Article

Providing witness anonymity in peer-to-peer systems

Authors:

Sushil JajodiaAuthors Info & Claims

CCS '06: Proceedings of the 13th ACM conference on Computer and communications security

Pages 6 - 16

https://doi.org/10.1145/1180405.1180408

Published: 30 October 2006 Publication History

Abstract

In this paper, we introduce the concept of witness anonymity for peer-to-peer systems. Witness anonymity combines the seemingly conflicting requirements of anonymity (for honest peers who report on the misbehavior of other peers) and accountability (for malicious peers that attempt to misuse the anonymity feature to slander honest peers). We propose the Secure Deep Throat (SDT) protocol to provide anonymity for witnesses of malicious or selfish behavior to enable such peers to report on this behavior without fear of retaliation. On the other hand, in SDT the misuse of anonymity is restrained in such a way that any malicious peer that attempts to send multiple claims against the same innocent peer for the same reason (i.e., the same misbehavior type) can be identified. We also describe how SDT can be used in two modes. The active mode can be used in scenarios with real-time requirements, e.g., detecting and preventing the propagation of peer-to-peer worms, whereas the passive mode is suitable for scenarios without strict real-time requirements, e.g., query-based reputation systems. We analyze the security and overhead of SDT and present countermeasures that can be used to mitigate various attacks on the protocol. Our analysis shows that the communication, storage, and computation overheads of SDT are acceptable in peer-to-peer systems.

References

[1]

MIRACL library. http://indigo.ie/mscott/.]]

[2]

G. Ateniese and G. Tsudik. Some open issues and new directions in group signatures. In Proceedings of The Third International Conference on Financial Cryptography (FC'99), LNCS 1648, pages 196--211, 1999.]]

Digital Library

[3]

AuctionBytes. Online auction feedback survey. Retrieved from http://www.auctionbytes.com/cab/pages/feedbacksurvey1105 on May 5, 2006.]]

[4]

P. S. Barreto, H. Y. Kim, B. Lynn, and M. Scott. Efficient algorithms for pairing-based cryptosystems. In Proceedings of Advances in Cryptology -- CRYPTO 2002, LNCS 2442, pages 354--368, 2002.]]

Digital Library

[5]

P. S. L. M. Barreto, B. Lynn, and M. Scott. On the selection of pairing-friendly groups. In Proceedings of Annual International Workshop on Selected Areas in Cryptography (SAC'03), LNCS 3006, pages 17--25, 2003.]]

[6]

M. Bellare, D. Micciancio, and B. Warinschi. Foundations of group signatures: Formal definitions, simplified requirements, and a construction based on general assumptions. In Proceedings of Advances in Cryptology - EUROCRPYT 2003, LNCS 2656, pages 614--629, 2003.]]

[7]

S. Brands. Untraceable off-line cash in wallets with observers (extended abstract). In Proceedings of the 13th Annual International Cryptology Conference on Advances in Cryptology, LNCS 773, pages 302--318, 1993.]]

Digital Library

[8]

E. Bresson, J. Stern, and M. Szydlo. Threshold ring signatures and applications to ad-hoc groups. In Proceedings of Advances in Cryptology - CRYPTO 2002, LNCS 2442, pages 465--480, 2002.]]

Digital Library

[9]

J. Camenisch and M. Michels. A group signature scheme with improved efficiency (extended abstract). In Proceedings of Advances in Cryptology - ASIACRYPT'98, LNCS 1514, pages 160--174, 1998.]]

Digital Library

[10]

D. Chaum and E. V. Heyst. Group signatures. In Proceedings of Advances in Cryptology - EUROCRYPT '91, LNCS 547, pages 257--265, 1991.]]

[11]

D. L. Chaum, A. Fiat, and M. Naor. Untraceable electronic cash. In CRYPTO88, Lecture Notes in Computer Science 403, pages 319--327, 1989.]]

Digital Library

[12]

F. Cornelli, E. Damiani, S. D. C. D. Vimercati, S. Paraboschi, and P. Samarati. Choosing reputable servents in a P2P network. In Proceedings of the 11th International Conference on World Wide Web, pages 376--386, 2002.]]

Digital Library

[13]

E. Damiani, S. D. C. D. Vimercati, S. Paraboschi, P. Samarati, and F. Vioante. A reputation-based approach for choosing reliable resources in peer-to-peer networks. In Proceedings of the 9th ACM Conference on Computer and Communications Security, pages 207--216, 2002.]]

Digital Library

[14]

R. Dingledine, M. J. Freedman, D. Hopwood, and D. Molnar. A reputation system to increase MIX-net reliability. In Proceedings of The 4th International Workshop on Information Hiding (IHW'01), LNCS 2137, pages 126--141, 2001.]]

Digital Library

[15]

R. Dingledine, N. Mathewson, and P. Syverson. Tor: The second-generation onion router. In Proceedings of the 13th USENIX Security Symposium, 2004.]]

Digital Library

[16]

R. Dingledine and P. Syverson. Reliable MIX cascade networks through reputation. In Proceedings of Financial Cryptography (FC'02), LNCS 2357, 2002.]]

