CS262B Reading Summary

Secure Routing for Structured Peer-to-peer Overlay Network

Summary by Feng Zhou
4/6/2004

Strong points of the paper are:

1. The paper proposes a 3-step scheme to enforce secure routing in peer-to-peer systems.  They are secure nodeId assignments, secure routing table maintainance and secure message forwarding. This is a good plan, comparing to the assumed fail-stop model of peer-to-peer security in the past. Current structured overlay networks are insecure in so many aspects including DoS, spoofing, sniffing and etc. This paper mainly talks about DoS and spoofing attacks. No confidentiality or anonimity is provided by the techniques discussed.
2. For the ID assignment problem, the paper basically says distributed scheme is very hard is not impossible. So they resort to a simple centralized solution.
3. Constrained routing table, which is a routing table with number of neighbor choice forced to be 1 for any prefix, is proposed as the solution for secure routing table maintainance.  In the normal proximity-sensitive Pastry/Tapestry routing table maintainance algorithm, the attackers can collude to "take over" the routing table of normal nodes by reporting unreal (nearer) latency numbers. The constrained routing table solve this problem by allowing only one candidate for each position.  However it only serves as a backup routing table or performance will suffer.
   
4. The technique for secure message forwarding is routing failure test at the initiating node. This exploits the fact that root replicas in Pastry are near in ID space and attackers are sparse in contrast, assuming they cannot control the IDs they get. The average ID distance between each root replica is used as an indication of the authenticity of the root replica group.
5. The last step is redundant routing in case normal routing fails. A technique called "neighbor set anycast" is used to ensure that all replica roots receive a copy of the message.