practical cryptography for a peer to peer web browsing
play

Practical Cryptography for a Peer-to-Peer Web Browsing System A. - PowerPoint PPT Presentation

May 28, 2023 •240 likes •462 views

Introduction Cryptography in P2P Systems A P2P Web Browsing System Comparison of Implementations in C Summary Practical Cryptography for a Peer-to-Peer Web Browsing System A. Pokluda Cheriton School of Computer Science University of

  1. Introduction Cryptography in P2P Systems A P2P Web Browsing System Comparison of Implementations in C Summary Practical Cryptography for a Peer-to-Peer Web Browsing System A. Pokluda Cheriton School of Computer Science University of Waterloo CS758 Cryptography and Network Security Project

  2. Introduction Cryptography in P2P Systems A P2P Web Browsing System Comparison of Implementations in C Summary Outline Introduction 1 Cryptography in P2P Systems 2 Cryptography in Real-World Peer-to-Peer Systems Message Stream Encryption A P2P Web Browsing System 3 Identify Security Requirements Satisfy Security Requirements A Brief Introduction to Elliptic Curve Cryptography Comparison of Implementations in C 4

  3. Introduction Cryptography in P2P Systems A P2P Web Browsing System Comparison of Implementations in C Summary Overview of Project Objectives Perform a brief survey of the protocols and schemes used 1 in real-world peer-to-peer systems Identify the general security related requirements for a new 2 1 peer-to-peer web browsing system and identify the cryptographic protocols that meet those security requirements. Identify one or two schemes to solve each problem that 2 meet the security requirements. These may be the same schemes that are used in current peer-to-peer systems or are new schemes obtained from the literature. Compare production-level implementations in C and 3 evaluate them on a number of criteria: level of security; CPU time and memory requirements; and performance over limited bandwidth network connection.

  4. Introduction Cryptography in P2P Systems A P2P Web Browsing System Comparison of Implementations in C Summary Overview of Project Objectives Perform a brief survey of the protocols and schemes used 1 in real-world peer-to-peer systems Identify the general security related requirements for a new 2 1 peer-to-peer web browsing system and identify the cryptographic protocols that meet those security requirements. Identify one or two schemes to solve each problem that 2 meet the security requirements. These may be the same schemes that are used in current peer-to-peer systems or are new schemes obtained from the literature. Compare production-level implementations in C and 3 evaluate them on a number of criteria: level of security; CPU time and memory requirements; and performance over limited bandwidth network connection.

  5. Introduction Cryptography in P2P Systems A P2P Web Browsing System Comparison of Implementations in C Summary Overview of Project Objectives Perform a brief survey of the protocols and schemes used 1 in real-world peer-to-peer systems Identify the general security related requirements for a new 2 1 peer-to-peer web browsing system and identify the cryptographic protocols that meet those security requirements. Identify one or two schemes to solve each problem that 2 meet the security requirements. These may be the same schemes that are used in current peer-to-peer systems or are new schemes obtained from the literature. Compare production-level implementations in C and 3 evaluate them on a number of criteria: level of security; CPU time and memory requirements; and performance over limited bandwidth network connection.

  6. Introduction Cryptography in P2P Systems A P2P Web Browsing System Comparison of Implementations in C Summary Cryptography in Real-World Peer-to-Peer Systems Skype Key Agreement RSA with 1536- to 2048-bit key lengths Block Cipher 256-bit AES Public-Key Infrastructure The Skype “login server” performs the role of TA and certifies user public keys Skype is proprietary, closed-source software and all network traffic is encrypted. There have been some efforts to document the Skype peer-to-peer architecture, but not much is known about the inner-workings of Skype software.

