On Mitigating Pollution and Free-Riding Attacks by Shamir’s Secret Sharing in Fully Connected P2P Systems



Cristóbal Medina-López, Vicente González-Ruiz and L.G. Casado



ual

Department of Informatics
University of Almería
Spain


Feder Gobierno de España CEIA3 P2PSP protocol grupo SAL Google Summer of Code 2017

Follow the slideshow on the Web


URL of these Slides:

http://slides.p2psp.org/2017-06-IWCMC/



Diapositivas

Table of Contents


  • P2PSP
  • Pollution attacks
  • Previous approach
    • STrPe-DS model
    • Experimental results

  • Proposal
    • TP-SSS model
    • Theoretical results

  • Conclusions

Table of Contents


  • P2PSP
  • Pollution attacks
  • Previous approach
    • STrPe-DS model
    • Experimental results

  • Proposal
    • TP-SSS model
    • Theoretical results

  • Conclusions

How does a P2PSP system work?


An open-source implementation is available on GitHub

A P2PSP Team


A P2PSP Team

How does a P2PSP system work?


An open-source implementation is available on GitHub

A P2PSP Team


A P2PSP Team

1. The video is sent in real time to the Splitter.


How does a P2PSP system work?


An open-source implementation is available on GitHub

A P2PSP Team


A P2PSP Team

1. The video is sent in real time to the Splitter.


2. The Splitter divides the stream in several chunks and every chunk is sent to one different peer.


How does a P2PSP system work?


An open-source implementation is available on GitHub

A P2PSP Team


A P2PSP Team

1. The video is sent in real time to the Splitter.


2. The Splitter divides the stream in several chunks and every chunk is sent to one different peer.


How does a P2PSP system work?


An open-source implementation is available on GitHub

A P2PSP Team


A P2PSP Team

1. The video is sent in real time to the Splitter.


2. The Splitter divides the stream in several chunks and every chunk is sent to one different peer.


How does a P2PSP system work?


An open-source implementation is available on GitHub

A P2PSP Team


A P2PSP Team

1. The video is sent in real time to the Splitter.


2. The Splitter divides the stream in several chunks and every chunk is sent to one different peer.


How does a P2PSP system work?


An open-source implementation is available on GitHub

A P2PSP Team


A P2PSP Team

1. The video is sent in real time to the Splitter.


2. The Splitter divides the stream in several chunks and every chunk is sent to one different peer.


3. Each peer sends its chunks to each other in order to ensure that everyone has the whole stream.


How does a P2PSP system work?


An open-source implementation is available on GitHub

A P2PSP Team


A P2PSP Team

1. The video is sent in real time to the Splitter.


2. The Splitter divides the stream in several chunks and every chunk is sent to one different peer.


3. Each peer sends its chunks to each other in order to ensure that everyone has the whole stream.


4. Peers send the stream to the player.

Table of Contents


  • P2PSP
  • Pollution attacks
  • Previous approach
    • STrPe-DS model
    • Experimental results

  • Proposal
    • TP-SSS model
    • Theoretical results

  • Conclusions

Pollution Attacks


Pollution attacks consist of a peer or a set of peers modifying the content of the stream. Can be done as a combination of different kind of attack.


Pollution Attacks


Persistent, Selective and Collaborative attack: several attackers may collaborate to produce selective and persistent attacks on a large set of peers.


Collaborative Attack

Table of Contents


  • P2PSP
  • Pollution attacks
  • Previous approach
    • STrPe-DS model
    • Experimental results

  • Proposal
    • TP-SSS model
    • Theoretical results

  • Conclusions

Strategy based on Trusted Peers and Digital Signatures


It has been designed to mitigate the Selective attack and to identify poisoned chunks by using digital signatures. The behavior rules are:


STrPe-DS

Strategy based on Trusted Peers and Digital Signatures


It has been designed to mitigate the Selective attack and to identify poisoned chunks by using digital signatures. The behavior rules are:


STrPe-DS

1.When peers join the team they receive the public key of the splitter.