[17]

J. R. Douceur. The sybil attack. In Proceedings of The First International Workshop on Peer-to-Peer Systems (IPTPS 2002), pages 251--260, 2002.]]

Digital Library

[18]

R. Granger, D. Page, and M. Stam. A comparison of CEILIDH and XTR. In Algorithmic Number Theory, 6th International Symposium, ANTS-VI, pages 235--249, 2004.]]

[19]

IT Backbones Software News. New peer-to-peer trojan worm attacks enterprises, Mar. 2006. Retrieved from http://www.justloadit.com/pr/6169 on May 5, 2006.]]

[20]

S. D. Kamvar, M. T. Schlosser, and H. Garcia-Molina. The eigentrust algorithm for reputation management in P2P networks. In Proceedings of the 12th International Conference on World Wide Web (WWW 2003), pages 640--651, 2003.]]

Digital Library

[21]

H. Luo, J. Kong, P. Zerfos, S. Lu, and L. Zhang. URSA: Ubiquitous and robust access control for mobile ad hoc networks. IEEE/ACM Transactions on Networking, 12(6):1049--1063, 2004.]]

Digital Library

[22]

M. Naor. Deniable ring authentication. In Proceedings of Advances in Cryptology - CRYPTO 2002, LNCS 2442, pages 481--498, 2002.]]

Digital Library

[23]

M. Narasimha, G. Tsudik, and J. H. Yi. On the utility of distributed cryptography in P2P and MANETs: The case of membership control. In Proceedings of the 11th IEEE International Conference on Network Protocols (ICNP'03), pages 336--345, Nov. 2003.]]

Digital Library

[24]

L. Nguyen and R. Safavi-Naini. Dynamic k-times anonymous authentication. In Proceedings of The Third International Conference on Applied Cryptography and Network Security (ACNS 2005), pages 318--333, 2005.]]

Digital Library

[25]

L. Nguyen and R. Safavi-Naini. Dynamic k-times anonymous authentication. Full version, 2005.]]

[26]

J.-F. Raymond. Traffic analysis: Protocols, attacks, design issues, and open problems. In DIAU00, Lecture Notes in Computer Science 2009, pages 10--29, 2000.]]

Digital Library

[27]

M. K. Reiter and A. D. Rubin. Crowds: Anonymity for web transactions. ACM Transactions on Information and System Security (TISSEC), 1(1):66--92, 1998.]]

Digital Library

[28]

C. Shields and B. N. Levine. A protocol for anonymous communication over the internet. In ACM Conference on Computer and Communications Security (CCS 2000), pages 33--42, 2000.]]

Digital Library

[29]

A. Singh and L. Liu. TrustMe: Anonymous management of trust relationships in decentralized P2P systems. In Proceedings of The Third International Conference on Peer-to-Peer Computing (P2P 2003), pages 142--149, 2003.]]

Digital Library

[30]

M. Srivatsa, L. Xiong, and L. Liu. TrustGuard: Countering vulnerabilities in reputation management for decentralized overlay networks. In Proceedings of the 14th International Conference on World Wide Web, pages 422--431, 2005.]]

Digital Library

[31]

I. Teranishi, J. Furukawa, and K. Sako. K-times anonymous authentication (extended abstract). In Proceedings of ASIACRYPT 2004, LNCS 3329, pages 308--322, 2004.]]

[32]

www.Programmersheaven.Com. Poll archive -- how much storage capacity does your computer have?, June 2004. Available at http://www.programmersheaven.com/c/userpoll/Poll_archive.htm?PollID=148.]]

[33]

L. Xiong and L. Liu. PeerTrust: Supporting reputation-based trust for peer-to-peer electronic communities. IEEE Transactions on Knowledge and Data Engineering, 16(7):843--857, July 2004.]]

Digital Library

[34]

W. Yu, C. Boyer, S. Chellappan, and D. Xuan. Peer-to-peer system-based active worm attacks: Modeling and analysis. In Proceedings of IEEE International Conference on Communications (ICC '05), pages 295--300, 2005.]]

[35]

B. Zhu, F. Bao, R. H. Deng, M. S. Kankanhalli, and G. Wang. Efficient and robust key management for large mobile ad-hoc networks. Computer Networks, 48(4):657--682, July 2005.]]

