Abstract: Anonymity has received increasing attention in the literature due to the users` awareness of their privacy nowadays. While anonymity related issues have been extensively studied in peer-to-peer (P2P) systems, numerous concerns have been raised about the issue of providing authentic partners in P2P systems. In addition, the network authority requires authentication so that misbehaving entities in the network remain traceable. This study analyzes this problem and reviews related researches. Besides, we also advise some possible methods for this problem.
INTRODUCTION
As an emerging model of communication and computation, peer-to-peer (P2P) networking has recently gained significant attention.
Numerous concerns have been raised about the issue of providing authentic partners in P2P systems. To guarantee authentic responders, some researchers have built trust models to help peers verify the validity of other entities. A number of approaches have been proposed to provide reliable authentication in the P2P systems. Some use reputations or web of trust as authentication access. Other researchers have adopted cryptography to attain security authentication (Akleylek et al., 2005; Lua, 2007; Narasimha et al., 2003).
At the same time, privacy is an important issue in current P2P systems. Taking Gnutella as an example, the identity of a requesting peer can only be hidden to further peers, but visible to all his neighbors. The identity of a peer who responds with query results is exposed to every peer in the returning path. Privacy is demanded in P2P systems. Hence, a number of methods have been proposed to provide anonymity such as P5 (Sherwood et al., 2002) and APFS (Scarlata et al., 2001) Tarzan (Freedman and Morris, 2002), MorphMix (Rennhard and Plattner, 2002) and WonGoo (Lu et al., 2004). Most, if not all of them, deliver messages via non-traceable paths comprised of several anonymous proxies or middle agent peers or adopt onion router technique (Syverson, 1998). However, failure to support authentication makes these approaches vulnerable to impersonation and man-in-middle attacks.
TRUST AND AUTHENTICATION
Many articles concern about providing trust and reliable authentication in the P2P systems. Wu et al. (2008) used the incomplete experience to get the trust rating in P2P systems and use aggregation mechanism to indirectly combine and obtain other peer's trust rating. Simulation results and analysis show that their proposed trust management model can quickly detect the misbehavior peers and limit the impacts of them in a P2P file-sharing system. EigenTrust (Kamvar et al., 2003) provides each peer in the network a unique global trust value based on the peer's history of uploads and thus aims to reduce the number of unauthentic files in a P2P network. NICE (Lee et al., 2003) provides a platform to implement distributed cooperative applications. Based on trust chains, NICE computes a user reputation in a PGP-like model. By employing an asymmetric cryptographic algorithm, it requires peers to encrypt cookies to help others compute their reputations. In addition, Akleylek et al. (2005), Lua (2007) and Narasimha et al. (2003) adopt cryptography to attain security authentication. For example (Lua (2007) proposed a hybrid security protocol by unifying the ID-based cryptography and online secret sharing schemes. His scheme can verify the peers' identities by easily obtaining the ID-based public signature verification key of every other peer from the peer identifier in the P2P overlay networks. Takeda et al. (2008) proposed a new authentication method called Hash-based Distributed Authentication Method (HDAM). The HDAM realizes a decentralized efficient mutual authentication mechanism for each pair of peers in the P2P network. It performs a distributed management of public keys by using Web of Trust and Distributed Hash Table. In Chen et al. (2008), each participating peer dynamically maintains a trusted group to perform distributed challenge-response authentication. It is based on Byzantine fault tolerance (Lamport, 1983).
ANONYMITY
Privacy has become an increasingly salient issue and considerable progress has been made with anonymous communications. Some articles adopt the idea of creating a hierarchical broadcast network to complete anonymous communication, such as P5 (Sherwood et al., 2002). Some methods adopt anonymous Mix router technique. For example, Tarzan (Freedman and Morris, 2002), MorphMix (Rennhard and Plattner, 2002) are based on Chaum's Mix method and their anonymity is better for Internet environments. In APFS (Scarlata et al., 2001), peers construct an anonymous path with tail peers using an onion technique, providing complete and mutual anonymity for peers. WonGoo (Lu et al., 2004) relies on layered encryption and random forwarding to achieve more stronger anonymity and high efficiency of communication. Some methods adopt middle agent peers to transfer message. Representative of literature is Crowds (Reiter and Rubin, 1998). Crowds hides his own in the group and enables the intermediate peers to randomly choose a successor to forward the request. Some studies are related to cryptography. Chang et al. (2007) proposed two protocols for hybrid P2P systems and pure P2P environments. These two protocols are based on primitive roots for three main reasons: simplicity, flexibility and efficiency. Some articles are committed to addressing some of the problems that exist in anonymous P2P system. MuON (Bansod et al., 2008) leverages epidemic-style data dissemination to deal with churn. While existing anonymity schemes will incur high latency, Shitrit et al. (2008) described a novel low-latency P2P anonymous scheme and is suitable for interactive services. GARM (Ji et al., 2007), REM-P2PAE (Dong et al., 2008) and (Hao et al., 2008) focus on reputation mechanism in anonymous environment. We propose SMA (Han et al., 2005a), SSMP (Han et al., 2005b) and PUZZLE (Han and Liu, 2008), which employ secret sharing scheme to allow peers to issue queries and responders to deliver requested files anonymously. Based on Random Walk, we also design an anonymous protocol called RWAP (Han et al., 2005c) in decentralized P2P systems. In addition, Rumor Riding (Han and Liu, 2006) utilizes a lower symmetric cryptographic algorithm to achieve anonymity. Compared with existing approaches, our proposals achieve mutual anonymity in P2P networks with a low cryptography processing and significantly reduce traffic cost and encryption overhead.
However, failure to support authentication also makes these approaches vulnerable to impersonation and man-in-middle attacks. We found this problem in our anonymity research.
SECURITY WORRIES
In addition, we must be concerned about anonymous abuse problem. That is, how to make anonymity controlled and traceable. Now anonymity abuse is severe. For example, some malicious peers use anonymity systems to send a large number of packets to a certain peer. This behavior will lead to network congestion so that the peer is single point of failure in P2P communication. Some peers send anonymously malicious messages in P2P reputation systems to slander other peers. In P2P resource share, some attacking peers can use anonymity systems to create and spread virus or polluted resource.
These three considerations lead to the conclusion that P2P systems must have some methods that can satisfy not only anonymity but also authentication and traceability. However, for one peer to authenticate and trace others, he needs to know the identity of the other peers, which affects anonymity. Thus, there exists an inherent contradiction between anonymity and trust or traceability in P2P systems.
AUTHENTICATION IN ANONYMITY
Although, this issue has not attracted extensive academic attention, there are still some articles related to this area. Next, we will introduce the relevant methods and discuss possible way to solve this problem.
We divide the area into two categories, System Control and Path Control. System Control means that systems modify, update and repair existing anonymous mechanism to attain anonymity and authentication. In System Control, main research focuses on system structure not anonymous path. On the other hand, some researches present some methods retaining anonymous information in path to trace back. These researches main modify packet and mark some path information in it. Psychologically speaking, the former is proactive inhibition, the latter is retroactive inhibition.
System control:
Most of articles about anonymity authentication mainly use secret handshakes,
zero-knowledge proof, fair blind signature, group (ring) signature, K-TIMES
anonymity, UCHVE (Liu et al., 2006) and so on to
take effect.
For example, some anonymous secret handshakes (Huang and Cao, 2009; Su, 2009) are proposed so far, but they fail to completely solve the proposed problem. As handshakes are unlinkable, a client has no way to tell whether the one she is shaking hands with is the same as the one behind some earlier handshakes.
Some articles use zero knowledge authentication to tradeoff anonymity and authentication in P2P system (Lai-Cheng, 2008; Lu et al., 2008; Wierzbicki et al., 2005). To protect real identities, in these articles, each peer is required to generate a pseudonym. With the help of pseudonyms, some peers still can misuse anonymity. Pseudo Trust (Lu et al., 2008) and (Wei and He, 2009) use pseudonyms in the anonymous P2P network. Particularly, Our Pseudo Trust (Lu et al., 2008) proposes a scheme called Pseudo Trust (PT), where each peer, instead of using its real identity, generates an unforgeable and verifiable pseudonym using a one-way hash function. A novel authentication scheme based on Zero-Knowledge Proof is designed so peers can be authenticated without leaking any sensitive information. With the help of PT, most existing identity-based trust management schemes become applicable in mutual anonymous P2P systems. However Pseudo Trust is not perfect. If a malice peer uses PT to communicate with others, other peers can authenticate its pseudonym according with real identity by Zero-Knowledge Proof, but yet do not know his real identity. Wierzbicki et al. ( 2005) also used zero-knowledge proofs and Merkles puzzles to describe a new protocol for authentication in Peer-to-Peer systems for controlled anonymity. But it does not solve the single fault problem.
The K-times anonymous authentication is proposed by (Nguyen and Safavi-Naini (2005) and Teranishi and Sako (2006). It includes group managers, users and victims and is based on Bilinear Pairings of mathematical curves. It ensures that group manager is able to track a user's true identity if only the number of evidence that victim provides is more than K value. Otherwise, even if victim colluding with group managers, he yet does not misuse trace power. Zhu et al. (2006) used this mechanism to track anonym who launches deliberate attack. K-times anonymous authentication solves the case of anonymity abuse more than K times perfectly, but not suitable for one less than K times.
Blind signature (Chaum, 1983) is a protocol for obtaining a signature from a signer where the signers view of the protocol cannot be linked to the resulting message-signature pair. Blind signature scheme is often used in anonymous digital payment systems. Since the existing proposals of blind signature schemes provide perfect unlinkability, criminals can misuse such payment systems. So Stadler et al. (1995) has proposed a new type of blind signature schemes, called fair blind signature scheme. The scheme has the additional property that it is possible to link a message-signature pair with the corresponding protocol view of the signer. In FBST (Wang and Sun, 2009), we propose a security architecture to ensure anonymity and authentication for honest users and keep traceability for misbehaving users in P2P systems. We use Fair Blind Signature Trust (FBST) to resolve the conflict among anonymity, authentication and traceability. Signature that has information about identity ensures authentication. At the same time, blindness of signature and additional anonymous scheme provides anonymity. Moreover, traceability is achieved due to the fairness of fair blind signature. However, FBST only support PKI based scheme and this assumption in distributed P2P environment is actually very difficult to achieve. So in CST (Wang et al., 2010), we use Collaboration Signature Trust (CST) to resolve the conflicts among anonymity, authentication and traceability without PKI assumption. The tradeoff between anonymity and authentication is achieved due to the novel collaboration signature. Security analysis shows that the CST can perfectly resolve tradeoff between anonymity, authentication and traceability.
Group signature technique is also an instinctive idea to certify anonymity and authentication. The conception of group signature is introduced by Chaum and Heyst (1991). However, in most of group signature mechanisms, group manager can reveal arbitrarily the true identity of the group member, which will cause trace abuse. At the same time, this mechanism is difficult to deal with signature revocation problem of members. Ring signature (Ronald et al., 2001) is a signature approach similar to group signature, but without traceability like group signature. Lee et al. (2009) and Zhang et al. (2008) combined the respective advantages of group and ring signature to realize dynamic anonymity authentication mechanisms, respectively.
Another cryptography to be used to balance anonymity and authentication is the private credential framework proposed in PCS (Bangerter et al., 2006) and the universal custodian-hiding verifiable encryption scheme (UCHVE) (Liu et al., 2006). Suriadi et al. (2008) used PCS to hide users real identity and UCHVE to make PCS key transparent. Consequently the anonymous tracer must attain the key with the help of user to revoke anonymity and know the user's identity. This mechanism prevents the case of trace abuse but only for conventional networks not suitable for P2P environment.
