Decentralized certification scheme for secure admission in on-the-fly peer-to-peer systems

Abstract

Several alternative schemes have been presented in the literature to try to solve the users’ admission problem in P2P systems when it is not possible to include a logically centralized authority (either online or offline) in the system. However,most of them are not suitable for on-the-fly P2P systems and the most typical ones (IP based, shared secret and threshold cryptography) have several security and performance drawbacks. From the deficiencies of the existing schemes, in this paper we present a new decentralized certification scheme for on-the-fly P2P systems which is based on the recently published Internet Attribute Certificate Profile for Authorization. Our proposal greatly improves the security and flexibility of IP based and shared secret D. Suárez Touceda (B) Evalues - IT Security Evaluation, Parque Leganés Tecnológico, Avda. Gregorio Peces Barba 1, 28918 Leganés (Madrid), Spain e-mail: diego.suarez@uc3m.es J. M. Sierra Cámara Computer Science Department, Universidad Carlos III de Madrid, Avda. de la Universidad 30, 28911 Leganés (Madrid), Spain e-mail: sierra@inf.uc3m.es M. Soriano Department of Telematics Engineering, Universitat Politècnica de Catalunya (UPC), 08034 Barcelona, Spain e-mail: soriano@entel.upc.edu M. Soriano Centre Tecnolgic de Telecomunicacions de Catalunya (CTTC), 08860 Castelldefels (Barcelona), Spain schemes with no infrastructure cost and with a minimal performance charge. Also, it achieves a similar level of security than threshold cryptography while highly reducing its computational and communicational cost. All these facts position our certification proposal as a users’ admission alternative for on-the-fly P2P systems in non very hostile environments where performance and security are key factors.