  7. Introduction Cryptography in P2P Systems A P2P Web Browsing System Comparison of Implementations in C Summary Cryptography in Real-World Peer-to-Peer Systems BitTorrent Most current BitTorrent clients use a custom encryption scheme known as “Message Stream Encryption” (MSE) Key Agreement Diffie-Hellman with 768-bit key lengths Block Cipher RC4 Public-Key Infrastructure None; New public keys are generated for each session Hash Functions Content is located using .torrent metainfo files containing an index of data chucks needed to reconstruct a file or set of files and their SHA-1 hash values; A metainfo file itself is identified by the SHA-1 hash of the index (known as an info hash )

  8. Introduction Cryptography in P2P Systems A P2P Web Browsing System Comparison of Implementations in C Summary Message Stream Encryption Context Diffie-Hellman Parameters p is a published, 768-bit safe prime, 0xFF ...63 Generator G is 2 r A and r B are random ints between 128- and 180-bits long Public key of A is Y A = G r A mod p Public key of B is Y B = G r B mod p The shared secret is S = Y r B mod p = Y r A mod p A B Constants/Variables PadA and PadB are random data with length 0-512 bytes T info hash is the info hash of the torrent VC is a verification constant defined to be 8 bytes set to 0

  9. Introduction Cryptography in P2P Systems A P2P Web Browsing System Comparison of Implementations in C Summary Message Stream Encryption Operation Alice Bob Y A = G r A mod p Y A , PadA Y B = G r B mod p Y B , PadB S = Y r A S = Y r B mod p mod p B A K A = H ( ‘keyA’ , S , T info hash ) K A = H ( ‘keyA’ , S , T info hash ) K B = H ( ‘keyB’ , S , T info hash ) K B = H ( ‘keyB’ , S , T info hash ) H ( ‘req1’ , S ) , H ( ‘req2’ , T info hash ) ⊕ H ( ‘req3’ , S ) , e K A ( VC ) e K B ( VC )

  10. Introduction Cryptography in P2P Systems A P2P Web Browsing System Comparison of Implementations in C Summary Basic Architecture At the outer level c c users will use their web c browsers to communicate with the S S peer-to-peer Web software c At the inner level S S c instances of the peer-to-peer Web c software will S S communicate with each other using a c peer-to-peer network c c overlay

  11. Introduction Cryptography in P2P Systems A P2P Web Browsing System Comparison of Implementations in C Summary Identify Security Requirements New Challenges We are designing a new system from scratch We can learn from existing systems, such as BitTorrent However, there are several fundamental differences between a web browsing system and BitTorrent from a security perspective : BitTorrent provides no way to verify the identity of the source of a content BitTorrent provides no way to update content once it has been released

  12. Introduction Cryptography in P2P Systems A P2P Web Browsing System Comparison of Implementations in C Summary Identify Security Requirements What Protocols Are Needed? Like BitTorrent, We can secure peer to peer communications from eavesdropping by using a key agreement scheme and block cipher We can locate content using a hash function Unlike BitTorrent, We can bind the identity of an author to content using a signature scheme We need a public key infrastructure to support the verification of signatures Side Note In a distributed system such as this, a Web of Trust is preferable to a TA.

  13. Introduction Cryptography in P2P Systems A P2P Web Browsing System Comparison of Implementations in C Summary Identify Security Requirements What Protocols Are Needed? Like BitTorrent, We can secure peer to peer communications from eavesdropping by using a key agreement scheme and block cipher We can locate content using a hash function Unlike BitTorrent, We can bind the identity of an author to content using a signature scheme We need a public key infrastructure to support the verification of signatures Side Note In a distributed system such as this, a Web of Trust is preferable to a TA.

  14. Introduction Cryptography in P2P Systems A P2P Web Browsing System Comparison of Implementations in C Summary Identify Security Requirements What Protocols Are Needed? Like BitTorrent, We can secure peer to peer communications from eavesdropping by using a key agreement scheme and block cipher We can locate content using a hash function Unlike BitTorrent, We can bind the identity of an author to content using a signature scheme We need a public key infrastructure to support the verification of signatures Side Note In a distributed system such as this, a Web of Trust is preferable to a TA.

  15. Introduction Cryptography in P2P Systems A P2P Web Browsing System Comparison of Implementations in C Summary Satisfy Security Requirements Schemes Implementing the Protocols Key Agreement Diffie-Hellman Block Cipher AES Hash Function SHA-256, MD6 Signature Scheme ElGamal, DSA Public Key Infrastructure custom based on DHT The Diffie-Hellman, ElGamal, and DSA schemes can be implemented in a Finite Multiplicative Group or on an Elliptic Curve over a Finite Field .

