A Sybil-Resistant Admission Control Coupling SybilGuard with Distributed Certification

Abstract

Structured P2P networks are vulnerable to the sybil attack. In this attack, a misbehaving person creates many node identifiers and possibly chooses some of them in order to disrupt availability or integrity in the P2P network. In this paper, we propose a sybil-resistant distributed admission control system which combines SybilGuard with distributed certification. A new node can join the network if, using SybilGuard, a fixed ratio of the nodes think this new node is genuine and so participate in its distributed certification. This fully distributed system tackles each described aspect of the sybil attack, preventing users from creating many identifiers and enforcing the use of truly random identifiers.