LUP Student Papers

Consistent authentication in disitrbuted networks

• Mark

Abstract

In a time where peer-to-peer networks, often with previously unconnected devices, are increasing in relevance, new storage solutions are needed. Storage can no longer rely on a single central entity but rather needs to depend on the resources of the entire network. Such a solution is the distributed hash table (DHT) which allows distributed storage of resources, ensuring redundancy and availability of resources. Common DHT implementations have however been found to be susceptible to several attacks and therefore not suitable for security-critical data. To enable a wider use of DHT, a strengthening which can be easily implemented in existing DHT implementations have to be found.

In this thesis, the security of the Kademlia DHT, present... (More)

In a time where peer-to-peer networks, often with previously unconnected devices, are increasing in relevance, new storage solutions are needed. Storage can no longer rely on a single central entity but rather needs to depend on the resources of the entire network. Such a solution is the distributed hash table (DHT) which allows distributed storage of resources, ensuring redundancy and availability of resources. Common DHT implementations have however been found to be susceptible to several attacks and therefore not suitable for security-critical data. To enable a wider use of DHT, a strengthening which can be easily implemented in existing DHT implementations have to be found.

In this thesis, the security of the Kademlia DHT, present in the Ericsson developed framework Calvin, was tested by performing a series of well-known attacks against an existing implementation. From the vulnerabilities found in these tests, security enhancements based on authentication were designed. All new functionality was designed to interfere with the original implementation as little as possible. The Kademlia DHT was strengthened with provable identities, cryptographically signed messages and a certificate distribution scheme. All of this was built on a public key infrastructure having an out-of-band certificate authority. The security enhancements were shown to both hamper known attacks and prevent outsiders from retrieving any information from the DHT. However, overhead and more complex computation were introduced into the system with the security enhancements. Further research is needed to determine if very computationally limited devices can participate or if additional functionality is needed to facilitate this. (Less)

Popular Abstract

Storing information in distributed network is difficult to say the least. No central storage, no availability guarantee and no security. The solution? A distributed hash table with authentication mechanisms!

Wouldn't it be delightful if the connected devices in your home could share information? Maybe regarding the location of yours and your family's cellphones or if the oven was accidentally left on. You would of course always want this data to be available, even when the device you want information about is turned off or not responding. How can this be achieved? By using a distributed hash table (DHT)!

My thesis work has revolved around making sure we can protect and trust the information in a DHT. But what is a DHT? A DHT is a... (More)

Storing information in distributed network is difficult to say the least. No central storage, no availability guarantee and no security. The solution? A distributed hash table with authentication mechanisms!

Wouldn't it be delightful if the connected devices in your home could share information? Maybe regarding the location of yours and your family's cellphones or if the oven was accidentally left on. You would of course always want this data to be available, even when the device you want information about is turned off or not responding. How can this be achieved? By using a distributed hash table (DHT)!

My thesis work has revolved around making sure we can protect and trust the information in a DHT. But what is a DHT? A DHT is a system for storing resources, e.g. text or files, on many devices in the same network at once. Each stored resource is mapped to a key which can be used to retrieve the resource from the network. By storing resources on many network devices, it increases the possibility of them being available even if some devices aren't responding.
So, when we want to retrieve information from the DHT, we ask the network for the resource belonging to a certain key. Some members of the network storing the resource responds to our request and we can process the received information.

However, in the very beginning of my thesis work I concluded that there is no built-in security in DHT. Anyone can claim to be storing a resource and then return whatever they like. Imagine a home network where all mobile phones and computers store their current position in a DHT. We would like to trust that my neighbor isn't allowed to ask for the position of my cellphone. It would also be preferable if we could trust all answers, i.e. it shouldn't be possible for my neighbor to claim that my phone is on the other side of the planet.
To achieve this, my thesis work propose adding authentication to the DHT. We need to know who is allowed to extract information and which answers we can trust. By letting one trusted device decide who is allowed to participate in the DHT, this can be achieved. Each allowed member gets a certificate, which can be seen as a non-forgable identity document, issued by the trusted device. To show that one is indeed the owner of a certificate, one must provide a corresponding digital signature. This is only possible for the owner of the certificate. Each member also receives an identifying number which is created by input the identity document into a mathematical algorithm called a hash function. By doing so, it is easy for everyone to see the connection between the participant and its certificate.

When sending a request, e.g. for retrieving information or asking other members to store a resource, a signature needs to be added to the message. This ensures that only valid members may communicate and will not trust anyone which haven't been approved by the authenticator.
By distributing the certificates to all devices in the network, it is possible for everyone to validate the digital signatures.
By using these security enhancements, the DHT can be used for storing sensitive information. And no longer would my neighbor be able to see the whereabouts of my cellphone. (Less)