Routing for Large-Scale Peer-to-PeerSystems,‖ Proc. IFIP/ACM Int’l Conf. Distributed Systems Platforms (Middleware), pp. 329-350, Nov. 2001.

G. Networks, ―Groove Networks,‖ http://www.groove.net/ products/workspace/securitypdf.gtml, 2009.

R.L. Rivest and B. Lampson, ―SDSI: A Simple Distributed Security Infrastructure,‖ Proc. Crypto ’96, pp. 104-109, Aug. 1996.

N. Li and J.C. Mitchell, ―RT: A Role-Based Trust-Management Framework,‖ Proc. Third DARPA Information Survivability Conf. and Exposition (DISCEX III), Apr. 2003.

D. Ferraiolo and R. Kuhn, ―Role-Based Access Controls,‖ Proc. 15th Nat’l Computer Security Conf., May 1992.

D. Chaum, ―Blind Signatures for Untraceable Payments,‖ Proc. Advances in Cryptology (Crypto ’82), 1983.

L. Zhou, F. Schneider, and R. Renesse, ―COCA: A Secure Distributed Online Certification Authority,‖ ACM Trans. Computer Systems, vol. 20, no. 4, pp. 329-368, Nov. 2002.

M. Chen and J.P. Singh, ―Computing and Using Reputations for Internet ratings,‖ Proc. Third ACM Conf. Electronic Commerce, pp. 154-162, 2001.

P. Resnick, R. Zeckhauser, and E. Friedman, ―Reputation Systems,‖ Comm. ACM, vol. 43, pp. 45-48, Dec. 2000.

E. Friedman and P. Resnick, ―The Social Cost of Cheap Pseudonyms,‖ J. Economics and Management Strategy, vol. 10, no. 2, pp. 173-199, 2001.

L. Xiong and L. Liu, ―PeerTrust: Supporting Reputation-Based Trust in Peer-to-Peer Communities,‖ IEEE Trans. Knowledge and Data Eng., vol. 16, no. 7, pp. 843-857, July 2004.

A. Abdul-Rahman and S. Hailes, ―Supporting Trust in Virtual Communities,‖ Proc. Hawaii Int’l Conf. System Sciences, Jan. 2000.

K. Aberer and Z. Despotovic, ―Managing Trust in a Peer-2-Peer Information System,‖ Proc. 10th Int’l Conf. Information and Knowledge Management (CIKM ’01), pp. 310-317, Nov. 2001.

A.I. Schein, A. Popescul, L.H. Ungar, and D.M. Pennock, ―Methods and Metrics for Cold-Start Recommendations,‖ Proc. 25th Ann. Int’l ACM SIGIR Conf. Research and Development in Information Retrieval, pp. 253-260, 2002.

C. Dellarocas, ―Immunizing Online Reputation Reporting Systems against Unfair Ratings and Discriminatory Behavior,‖ Proc. ACM Conf. Electronic Commerce, pp. 150-157, Oct. 2000.

C. Dellarocas, Building Trust On-Line: The Design of Reliable.

C. Dellarocas, Building Trust On-Line: The Design of Reliable Reputation Mechanism for Online Trading Communities. MIT Sloan School of Management, 2001.

E. Damiani, S.D.C. di Vimercati, S. Paraboschi, and P. Samarati,―Managing and Sharing Servents’ Reputations in p2p Systems,‖ IEEE Trans. Knowledge and Data Eng., vol. 15, no. 4, pp. 840-854, July 2003.

B.C. Ooi, C.Y. Kiau, and K. Tan, ―Managing Trust in Peer-to-Peer Systems Using Reputation-Based Techniques,‖ Proc. Fourth Int’l Conf. Web Age Information Management, Aug. 2003.

L. Liu, S. Zhang, K.D. Ryu, and P. Dasgupta, ―R-Chain: A Self-Maintained Reputation Management System in p2p Networks,‖ Proc. 17th Int’l Conf. Parallel and Distributed Computing Systems (PDCS), Nov. 2004.