Strategy based on Trusted Peers and Digital Signatures


It has been designed to mitigate the Selective attack and to identify poisoned chunks by using digital signatures. The behavior rules are:


STrPe-DS

1.When peers join the team they receive the public key of the splitter.


2.For each chunk, the splitter sends a message like this:

$\{chunk, nChunk, dst, S priv (H(chunk + nChunk + dst))\}$.


Strategy based on Trusted Peers and Digital Signatures


It has been designed to mitigate the Selective attack and to identify poisoned chunks by using digital signatures. The behavior rules are:


STrPe-DS

1.When peers join the team they receive the public key of the splitter.


2.For each chunk, the splitter sends a message like this:

$\{chunk, nChunk, dst, S priv (H(chunk + nChunk + dst))\}$.


3.The peers verify dst and check if the hash value is correct.


Strategy based on Trusted Peers and Digital Signatures


It has been designed to mitigate the Selective attack and to identify poisoned chunks by using digital signatures. The behavior rules are:


STrPe-DS

1.When peers join the team they receive the public key of the splitter.


2.For each chunk, the splitter sends a message like this:

$\{chunk, nChunk, dst, S priv (H(chunk + nChunk + dst))\}$.


3.The peers verify dst and check if the hash value is correct.


4.The splitter periodically requests the list of removed peers to the TP.


Strategy based on Trusted Peers and Digital Signatures


It has been designed to mitigate the Selective attack and to identify poisoned chunks by using digital signatures. The behavior rules are:


STrPe-DS

1.When peers join the team they receive the public key of the splitter.


2.For each chunk, the splitter sends a message like this:

$\{chunk, nChunk, dst, S priv (H(chunk + nChunk + dst))\}$.


3.The peers verify dst and check if the hash value is correct.


4.The splitter periodically requests the list of removed peers to the TP.


5.Peers removed by any TP are directly expelled by the splitter after a random time.


Strategy based on Trusted Peers and Digital Signatures



  • Can trusted peers expel the bad guys by following these basic rules?


    Non-repudiation

Table of Contents


  • P2PSP
  • Pollution attacks
  • Previous approach
    • STrPe-DS model
    • Experimental results

  • Proposal
    • TP-SSS model
    • Theoretical results

  • Conclusions

Experimental results


Results obtained by simulation [war-games]


experiments

Experimental results


experiments

Table of Contents


  • P2PSP
  • Pollution attacks
  • Previous approach
    • STrPe-DS model
    • Experimental results

  • Proposal
    • TP-SSS model
    • Theoretical results

  • Conclusions

Strategy based on Trusted Peers and Shamir's Secret Sharing


The main idea is very simple: “if you want to remain in the team you must have a good behavior with at least t peers”. The behavior rules are:


TP-SSS

Strategy based on Trusted Peers and Shamir's Secret Sharing


TP-SSS

1.The Splitter sends a message $eSP^r_{j,i}$.


  • $eSP^r_{j,i}=\{eCH^r_{j,i},\ SH^{r+1}_i\}$

    • $eCH^r_{j,i} = \{C_j, j, P_i, r, E_{K^r_i}[S_{pr}(H(C_j||j||P_i||r))]\}$

    • $SH^{r+1}_i=\{\{SH^{r+1}_i\}_q,\ q=1,\ \ldots,\ n_r\}$

      • $\{SH^{r+1}_i\}_q=\{P_i,P_q, r+1, A^{r+1}_{q,i},S_{pr}(H(P_i||P_q||r+1||A^{r+1}_{q,i}))\}$

Strategy based on Trusted Peers and Shamir's Secret Sharing


TP-SSS

1.The Splitter sends a message $eSP^r_{j,i}$.


