Abstract
Conventional client-server applications can be enhanced by enabling peer-to-peer data sharing between the clients, greatly reducing the scalability concern when a large number of clients access a single server. However, for these “hybrid peer-to-peer applications,” obtaining data from peer clients may not be secure, and clients may lack incentives in providing or receiving data from their peers. In this paper, we describe our mSSL framework that encompasses key security and incentive functions that hybrid peer-to-peer applications can selectively invoke based on their need. In contrast to the conventional SSL protocol that only protects client-server connections, mSSL not only supports client authentication and data confidentiality, but also ensures data integrity through a novel exploit of Merkle hash trees, all under the assumption that data sharing can be between untrustworthy clients. Moreover, with mSSL’s incentive functions, any client that provides data to its peers can also obtain accurate proofs or digital money for its service securely and reliably. Our evaluation further shows that mSSL is not only fast and effective, but also has a reasonable overhead.
Similar content being viewed by others
References
BitTorrent Inc. (2005) BitTorrent. http://bittorrent.com
Sherwood R, Braud R, Bhattacharjee B (2004) Slurpie: a cooperative bulk data transfer protocol. In: IEEE INFOCOM
Kong K, Ghosal D (1999) Mitigating server-side congestion in the internet through pseudoserving. IEEE/ACM Trans Netw 7(4):530–544
Stavrou A, Rubenstein D, Sahu S (2002) A lightweight, robust P2P system to handle flash crowds. In: Proceedings of ICNP. Washington, DC, USA. IEEE Computer Society, Los Alamitos, pp 226–235
Rescorla E (2001) SSL and TLS: designing and building secure systems. Addison-Wesley, Boston, MA, USA
Yang B, Garcia-Molina H (2003) PPay: micropayments for peer-to-peer systems. In: Proceedings of the conference on computer and communications security. ACM Press, New York, pp 300–310
Merkle R (1980) Protocols for public key cryptosystems. In: IEEE symposium on privacy and security, pp 122–134
Wong CK, Lam SS (1999) Digital signatures for flows and multicasts. IEEE/ACM Trans Netw 7(4):502–513
O’Connor L, Karjoth G (2002) Efficient downloading and updating applications on portable devices using authentication trees. In: IFIP TC8/WG8.8 4th working conference on smart card research and advanced applications. Kluwer Academic Publishers, Norwell
Yang YR, Li XS, Zhang XB, Lam SS (2001) Reliable group rekeying: a performance analysis. In: Proceedings of ACM SIGCOMM. ACM Press, California, pp 27–38
Mathis M, Mahdavi J, Floyd S, Romanow A (1996) IETF RFC 2018: TCP selective acknowledgement options
Cohen B (2003) Incentives build robustness in BitTorrent. In: Workshop on economics of peer-to-peer systems
Habib A, Xu D, Atallah M, Bhargava B, Chuang J (2005) Verifying data integrity in peer-to-peer media streaming. In: Twelfth annual multimedia computing and networking (MMCN’05)
Devanbu PT, Gertz M, Martel CU, Stubblebine SG (2001) Authentic third-party data publication. In: Proceedings of the IFIP TC11/ WG11.3 14th annual working conference on database security. Deventer, The Netherlands, Kluwer, B.V., pp 101–112
Bertino E, Carminati B, Ferrari E, Thuraisingham BM, Gupta A (2004) Selective and authentic third-party distribution of XML documents. IEEE Trans Knowl Data Eng 16(10):1263–1278
Neuman BC, Ts’o T (1994) Kerberos: an authentication service for computer networks. IEEE Commun 32(9):33–38
Camenisch J, Lysyanskaya A, Meyerovich M (2007) Endorsed e-cash. In: Proceedings of the IEEE symposium on security and privacy. IEEE Computer Society, Los Alamitos, CA, pp 101–115
Cox B, Tygar JD, Sirbu M (1995) NetBill security and transaction protocol. In: The first USENIX workshop on electronic commerce, pp 77–88
Zhou J, Gollmann D (1997) Evidence and non-repudiation. J Netw Comput Appl 20(3):267–281
Bahreman A, Tygar JD (1994) Certified electronic mail. In: Proc. of symposium on network and distributed systems security. Internet Society, San Diego, pp 3–19
Wang G (2005) An abuse-free fair contract signing protocol based on the RSA signature. In: WWW 2005. ACM Press, New York, pp 412–421
Ateniese G (1999) Efficient verifiable encryption (and fair exchange) of digital signature. In: Proceedings of the conference on computer and communications security. ACM Press, New York, pp 138–146
Ben-Or M, Goldreich O, Micali S, Rivest RL (1990) A fair protocol for signing contracts. IEEE Trans Inf Theory 36(1):40–46
Kremer S, Markowitch O, Zhou J (2002) An intensive survey of fair non-repudiation protocols. Comput Commun 25(17):1606–1621
Louridas P (2000) Some guidelines for non-repudiation protocols. ACM SIGCOMM Comput Commun Rev 30(5):29–38
Coffey T, Saidha P (1996) Non-repudiation with mandatory proof of receipt. ACM SIGCOMM Comput Commun Rev 26(1):6–17
Zhang N, Shi Q (1996) Achieving non-repudiation of receipt. Comput J 39(10):844–853
Zhou J, Gollmann D (1996) A fair non-repudiation protocol. In: Proceedings of the IEEE symposium on security and privacy. IEEE Computer Society Press, Oakland, CA, pp 55–61
Asokan N, Shoup V, Waidner M (1998) Asynchronous protocols for optimistic fair exchange. In: Proceedings of the IEEE symposium on security and privacy. Oakland, CA, pp 86–99
Kremer S, Markowitch O (2000) Optimistic non-repudiable information exchange. In: Proceedings of the 21st symposium on information theory in the Benelux. Wassenaar, The Netherlands, pp 139–146
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Li, J. mSSL: A framework for trusted and incentivized peer-to-peer data sharing between distrusted and selfish clients. Peer-to-Peer Netw. Appl. 4, 325–345 (2011). https://doi.org/10.1007/s12083-010-0087-x
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s12083-010-0087-x