ABSTRACT

The motivation behind basing applications on peer-to-peer architectures derives to a large extent from their ability to function, scale and self-organize in the presence of a highly transient population of nodes, network and computer failures, without the need of a central server and the overhead of its administration. P2P networks are vulnerable to peers, who cheat, propagate malicious codes, or peers who do not cooperate. Traditional client-server security models are not sufficient to P2P networks because of their centralized nature. Absence of central authority in P2P poses unique challenges like identity management of the peers, secure reputation data management and Sybil attack for reputation management in the network. In this paper we present a cryptographic protocol for ensuring secure and timely availability of the reputation data of a peer extremely at low cost. The past behavior of the peer is encapsulated in its digital reputation and is subsequently used to predict the future actions. The cryptographic protocol is coupled with self-certification and cryptographic mechanisms for identity management and countering Sybil attacks. The latency associated with a file replication in a P2P system consists of two components: the query search time and the time required by the peers to transmit the file. In order to model the peer level latency, we develop a queuing model to evaluate the time required at each peer to serve its replication requests.