Digital Library

Cited By

Troncoso CIsaakidis MDanezis GHalpin H(2017)Systematizing Decentralization and Privacy: Lessons from 15 Years of Research and DeploymentsProceedings on Privacy Enhancing Technologies10.1515/popets-2017-00562017:4(404-426)Online publication date: 10-Oct-2017
https://doi.org/10.1515/popets-2017-0056
Jalal SKing BLee SHanzo LChung MLee SCho K(2011)A pairing based cryptographic anonymous authentication schemeProceedings of the 5th International Conference on Ubiquitous Information Management and Communication10.1145/1968613.1968652(1-8)Online publication date: 21-Feb-2011
https://dl.acm.org/doi/10.1145/1968613.1968652
Puttaswamy KBhagwan RPadmanabhan VBanavar G(2010)AnonygatorProceedings of the ACM/IFIP/USENIX 11th International Conference on Middleware10.5555/2023718.2023725(85-106)Online publication date: 29-Nov-2010
https://dl.acm.org/doi/10.5555/2023718.2023725
Show More Cited By

Index Terms

Providing witness anonymity in peer-to-peer systems
1. Security and privacy
  1. Human and societal aspects of security and privacy
2. Social and professional topics
  1. Computing / technology policy
    1. Privacy policies

Recommendations

Providing witness anonymity under peer-to-peer settings

In this paper, we introduce the concept of witness anonymity for peer-to-peer systems, as well as other systems with the peer-to-peer nature. Witness anonymity combines the seemingly conflicting requirements of anonymity (for honest peers who report on ...
An Efficient Hybrid Peer-to-Peer System for Distributed Data Sharing

Peer-to-peer overlay networks are widely used in distributed systems. Based on whether a regular topology is maintained among peers, peer-to-peer networks can be divided into two categories: structured peer-to-peer networks in which peers are connected ...
On Optimizing Overlay Topologies for Search in Unstructured Peer-to-Peer Networks

Unstructured peer-to-peer (P2P) file-sharing networks are popular in the mass market. As the peers participating in unstructured networks interconnect randomly, they rely on flooding query messages to discover objects of interest and thus introduce ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

CCS '06: Proceedings of the 13th ACM conference on Computer and communications security

October 2006

434 pages

ISBN:1595935185

DOI:10.1145/1180405

General Chair:
Ari Juels
RSA Laboratories
,
Program Chairs:
Rebecca Wright
Stevens Institute of Technology
,
Sabrina De Capitani di Vimercati
University of Milan, Italy

Copyright © 2006 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 30 October 2006

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Article

Conference

CCS06

Sponsor:

CCS06: 13th ACM Conference on Computer and Communications Security 2006

October 30 - November 3, 2006

Virginia, Alexandria, USA

Acceptance Rates

Overall Acceptance Rate 1,261 of 6,999 submissions, 18%

Upcoming Conference

CCS '25

Sponsor:
sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 13 - 17, 2025

Taipei , Taiwan

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

8
Total Citations
View Citations
1,349
Total Downloads

Downloads (Last 12 months)2
Downloads (Last 6 weeks)0

Reflects downloads up to 22 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Troncoso CIsaakidis MDanezis GHalpin H(2017)Systematizing Decentralization and Privacy: Lessons from 15 Years of Research and DeploymentsProceedings on Privacy Enhancing Technologies10.1515/popets-2017-00562017:4(404-426)Online publication date: 10-Oct-2017
https://doi.org/10.1515/popets-2017-0056
Jalal SKing BLee SHanzo LChung MLee SCho K(2011)A pairing based cryptographic anonymous authentication schemeProceedings of the 5th International Conference on Ubiquitous Information Management and Communication10.1145/1968613.1968652(1-8)Online publication date: 21-Feb-2011
https://dl.acm.org/doi/10.1145/1968613.1968652
Puttaswamy KBhagwan RPadmanabhan VBanavar G(2010)AnonygatorProceedings of the ACM/IFIP/USENIX 11th International Conference on Middleware10.5555/2023718.2023725(85-106)Online publication date: 29-Nov-2010
https://dl.acm.org/doi/10.5555/2023718.2023725
Zhu BRen KWang LDebbabi M(2009) PCM: a privacy‐preserving detection mechanism in mobile ad hoc networks Security and Communication Networks10.1002/sec.1223:2-3(167-184)Online publication date: 30-Jun-2009
https://doi.org/10.1002/sec.122
Inshi SYoussef A(2008)Design and implementation of an online anonymous feedback system2008 24th Biennial Symposium on Communications10.1109/BSC.2008.4563205(58-61)Online publication date: Jun-2008
https://doi.org/10.1109/BSC.2008.4563205
Deng LHe YXu Z(2008)Trusted Reputation Management Service for Peer-to-Peer CollaborationProceedings of the OTM 2008 Confederated International Conferences, CoopIS, DOA, GADA, IS, and ODBASE 2008. Part II on On the Move to Meaningful Internet Systems10.1007/978-3-540-88873-4_10(1069-1086)Online publication date: 9-Nov-2008
https://dl.acm.org/doi/10.1007/978-3-540-88873-4_10
Yee GNing PDamiani EProctor S(2007)A privacy controller approach for privacy protection in web servicesProceedings of the 2007 ACM workshop on Secure web services10.1145/1314418.1314426(44-51)Online publication date: 2-Nov-2007
https://dl.acm.org/doi/10.1145/1314418.1314426
Ji WYang SWei DLu W(2007)GARMProceedings of the Sixth International Conference on Grid and Cooperative Computing10.1109/GCC.2007.70(481-488)Online publication date: 16-Aug-2007
https://dl.acm.org/doi/10.1109/GCC.2007.70

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents