Abstract
In a decentralized network, such as a peer-to-peer or a spontaneous network, a significant trust factor for a peer is to gain a sufficient level of certainty on the other peers’ real identity. In this paper we evaluate a proposed peer identification protocol that was designed for such environments and operates based on iterated challenge-response exchanges among peers. For this purpose, we introduce a new attack against this protocol and use the birthday paradox to model the number of operations until the proposed attack is successful. The modeling process, which results in the estimation of the upper bound effort for this successful attack, gives way to the definition of enhancements for the identification protocol. As a result, we define a new identification protocol based on multiple integer challenge-responses that, though not being a cryptographic protocol, represents for an attacker a challenge harder than breaking a symmetric cryptographic key by brute force attack. Our proposed attack shows how to break the GCP protocol without any previous knowledge on target secret information.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Douceur, J.R.: The sybil attack. In: Druschel, P., Kaashoek, M.F., Rowstron, A. (eds.) IPTPS 2002. LNCS, vol. 2429, pp. 251–260. Springer, Heidelberg (2002)
Campadello, S.: The Green Card Protocol: an identification protocol for decentralized systems. In: Proceedings of the 2006 International Symposium on World of Wireless, Mobile and Multimedia Networks, pp. 647–651. IEEE Comp. Soc, Los Alamitos (2006)
Bloom, D.: A birthday problem. American Mathematical Monthly 80, 1141–1142 (1973)
Marsh, S.P.: Formalising Trust as a Computational Concept. PhD thesis, Dept. Comp. Science and Math., University of Stirling (1994)
Bellare, M., Kohno, T.: Hash Function Balance and Its Impact on Birthday Attacks. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 401–418. Springer, Heidelberg (2004)
Stallings, W.: Cryptography and Networks Security – Principles and Practices, pp. 82–83. Pearson Prentice Hall, Upper Saddle River (2006)
Shamir, A.: How to Share a Secret. Communications of the ACM 22(11), 612–613 (1979)
Gambetta, D.: Can We Trust Trust? In: Gambetta, D. (ed.) Trust: Making and Breaking Cooperative Relations, electronic edition, ch.13, pp. 213–237. Department of Sociology, University of Oxford (2000)
RFC 2631 - Diffie-Hellman Key Agreement Method
RFC 4251 - SSH Protocol Architecture
Patel, J.: A Trust and Reputation Model for Agent-Based Virtual Organizations. Thesis of Doctor of Philosophy. Faculty of Engineering and Applied Science. School of Electronics and Computer Science. University of Southampton (January 2007)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2008 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
de Oliveira Albuquerque, R., García Villalba, L.J., de Sousa, R.T. (2008). Enhancing an Integer Challenge-Response Protocol. In: Gervasi, O., Murgante, B., Laganà, A., Taniar, D., Mun, Y., Gavrilova, M.L. (eds) Computational Science and Its Applications – ICCSA 2008. ICCSA 2008. Lecture Notes in Computer Science, vol 5073. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-69848-7_43
Download citation
DOI: https://doi.org/10.1007/978-3-540-69848-7_43
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-69840-1
Online ISBN: 978-3-540-69848-7
eBook Packages: Computer ScienceComputer Science (R0)