RIAPPA: a Robust Identity Assignment Protocol for P2P overlays

Peer-to-peer (P2P) overlay networks have been proposed to solve routing problems of big distributed infrastructures, even for Internet scale. But the research community has been questioning the security of these networks for years. Most prior work in security services was focused on trust and reputation systems, anonymity, and secure routing. However, the proper management of identities in overlays is an important prerequisite to provide most of these security services. In this paper, we propose a protocol to control the access to a P2P overlay and to assign identities in a secure way; all this preserving the anonymity of users. This protocol involves two trusted third parties (TTPs), thanks to which it is possible to preserve the users' anonymity within the network without losing traceability. Users are authenticated by a TTP using real-world digital certificates, they select their network identifier jointly with the other TTP, and finally, the two TTPs issue the internal certificate to them. The protocol also provides revocability and protection against Sybil attacks, Eclipse attacks, whitewashers, and so on. A detailed protocol description is presented, and a performance and security analysis of the protocol is also provided. Copyright (c) 2014 John Wiley & Sons, Ltd.