R. Zhou, K. Hwang, and M. Cai, ―Gossiptrust for Fast Reputation Aggregation in Peer-to-Peer Networks,‖ IEEE Trans. Knowledge and Data Eng., vol. 20, no. 9, pp. 1282-1295, Aug. 2008.

Z. Xu, Y. He, and L. Deng, ―A Multilevel Reputation System for Peer-to-Peer Networks,‖ Proc. Sixth Int’l Conf. Grid and Cooperative Computing (GCC ’07), pp. 67-74, 2007.

M. Gupta, P. Judge, and M. Ammar, ―A Reputation System for Peer-to-Peer Networks,‖ Proc. 13th Int’l Workshop Network and Operating Systems Support for Digital Audio and Video (NOSSDAV), 2003.

M. Piatek, T. Isdal, A. Krishnamurthy, and T. Anderson, ―One Hop Reputations for Peer to Peer File Sharing Workloads,‖ Proc. Fifth USENIX Symp. Networked Systems Design and Implementation (NSDI ’08), pp. 1-14, 2008. J. Douceur, ―The Sybil Attack,‖ Proc. IPTPS ’02 Workshop, 2002.

M. Castro, P. Druschel, A. Ganesh, A. Rowstron, and D.S. Wallach, ―Secure Routing for Structured Peer-to-Peer Overlay Networks,‖ Proc. Fifth Symp. Operating Systems Design and Implementation, pp. 299-314, Winter 2002.

J. Camenisch and E.V. Herreweghen, ―Design and Implementation of the Idemix Anonymous Credential System,‖ technical report, IBM Research Division, 2002.

L. Alliance, ―Identity Systems and Liberty Specification Version 1.1 Interoperability,‖ Project Report, Liberty Alliance Project, technical report, 2003.

M. Hauswirth, A. Datta, and K. Aberer, ―Handling Identity in Peer-to-Peer Systems,‖ Proc. Sixth Int’l Workshop Mobility in Databases and Distributed Systems, in Conjunction with 14th Int’l Conf. Database and Expert Systems Applications, Sept. 2003.

P. Zimmermann, The Official PGP User’s Guide. MIT Press, 1995.

P. Dewan, ―Injecting Trust in Peer-to-Peer Systems,‖ technical report, Arizona State Univ., 2002.

A. Clausen, ―How Much Does it Cost to Buy a Good Google Pagerank?‖ unpublished, Oct. 2003.

G. Shafer and J. Pearl, Readings in Uncertain Reasoning. Morgan Kaufmann, 1990.

F.K. Robert and A. Wilson, The MIT Encyclopedia of the Cognitive Sciences (MITECS). Bradford Books, 1999.

D.P. Foster and H.P. Young, ―On the Impossibility of Predicting the Behavior of Rational Agents,‖ technical report, John Hopkins Univ., 1999.

T. Rabin and M. Ben-Or, ―Verifiable Secret Sharing and Multiparty Protocols with Honest Majority,‖ Proc. 21st Ann. ACM Symp. Theory of Computing, pp. 73-85, 1989.

C. Cachin, K. Kursawe, A. Lysyanskaya, and R. Strobl, ―Asynchronous Verifiable Secret Sharing and Proactive Cryptosystems,‖ citeseer.nj.nec.com/cachin02asynchronous.html, 2002.

D.C. Montgomery, Design and Analysis of Experiments. J. Wiley and Sons, 2000.

D. Rumsey, Statistics for Dummies. J. Wiley and Sons, 2003.

S.D. Kamvar, M.T. Schlosser, and H. Garcia-Molina, ―The Eigentrust Algorithm for Reputation Management in P2P Networks,‖ Proc. 12th Int’l World Wide Web Conf., pp. 640-651, 2003.

Prashant Dewan and Partha Desgupta ,2011.‖P2P Reputation Management using Distributed Identities and decentralized Recommendation chains.