Security Analysis of Current Peer-to-Peer Networks

posted in #IT Security, Mobile & Cloud on the 22.05.2019

This project analyses the security concepts of currently deployed peer-to-peer networks. The recent hype about cryptocurrencies has also been pushing decentralisation ideas, which are gaining in popularity. Compared to early work on peer-to-peer systems, these modern designs typically come with a comprehensive security concept that forms an integral part of the system architecture. However, current findings on the subject of peer-to-peer security that emerged from a previous A-SIT project rause doubts about the effectiveness of these concepts. Therefore, IPFS, which is positioned as a versatile peer-to-peer network layer and catalyst for decentralisation efforts, was analysed reagrding potential vulnerabilities. Some partially successful practically relevant attacks could be mounted and in some cases network nodes could be cut off from the rest of the network.
In addition, the attached report provides an overview of the security concepts of BitTorrent and Bitcoin. Moreover, a new security concept for decentralised peer-to-peer networks based on Android remote attestation procedures is presented, the technical details of which are provided as part of a paper to be presented during the 16th International Conference on Security and Cryptography 2019.

Downloads

File Description File size
pdf Project Report (DE) Version 1.0 of 21.05.2019 (German only)
527 KB
pdf Paper Master of Puppets: Trusting Silicon in the Fight for Practical Security in Fully Decentralised Peer-to-Peer Networks, SECRYPT 2019 (Pre-Print)
309 KB