  16. Introduction Cryptography in P2P Systems A P2P Web Browsing System Comparison of Implementations in C Summary Satisfy Security Requirements A Brief Introduction to Elliptic Curve Cryptography An Elliptic Curve Over R 2 Definition An Elliptic Curve is the set E of solutions ( x , y ) ∈ R 2 to the equation y 2 = x 3 + ax + b together with a special point called the point at infinity .

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Peer-to-Peer Networks 09 Random Graphs for Peer-to-Peer-Networks Christian Ortolf Technical

Peer-to-Peer Networks 09 Random Graphs for Peer-to-Peer-Networks Christian Ortolf Technical

Peer-to-Peer Networks 09 Random Graphs for Peer-to-Peer-Networks Christian Ortolf Technical Faculty Computer-Networks and Telematics University of Freiburg Peer-to-Peer Networking Facts Hostile environment - Legal situation - Egoistic

882 views • 57 slides
Peer-to-Peer Networks 14 Security Christian Schindelhauer Technical Faculty Computer-Networks

Peer-to-Peer Networks 14 Security Christian Schindelhauer Technical Faculty Computer-Networks

Peer-to-Peer Networks 14 Security Christian Schindelhauer Technical Faculty Computer-Networks and Telematics University of Freiburg Cryptography in a Nutshelf Symmetric Cryptography - AES - Affine Cryptosystems Public-Key Cryptography -

474 views • 32 slides
Comparing Hybrid Peer-to-Peer Hybrid peer-to-peer systems Systems Beverly Yang and Hector

Comparing Hybrid Peer-to-Peer Hybrid peer-to-peer systems Systems Beverly Yang and Hector

Comparing Hybrid Peer-to-Peer Hybrid peer-to-peer systems Systems Beverly Yang and Hector Garcia-Molina Pure peer-to-peer systems are hard to scale Gnutella Look at hybrids between p2p and server-client Presented by Marco Barreno Servers

282 views • 6 slides
THE PEER-TO-PEER NETWORK JOHN NEWBERY @jfnewbery github.com/jnewbery THE PEER-TO-PEER NETWORK

THE PEER-TO-PEER NETWORK JOHN NEWBERY @jfnewbery github.com/jnewbery THE PEER-TO-PEER NETWORK

THE PEER-TO-PEER NETWORK JOHN NEWBERY @jfnewbery github.com/jnewbery THE PEER-TO-PEER NETWORK Introduction Types of nodes Message format Control messages Transaction propagation Block propagation THE PEER TO PEER

767 views • 38 slides
Serverless networking (peer-to-peer computing) Peer-to-peer models Client-server computing

Serverless networking (peer-to-peer computing) Peer-to-peer models Client-server computing

5/7/08 Serverless networking (peer-to-peer computing) Peer-to-peer models Client-server computing servers provide special services to clients clients request service from a server Pure peer-peer computing all systems have equivalent

586 views • 20 slides
Peer-to-Peer Networking and Discovery Technologies Week 6 Whats Peer-to-Peer? A different

Peer-to-Peer Networking and Discovery Technologies Week 6 Whats Peer-to-Peer? A different

Peer-to-Peer Networking and Discovery Technologies Week 6 Whats Peer-to-Peer? A different network architecture than client/server Each peer is both a client and a server Appropriate for applications that dont require a

353 views • 11 slides
NSYNC Network Synchronization for Low-latency Peer-to-Peer Streaming Overlay Construction

NSYNC Network Synchronization for Low-latency Peer-to-Peer Streaming Overlay Construction

NSYNC Network Synchronization for Low-latency Peer-to-Peer Streaming Overlay Construction Shudong Jin Case Western Reserve University NEONet Workshop, March 1, 2006 Peer-to-Peer Streaming Peer-to-peer systems versus client/server systems

292 views • 15 slides
THE POLITICS OF BLOCKCHAIN From Primus Inter Pares to Peer-to-Peer HOW BLOCKCHAIN WORKS In

THE POLITICS OF BLOCKCHAIN From Primus Inter Pares to Peer-to-Peer HOW BLOCKCHAIN WORKS In

