A Public Keys Based Architecture for P2P Identification, Content Authenticity and Reputation

Abstract

In the classic use of P2P, e.g. file sharing, there is no concern about persistent peer identification, peer and content reputation and content authenticity. Security proposals currently found in technical literature try to adapt techniques from client-server architecture to P2P environments, which it is not the most appropriate approach. This work proposes applying public keys to identify peers. It allows creating a persistent identification scheme, without losing anonymity, even in a self-managed environment as P2P. Also, it applies digital signature to provide authenticity to the P2P content and to guarantee non-repudiation in the content transfer. In order to provide credibility to the non-certified content and public keys a reputation mechanism is applied. We have developed a prototype to show the benefits of this approach.