  • $eSP^r_{j,i}=\{eCH^r_{j,i},\ SH^{r+1}_i\}$

    • $eCH^r_{j,i} = \{C_j, j, P_i, r, E_{K^r_i}[S_{pr}(H(C_j||j||P_i||r))]\}$

    • $SH^{r+1}_i=\{\{SH^{r+1}_i\}_q,\ q=1,\ \ldots,\ n_r\}$

      • $\{SH^{r+1}_i\}_q=\{P_i,P_q, r+1, A^{r+1}_{q,i},S_{pr}(H(P_i||P_q||r+1||A^{r+1}_{q,i}))\}$

2.The peer reconstructs $K^r_i$, decrytps the message and verifies the signature.


Strategy based on Trusted Peers and Shamir's Secret Sharing


TP-SSS

1.The Splitter sends a message $eSP^r_{j,i}$.


  • $eSP^r_{j,i}=\{eCH^r_{j,i},\ SH^{r+1}_i\}$

    • $eCH^r_{j,i} = \{C_j, j, P_i, r, E_{K^r_i}[S_{pr}(H(C_j||j||P_i||r))]\}$

    • $SH^{r+1}_i=\{\{SH^{r+1}_i\}_q,\ q=1,\ \ldots,\ n_r\}$

      • $\{SH^{r+1}_i\}_q=\{P_i,P_q, r+1, A^{r+1}_{q,i},S_{pr}(H(P_i||P_q||r+1||A^{r+1}_{q,i}))\}$

2.The peer reconstructs $K^r_i$, decrytps the message and verifies the signature.


3.The peer sends the message decrypted.


  • $PP^r_{i,q}=\left\{CH^r_{j,i},\ \{SH^{r+1}_i\}_q \right\}$

    • $CH^r_{j,i} = \{C_j, j, P_i, r, S_{pr}(H(C_j||j||P_i||r))\}$

Strategy based on Trusted Peers and Shamir's Secret Sharing


TP-SSS

1.The Splitter sends a message $eSP^r_{j,i}$.


  • $eSP^r_{j,i}=\{eCH^r_{j,i},\ SH^{r+1}_i\}$

    • $eCH^r_{j,i} = \{C_j, j, P_i, r, E_{K^r_i}[S_{pr}(H(C_j||j||P_i||r))]\}$

    • $SH^{r+1}_i=\{\{SH^{r+1}_i\}_q,\ q=1,\ \ldots,\ n_r\}$

      • $\{SH^{r+1}_i\}_q=\{P_i,P_q, r+1, A^{r+1}_{q,i},S_{pr}(H(P_i||P_q||r+1||A^{r+1}_{q,i}))\}$

2.The peer reconstructs $K^r_i$, decrytps the message and verifies the signature.


3.The peer sends the message decrypted.


  • $PP^r_{i,q}=\left\{CH^r_{j,i},\ \{SH^{r+1}_i\}_q \right\}$

    • $CH^r_{j,i} = \{C_j, j, P_i, r, S_{pr}(H(C_j||j||P_i||r))\}$

4.The peer verifies the message and saves the share.

Table of Contents


  • P2PSP
  • Pollution attacks
  • Previous approach
    • STrPe-DS model
    • Experimental results

  • Proposal
    • TP-SSS model
    • Theoretical results

  • Conclusions

Theoretical results


Results obtained after a theoretical analysis: $\text{MPs} <= N/2$


results sss

Table of Contents


  • P2PSP
  • Pollution attacks
  • Previous approach
    • STrPe-DS model
    • Experimental results

  • Proposal
    • TP-SSS model
    • Theoretical results

  • Conclusions

Conclusions


  • The most severe possible attack is fully mitigated using only one TP, with overhead:

    • From splitter to peers $$oSP_r = n_r \times ss$$

    • Among Peers $$oPP_r = ss$$

      where $ss$ is the size of a share and $n_r$ is the size of the team

  • For the remaining attacks (although the impact is low), we can improve effectiveness to face them increasing the number of TPs.


  • The optimum value for t is the number of WIPs, but it is hard to guess. So, one alternative would be an adaptative algorithm to establish the SSS threshold dinamically.

good guys?

Thanks!