THE POLITICS OF BLOCKCHAIN From Primus Inter Pares to Peer-to-Peer HOW BLOCKCHAIN WORKS In peer-to-peer networks, all the operations Peer-to-peer networks Proof-of-work equally rely on each node in the system. Digital signature Registry

328 views • 18 slides
Economics of Peer-to-Peer Markets Jonathan Levin Stanford

Economics of Peer-to-Peer Markets Jonathan Levin Stanford

Economics of Peer-to-Peer Markets Jonathan Levin Stanford University Lear Conference July 25, 2015 1 Internet Marketplaces 2 On-Demand Services 3 Introduction Peer-to-peer

1.02k views • 25 slides
Peer-to-Peer Computing Peer-to-Peer (P2P) employ distributed resources to perform function in a

Peer-to-Peer Computing Peer-to-Peer (P2P) employ distributed resources to perform function in a

Introduction Peer-to-Peer Computing Peer-to-Peer (P2P) employ distributed resources to perform function in a decentralized manner Resource can be: computing, storage, bandwidth Function can be: computing, data sharing, D.

625 views • 6 slides
5th Grade Peer Ambassadors Parkway Elementary What is a Peer Ambassador? A Peer Ambassador is a

5th Grade Peer Ambassadors Parkway Elementary What is a Peer Ambassador? A Peer Ambassador is a

5th Grade Peer Ambassadors Parkway Elementary What is a Peer Ambassador? A Peer Ambassador is a good role model! She or he proudly represents the 6 pillars of character: Trustworthiness, Respect, Responsibility, Fairness, Caring, Citizenship A

258 views • 7 slides
P2P: Distributed Hash Tables Chord + Routing Geometries Nirvan Tyagi CS 6410 Fall16

P2P: Distributed Hash Tables Chord + Routing Geometries Nirvan Tyagi CS 6410 Fall16

P2P: Distributed Hash Tables Chord + Routing Geometries Nirvan Tyagi CS 6410 Fall16 Peer-to-peer (P2P) Peer-to-peer (P2P) Decentralized! Hard to coordinate with peers joining and leaving Peer-to-peer (P2P) Napster (1999) Peer-to-peer

869 views • 68 slides
Lets Put a Peer Worker on Campus! Keely Phillips, Self Help & Peer Support OPDI

Lets Put a Peer Worker on Campus! Keely Phillips, Self Help & Peer Support OPDI

Lets Put a Peer Worker on Campus! Keely Phillips, Self Help & Peer Support OPDI Conference, October 2018 About Self Help & Peer Support Peer Navigator Services at Conestoga College A full-time Peer Navigator will provide:

579 views • 16 slides
Peer-to-Peer Networks 14 Game Theory Christian Schindelhauer Technical Faculty

Peer-to-Peer Networks 14 Game Theory Christian Schindelhauer Technical Faculty

Peer-to-Peer Networks 14 Game Theory Christian Schindelhauer Technical Faculty Computer-Networks and Telematics University of Freiburg Literature Feldman, Chuang Overcoming Free-Riding Behavior in Peer-to-Peer Systems, 2005

449 views • 24 slides
Chor d: A Scalable Peer-t o-peer Lookup Chor d: A Scalable Peer-t o-peer Lookup Ser vice f or I

Chor d: A Scalable Peer-t o-peer Lookup Chor d: A Scalable Peer-t o-peer Lookup Ser vice f or I

Chor d: A Scalable Peer-t o-peer Lookup Chor d: A Scalable Peer-t o-peer Lookup Ser vice f or I nt er net Applicat ions Ser vice f or I nt er net Applicat ions Ion Stoica, Robert Morris, David Karger, M. Frans Kaashoek, Hari Balakrishnan

533 views • 30 slides
Peer-to-Peer Networks 14 Security Christian Schindelhauer Technical Faculty Computer-Networks

Peer-to-Peer Networks 14 Security Christian Schindelhauer Technical Faculty Computer-Networks

Peer-to-Peer Networks 14 Security Christian Schindelhauer Technical Faculty Computer-Networks and Telematics University of Freiburg Free-Net Ian Clarke, Oskar Sandberg, Brandon Wiley, Theodore Hong, 2000 Goal - peer-to-peer network -

