Limiting Duplicate Identities in Distributed Systems - PowerPoint PPT Presentation

1 / 23

About This Presentation

Title:

Limiting Duplicate Identities in Distributed Systems

Description:

Limiting Duplicate Identities in Distributed Systems Elliot Jaffe, Dahlia Malkhi, Elan Pavlov The Hebrew University of Jerusalem Presented at Future Directions in ... – PowerPoint PPT presentation

Number of Views:118

Avg rating:3.0/5.0

Slides: 24

Provided by: ElliotDa9

Category:

more less

Transcript and Presenter's Notes

Title: Limiting Duplicate Identities in Distributed Systems

1
Limiting Duplicate Identities in Distributed
Systems

Elliot Jaffe, Dahlia Malkhi, Elan Pavlov
The Hebrew University of Jerusalem
Presented at
Future Directions in Distributed Computing
Survivability Obstacles and Solutions
Bertinoro, Italy, June 23-25 2004

2
Things to come

What are Self-Replication attacks
Why Trust systems are not sufficient
How to leverage routing to allocate IDs
Defenses against self-replication attacks

3
Sample System

Peers join and leave the system at will
System performs work by distributing operations
between peers
Peer(s) should not be able to hijack the system
Results should be safe under a threshold of
colluding nodes

4
Attack Mode

What if
The number of bad peers is unbounded
Bad peers could collude at no cost
How would this effect the system?

5
How-to collude for free

Self-Replication attacks
A single node A sequentially joins the system
multiple times, creating virtual identities
A1..An
All these identities share data
Unbounded number of identities over time
Instant zero cost collusion
The Sybil Attack Douceur 2002

6
What is Survivability?

Availability of System and its Data
Distributed Control and Confidentiality

7
Availability

Typical System
P2P File Sharing
Attacks
Directed DOS attacks on key components
Preventing access to data
Delivering corrupted data

8
Availability Defenses

Trust Relationships
Damiano, di Vimercati, Paraboschi 2002
Reputation based resources
Kamar, Schlosser, Garcia-Molina 2003 EigenTrust
Reputation Management
Singh, Liu 2003 TrustMe Management of Trust
Relationships

9
Trust Example
C

B,C,D interact successfully with A
E wants to talk to A
E asks around about A
B,C,D report positive experience
E talks directly to A

B
A?
D
A?
A?
A
A - OK
A - OK
A - OK
E
10
Trust Based Defenses

Trust is based on past performance
Anonymity is important
Hide ownership of files
Hide targets from DOS attacks
Multiple identities
influence trust values
hide source of corrupt files

11
Distributed Control and Confidentiality

Distributed Key Escrow, Secure Storage
Eternity, OceanStore, Farsite
Attacks
Directed DOS attacks on key components
Preventing access to data
Delivering corrupted data
Exposure of confidential data

12
Secret Storing Defenses

Trust based approaches
provide integrity but not confidentiality
there is no way to assign reputation to lurkers
We need to use a pro-active approach to identify
self-replicated nodes

13
Background Cryptographic Challenges

First Proposed in 1975 by Merkle
Bounded by available resources
Since a node can physically perform at most C
challenges, a self-replicated node will fail one
or more challenges

14
Basic Model

Every node has limited resources
May be static or renewable
Node can solve C challenges in time T
Full Mesh connectivity

15
Simple Approach
C 2
1 A challenges B
C
2 B challenges A
B
D
Limits identities
2
Limits In/Out Degree
1
Repeat Challenge every T time
E
A
Assumes interactions gtgt T
Does not require global revocation
F
H
G
16
Probabilistic Approach
C 2
Every T, Choose a random node to challenge
C
B
D
Limits identities
Repeat Challenge every T time
E
A
Requires global revocation
A
F
H
G
17
Routable Identities