Pace-Maker: a System of Cryptographic Pulsations for Peer-to-Peer Networks

1  Introduction

Cryptographic architectures, such as Private Key Infrastructures (PKI), do not scale very well with the number of participants in the network. Indeed, these architectures assume that only a centralized authority in the system is trusted, and so, put a high load on this authority when the number of participants increases. Attempts to increase their scalability lead to complex architectures[Wölfl, 2005, Berket etal., 2004], whose behavior in a real network is hard to predict.

In the Pace-Maker project, we investigate the use of a cryptographic pulsation system, a new scalable cryptographic architecture taking advantage of the dynamic properties of peer-to-peer networks to increase the scalability of the centralized authority.

We plan to use the Pace-Maker architecture for two applications:

• An availability monitoring service for peer-to-peer networks: peers can query other peers about their availability periods, and the system prevents them from lying.
• A scalable signature service: peers can submit documents to be signed by the central authority; even in the case where millions of peers submit documents, the load on the central authority remains so low, that even an home computer can act as that central authority.

2  Cryptographic Pulsations Systems

In the following, we give an overview of the behavior of a Cryptographic Pulsation System.

We assume the existence of a trusted authority in the system, in the form of a private key, distributed on a small set of trusted peers, the servers, and an associated public key, that is known by all the peers in the system. Servers are normal peers in the system, i.e. we don't require them to have better characteristics than other peers, except for a good availability. Cryptographic Pulsations Protocols are designed so that they remain scalable even when the set of servers is a singleton.

All online peers in the network, including the servers, are connected in a Gnutella-like network: from time to time, a server generates a pulsation, i.e. a message signed by the central authority private key, that is diffused in the network, from the server to its neighbours, and then from neighbours to their neighbours until it reaches everybody in the network.

In our current applications, we focus on the use of two kinds of pulsations:

• Single Pulsations are just propagated once in the network. The information they contain is later used by the peers to reply to challenges.
• Double Pulsations are composed of two pulsations. The first one is used to build a one-time tree in the network, on which data is collected from the peers, aggregated and send backward to the server. A second pulsation is generated to send the aggregated information to all peers in the network.

References

[Berket etal., 2004]

Berket, K., Essiari, A., and Muratas, A. (2004). Pki-based security for peer-to-peer information sharing. In Proceedings of the Fourth IEEE International Conference on Peer-to-Peer Computing.

[Wölfl, 2005]

Wölfl, T. (2005). Public-key-infrastructure based on a peer-to-peer network. In HICSS. IEEE Computer Society.

This document was translated from L^AT_EX by H^EV^EA.