WebSocket vs WebRTC in the stream overlays of the Streamr Network

The Streamr Network is a decentralized publish-subscribe system. This thesis experimentally compares WebSocket and WebRTC as transport protocols in the system’s d-regular random graph type unstructured stream overlays. The thesis explores common designs for publish-subscribe and decentralized P2P systems. Underlying network protocols including NAT traversal are explored to understand how the WebSocket and WebRTC protocols function. The requirements set for the Streamr Network and how its design and implementations fulfill them are discussed. The design and implementations are validated with the use simulations, emulations and AWS deployed real-world experiments. The performance metrics measured from the real-world experiments are compared to related work. As the implementations using the two protocols are separate incompatible versions, the differences between them was taken into account during analysis of the experiments. Although the WebSocket versions overlay construction is known to be inefficient and vulnerable to churn, it is found to be unintentionally topology aware. This caused the WebSocket stream overlays to perform better in terms of latency. The WebRTC stream overlays were found to be more predictable and more optimized for small payloads as estimates for message propagation delays had a MEPA of 1.24% compared to WebSocket’s 3.98%. Moreover, the WebRTC version enables P2P connections between hosts behind NATs. As the WebRTC version’s overlay construction is more accurate, reliable, scalable, and churn tolerant, it can be used to create intentionally topology aware stream overlays to fully take over the results of the WebSocket implementation

Security in peer-to-peer communication systems

P2PSIP (Peer-to-Peer Session Initiation Protocol) is a protocol developed by the IETF (Internet Engineering Task Force) for the establishment, completion and modi¿cation of communication sessions that emerges as a complement to SIP (Session Initiation Protocol) in environments where the original SIP protocol may fail for technical, ¿nancial, security, or social reasons. In order to do so, P2PSIP systems replace all the architecture of servers of the original SIP systems used for the registration and location of users, by a structured P2P network that distributes these functions among all the user agents that are part of the system. This new architecture, as with any emerging system, presents a completely new security problematic which analysis, subject of this thesis, is of crucial importance for its secure development and future standardization. Starting with a study of the state of the art in network security and continuing with more speci¿c systems such as SIP and P2P, we identify the most important security services within the architecture of a P2PSIP communication system: access control, bootstrap, routing, storage and communication. Once the security services have been identi¿ed, we conduct an analysis of the attacks that can a¿ect each of them, as well as a study of the existing countermeasures that can be used to prevent or mitigate these attacks. Based on the presented attacks and the weaknesses found in the existing measures to prevent them, we design speci¿c solutions to improve the security of P2PSIP communication systems. To this end, we focus on the service that stands as the cornerstone of P2PSIP communication systems¿ security: access control. Among the new designed solutions stand out: a certi¿cation model based on the segregation of the identity of users and nodes, a model for secure access control for on-the-¿y P2PSIP systems and an authorization framework for P2PSIP systems built on the recently published Internet Attribute Certi¿cate Pro¿le for Authorization. Finally, based on the existing measures and the new solutions designed, we de¿ne a set of security recommendations that should be considered for the design, implementation and maintenance of P2PSIP communication systems.Postprint (published version

Security for Decentralised Service Location - Exemplified with Real-Time Communication Session Establishment

Decentralised Service Location, i.e. finding an application communication endpoint based on a Distributed Hash Table (DHT), is a fairly new concept. The precise security implications of this approach have not been studied in detail. More importantly, a detailed analysis regarding the applicability of existing security solutions to this concept has not been conducted. In many cases existing client-server approaches to security may not be feasible. In addition, to understand the necessity for such an analysis, it is key to acknowledge that Decentralised Service Location has some unique security requirements compared to other P2P applications such as filesharing or live streaming. This thesis concerns the security challenges for Decentralised Service Location. The goals of our work are on the one hand to precisely understand the security requirements and research challenges for Decentralised Service Location, and on the other hand to develop and evaluate corresponding security mechanisms. The thesis is organised as follows. First, fundamentals are explained and the scope of the thesis is defined. Decentralised Service Location is defined and P2PSIP is explained technically as a prototypical example. Then, a security analysis for P2PSIP is presented. Based on this security analysis, security requirements for Decentralised Service Location and the corresponding research challenges -- i.e. security concerns not suitably mitigated by existing solutions -- are derived. Second, several decentralised solutions are presented and evaluated to tackle the security challenges for Decentralised Service Location. We present decentralised algorithms to enable availability of the DHTs lookup service in the presence of adversary nodes. These algorithms are evaluated via simulation and compared to analytical bounds. Further, a cryptographic approach based on self-certifying identities is illustrated and discussed. This approach enables decentralised integrity protection of location-bindings. Finally, a decentralised approach to assess unknown identities is introduced. The approach is based on a Web-of-Trust model. It is evaluated via prototypical implementation. Finally, the thesis closes with a summary of the main contributions and a discussion of open issues

