Securing peer-to-peer overlay networks from Sybil Attack

Abstract

Securing Peer-to-Peer (P2P) overlay networks is complicated by the lack of access control and its collaborative resource infrastructure. A malicious attacker can behave as if it were a larger number of nodes compromising the integrity and security of the whole system, either by impersonating other nodes or claiming multiple arbitrary identities - Sybil Attack. To solve this problem, we propose a hybrid security protocol by unifying the ID-based cryptography and online secret sharing schemes. In contrast to the heavyweight Public Key Infrastructure (PKI) which is complicated and required more memory space, our proposal is able to verify the nodes' identities by easily obtaining the ID-based public signature verification key of every other node from the node identifier in the P2P overlay networks. Through cross-pollination of the two schemes, our hybrid security protocol is able to verify the data communications among overlay nodes and identify any malicious (cheating) nodes in a secured manner. We evaluate our hybrid security protocol and show its effectiveness analytically.