746 views • 36 slides
Trust in IoT and Its Applications Gyu Myoung Lee ITU-T Chair of FG-DPM, WP3/13 Co-chair, Q16/13

Trust in IoT and Its Applications Gyu Myoung Lee ITU-T Chair of FG-DPM, WP3/13 Co-chair, Q16/13

Workshop on Smart Sustainable Cities Samarkand, Uzbekistan, 1-2 June 2017 Trust in IoT and Its Applications Gyu Myoung Lee ITU-T Chair of FG-DPM, WP3/13 Co-chair, Q16/13 and Q4/20 Rapporteur LJMU UK/ KAIST Korea gmlee@kaist.ac.kr Contents

511 views • 22 slides
MASTERS THESIS INFORMATION April, 2020 Technology Management and Economics

MASTERS THESIS INFORMATION April, 2020 Technology Management and Economics

MASTERS THESIS INFORMATION April, 2020 Technology Management and Economics https://www.chalmers.se/en/departments/tme/education/masters- thesis/Pages/master-thesis.aspx AGENDA Aim, goal and relevance of masters thesis General

578 views • 24 slides
Portfolio of Work (9 pages) T H E N E X T R E V O L U T I O N I N R E T A I L AUGMENTED

Portfolio of Work (9 pages) T H E N E X T R E V O L U T I O N I N R E T A I L AUGMENTED

T H E N E X T R E V O L U T I O N I N R E T A I L AUGMENTED REALITY (AR) What is Augmented Reality Augmented Leads in Technology Visual Methodology Augmented Reality Forecast Multi-sided Marketing Model

280 views • 25 slides
40% 38% 1, 002 36% 34% 802 32% 602 30% 28% 402 26% 24% 202 22% 2 20%

40% 38% 1, 002 36% 34% 802 32% 602 30% 28% 402 26% 24% 202 22% 2 20%

40% 38% 1, 002 36% 34% 802 32% 602 30% 28% 402 26% 24% 202 22% 2 20% 002 , 802 602 402 202 2 % % 1 1 1 1 1 1 1 1 1 1 1 Retail demand

611 views • 35 slides
WORKPLACE SAFETY AND HEALTH OFFICER (WSH OFFICER) FORUM 19 SEPTEMBER 2019 AGENDA: MORNING

WORKPLACE SAFETY AND HEALTH OFFICER (WSH OFFICER) FORUM 19 SEPTEMBER 2019 AGENDA: MORNING

WORKPLACE SAFETY AND HEALTH OFFICER (WSH OFFICER) FORUM 19 SEPTEMBER 2019 AGENDA: MORNING SESSION 09:30 - 10:00 Registration for Government / Industry Stakeholders / Breakfast 10:00 Safety Briefing 10:05 Recital of Surah Al-Fatihah &

676 views • 40 slides
Welcome Back Students School Year 2020-2021 Introducing Adult Ed!?! Mr. Jesse Pappler

Welcome Back Students School Year 2020-2021 Introducing Adult Ed!?! Mr. Jesse Pappler

Welcome Back Students School Year 2020-2021 Introducing Adult Ed!?! Mr. Jesse Pappler Ive been in the district for 14 and a years Teacher & Coach at BCIT-Medford for 10 years 2 years I served as the AP/AD @ Medford

588 views • 26 slides
Maintenance Effectiveness: Maximizing the Utility of Facilities In Preparation for the Workgroup

Maintenance Effectiveness: Maximizing the Utility of Facilities In Preparation for the Workgroup

1 1 Draft Maryland Condition Index (MDCI) Webinar #3 Summary of Needs Weighting Facility Maintenance & Maintenance Effectiveness: Maximizing the Utility of Facilities In Preparation for the Workgroup on Assessment & Funding of

511 views • 12 slides
Vista del Lago High School 2 What is a High School Transcript? What is Course Credit? What is

Vista del Lago High School 2 What is a High School Transcript? What is Course Credit? What is

1 Vista del Lago High School 2 What is a High School Transcript? What is Course Credit? What is a four by four (4x4)? How do I pick my Classes? The Transcript 4 1. A Record 2. Legal Document 3. Permanent 4. Writes your story

487 views • 31 slides

More recommend