Enabling technologies for decentralized interpersonal communication

In the recent years the Internet users have witnessed the emergence of Peer-to-Peer (P2P) technologies and applications. One class of P2P applications is comprised of applications that are targeted for interpersonal communication. The communication applications that utilize P2P technologies are referred to as decentralized interpersonal communication applications. Such applications are decentralized in a sense that they do not require assistance from centralized servers for setting up multimedia sessions between users. The invention of Distributed Hash Table (DHT) algorithms has been an important, but not an inclusive enabler for decentralized interpersonal communication. Even though the DHTs provide a basic foundation for decentralization, there are still a number of challenges without viable technological solutions. The main contribution of this thesis is to propose technological solutions to a subset of the existing challenges. In addition, this thesis also presents the preliminary work for the technological solutions. There are two parts in the preliminary work. In the first part, a set of DHT algorithms are evaluated from the viewpoint of decentralized interpersonal communication, and the second part gives a coherent presentation of the challenges that a decentralized interpersonal communication application is going to encounter in mobile networks. The technological solution proposals contain two architectures and two algorithms. The first architecture enables an interconnection between a decentralized and a centralized communication network, and the second architecture enables the decentralization of a set of legacy applications. The first algorithm is a load balancing algorithm that enables good scalability, and the second algorithm is a search algorithm that enables arbitrary searches. The algorithms can be used, for example, in DHT-based networks. Even though this thesis has focused on the decentralized interpersonal communication, some of the proposed technological solutions also have general applicability outside the scope of decentralized interpersonal communication

Randomness, Age, Work: Ingredients for Secure Distributed Hash Tables

Distributed Hash Tables (DHTs) are a popular and natural choice when dealing with dynamic resource location and routing. DHTs basically provide two main functions: saving (key, value) records in a network environment and, given a key, find the node responsible for it, optionally retrieving the associated value. However, all predominant DHT designs suffer a number of security flaws that expose nodes and stored data to a number of malicious attacks, ranging from disrupting correct DHT routing to corrupting data or making it unavailable. Thus even if DHTs are a standard layer for some mainstream systems (like BitTorrent or KAD clients), said vulnerabilities may prevent more security-aware systems from taking advantage of the ease of indexing and publishing on DHTs. Through the years a variety of solutions to the security flaws of DHTs have been proposed both from academia and practitioners, ranging from authentication via Central Authorities to social-network based ones. These solutions are often tailored to DHT specific implementations, simply try to mitigate without eliminating hostile actions aimed at resources or nodes. Moreover all these solutions often sports serious limitations or make strong assumptions on the underlying network. We present, after after providing a useful abstract model of the DHT protocol and infrastructure, two new primitives. We extend a “standard” proof-of-work primitive making of it also a “proof of age” primitive (informally, allowing a node to prove it is “sufficiently old”) and a “shared random seed” primitive (informally, producing a new, shared, seed that was completely unpredictable in a “sufficiently remote” past). These primitives are then integrated into the basic DHT model obtaining an “enhanced” DHT design, resilient to many common attacks. This work also shows how to adapt a Block Chain scheme – a continuously growing list of records (or blocks) protected from alteration or forgery – to provide a possible infrastructure for our proposed secure design. Finally a working proof-of-concept software implementing an “enhanced” Kademlia-based DHT is presented, together with some experimental results showing that, in practice, the performance overhead of the additional security layer is more than tolerable. Therefore this work provides a threefold contribution. It describes a general set of new primitives (adaptable to any DHT matching our basic model) achieving a secure DHT; it proposes an actionable design to attain said primitives; it makes public a proof-of-concept implementation of a full “enhanced” DHT system, which a preliminary performance evaluation shows to be actually usable in practice