In P2P environment, network traffic is huge. How to utilize existing cryptography technology to design lighter weight anonymous authentication is future work in this area.
Path control:
At present, no article concentrates on anonymity authentication in P2P systems
from the perspective of path control. But there are still many scholars have
proposed some methods in general anonymous network. Introduction of these methods
will help us to further consider how to authenticate and trace the dishonest
in anonymous environment. As we said earlier, Path Control is a retroactive
inhibition approach. Some studies have indicated that many intruders are deterred
once they perceive risks involved. One of the intruders greatest fears
is losing their anonymity.Consequently,if in a certain condition we can track
anonymous path and authenticate those machines in path, attack action would
be reduced dramatically (Li et al., 2004) which
indirectly achieves the target of restricting and authenticating anonym. The
aim of trace is to track packet sources. In conventional IP networks, a lot
of trace schemes are widely proposed. Common trace methods include Logging (Snoeren
et ai., 2001), Link Testing (Burch and Cheswick,
2000), ICMP Trace, Centertrack, (Stone, 2000) Packet
Marking (Song and Perrig, 2001; Park
and Lee, 2001; Savage et al., 2000).
Among them, the most method maybe used in P2P system is Packet Marking, which is based on packet marking technology. The main idea of packet marking is to let routers mark packets with partial path information probabilistically (Song and Perrig, 2001; Park and Lee, 2001; Savage et al., 2000) or determinately (Belenky and Ansari, 2003). Because of huge number of nodes in P2P networks, it is impossible to mark every node. So Probabilistic Packet Marking seems more suitable for P2P environment. The principle of Probabilistic Packet Marking is that packets are probabilistically marked with partial path information as they are forwarded by routers. Having received enough information from path,the victim could reconstruct the full paths along which attack flows travel. Stronger evidence shows this technique can be applied to P2P environment is that there are some articles (Cheng et al., 2008; Jin et al., 2006; Ye et al., 2007) for WSN and ad-hoc network environments, which is similar to P2P systems. Ye et al. (2007) uses probabilistic packet marking method to locate anonymous attack on the node, but it assumes that any data can be written to the header data. That is to say, if node decides to mark a certain packet, it will mark the data added into the header. Therefore, the packet may be getting longer and longer and eventually had to be sliced to deal with, which is extremely difficult to be implemented. So it only has theoretical significance. On the other hand, (Gong and Sarac, 2005) points out, the basic packet marking method in a multi-attack path reconstruction bring on high false alarm rate and a high degree of computational complexity. Besides, due to limited space in the packet, conventional PPM always requires large flow of packets to collect the complete path information which will incur a large number of loads. These shortcomings have become obstacles in practical application. In P2P anonymous system, a certain cryptonym path is formed by a small number of anonymous packets.
How to mark path information in a small number of packets?
In future, one possible approach is to use the idea of Code Division Multiple Access (CDMA) technology to mark more information in sole packet by superposition mode. In this area, we have already done some preliminary investigation work. Besides, future researches should integrate all kinds of information theory and signal processing technology, such as watermarking, digital fingerprint to complete anonymous authentication in P2P system. As our mentioned (Li et al., 2008), there are a large number of redundant fields in P2P protocols. Those fields can be used to mark path information anonymously.
CONCLUSION
In this study, we analyze the tradeoff between anonymity and authentication in P2P network environment and introduce related researches. Besides, we propose some possible advices for this problem. From this article, we can be aware that harmonizing contradiction between anonymity and authentication in P2P system is not only a hot spot but also hard work.
ACKNOWLEDGMENTS
The research was supported by National Natural Science Foundation of China (60736016, 60873198, 60973128 and 60973113) and National Basic Research Program of China (2006CB303000, 2009CB326202, 2010CB334706), 973 pre-special project (2009CB326202, 2010CB334706) and China Postdoctoral Science Foundation funded project (20090461298).