PEER-TO-PEER SECURITYSECURITY ISSUES IN P2PP2P SECURITY PROTOCOLP2P SECURITY PROTOCOL (contd.)Slide 6Slide 7Slide 8Slide 9QUESTIONS ?PEER-TO-PEER SECURITYPEER-TO-PEER SECURITYPRESENTEDPRESENTEDBYBYSHRUTI PARIHARSHRUTI PARIHARSTEGANOGRAPHYSTEGANOGRAPHYDENIAL OF SERVICE ATTACKDENIAL OF SERVICE ATTACKIMPERSONATIONIMPERSONATIONENCRYPTION CRACKINGENCRYPTION CRACKINGNON-ENCRYPTED IMNON-ENCRYPTED IMEAVESDROPPINGEAVESDROPPINGTROJANS, VIRUSES, BUGSTROJANS, VIRUSES, BUGSSECURITY ISSUES IN P2PSECURITY ISSUES IN P2PSECURITY ISSUES IN P2PP2P SECURITY PROTOCOLP2P SECURITY PROTOCOLCONCEPTSCONCEPTS PEER GROUPSPEER GROUPS GROUP AUTHORITYGROUP AUTHORITY ACL MANAGEMENTACL MANAGEMENT GROUP MEMBERSHIPGROUP MEMBERSHIP KK-1-1GAGA(G, EXP, g(G, EXP, gRaRa mod p) signed by GA mod p) signed by GAP2P SECURITY PROTOCOLP2P SECURITY PROTOCOL(contd.)(contd.)TWO-PHASESTWO-PHASES LOGIN PROTOCOLLOGIN PROTOCOL USER LOGINUSER LOGIN AUTHORITY LOGINAUTHORITY LOGIN MUTUAL AUTHENTICATIONMUTUAL AUTHENTICATION PROTOCOLPROTOCOLP2P SECURITY PROTOCOLP2P SECURITY PROTOCOL(contd.)(contd.)LOGIN PROTOCOL OVERVIEWLOGIN PROTOCOL OVERVIEW PASSWORD, PASSWORD-ID, ACL’s PASSWORD, PASSWORD-ID, ACL’s DIFFIE-HELMAN KEY EXCHANGEDIFFIE-HELMAN KEY EXCHANGE ggRtuRtu mod p, g mod p, gRtaRta mod p, K = g mod p, K = gRtuRtaRtuRta mod p mod p CHALLENGE RESPONSE CHALLENGE RESPONSE RSA ENCRYPTED CERTIFICATESRSA ENCRYPTED CERTIFICATESP2P SECURITY PROTOCOLP2P SECURITY PROTOCOL(contd.)(contd.)LOGIN PROTOCOLLOGIN PROTOCOLU->A: H, G, PID, P(gU->A: H, G, PID, P(gRtuRtu mod p), D mod p), DKKrand rand = g= gRtuRtaRtuRta mod p mod pA->U: H, P(gA->U: H, P(gRtaRta mod p), K mod p), Krandrand(C(CAA), D), DU->A: KU->A: Krandrand(H, REQUEST, C(H, REQUEST, CAA, C, CUU, D), D)A->U: KA->U: Krandrand(H, C(H, CUU, RESPONSE, D), RESPONSE, D)P2P SECURITY PROTOCOLP2P SECURITY PROTOCOL(contd.)(contd.)MUTUAL AUTHENTICATION MUTUAL AUTHENTICATION PROTOCOL OVERVIEWPROTOCOL OVERVIEW DIGITAL CERTIFICATES DIGITAL CERTIFICATES DIFFIE-HELMAN KEY EXCHANGEDIFFIE-HELMAN KEY EXCHANGE ggRtuRtu mod p, g mod p, gRtaRta mod p, K = g mod p, K = gRtuRtaRtuRta mod p mod p CHALLENGE RESPONSE CHALLENGE RESPONSEP2P SECURITY PROTOCOLP2P SECURITY PROTOCOL(contd.)(contd.)MUTUAL AUTHENTICATIONMUTUAL AUTHENTICATIONU1->U2: H, G, GMU1->U2: H, G, GMU1U1, D, DK= gK= gRu1Ru2Ru1Ru2 mod p mod pU2->U1: H, GMU2->U1: H, GMU2U2, K(C, K(CU2U2), D), DU1->U2: K(H, CU1->U2: K(H, CU1U1, C, CU2U2, D), D)U2->U1: K(H, CU2->U1: K(H, CU1U1, D), D)KKrandrand = g = gRu1Ru2Cu1Cu2Ru1Ru2Cu1Cu2 mod p mod pQUESTIONS ?QUESTIONS
View Full Document