This application claims the priority of Korean Patent Application Nos. 2006-122979 filed on Dec. 6, 2006 and 2007-45194 filed on May 9, 2007, in the Korean Intellectual Property Office, the disclosure of which is incorporated herein by reference.
1. Field of the Invention
The present invention relates to security in communication and interaction among heterogeneous devices on a computer network, and more particularly, an identifier verification method and apparatus for establishing reliable communication and interactive infrastructure for nodes in a peer to peer (P2P) network.
2. Description of the Related Art
Peer to peer (P2P) networking is a very generic concept encompassing sharing of a system or network resource among a plurality of computing nodes. These computing nodes are referred to as peers as opposed to exiting servers or clients. Here, the resource is all-inclusive of a variety of factors such as computing power of peers, networking operation, and battery. Also, the sharing means not just copying of files but also effective distribution/search/acquisition of the resource.
Therefore, peers of the P2P network collaborate and interact with one another to share the resource effectively. This P2P network is generally formed of numerous peers, and respective peers are scattered on a global Internet and connected via an Internet network.
In implementing a global-scale P2P network, it is crucial to assign a unique identifier to each of the peers and their shared resource and mange the identifier. Notably, in the P2P network, only information for identifying a counterpart peer is the identifier and the P2P network operation is dependent on the identifier. Accordingly, management of the identifiers is intimately related to security of the P2P network. Therefore, to build a secure network environment, the P2P nodes should determine whether the identifiers are reliable, at any time.
However, so far, the P2P network has focused identifier management chiefly on pinpointing location of the peers and resource via the identifiers, while not addressing reliability of the information. Moreover, users can join and leave the P2P network freely and the P2P network does not act as a management server or plays a very limited role thereof. In addition, the P2P network generates the identifiers without limits, thereby rendering it hard to determine whether the identifiers are reliable.
As a result, the P2P network is vulnerable in terms of the identifier-related security, thus entailing problems of mis-route, deceit, and interruption caused by forgery of the identifiers. This accordingly has called for a technology for detecting possible forgery of the identifiers and ensuring reliability thereof.
An aspect of the present invention provides an identifier verification method for detecting possible forgery of identifiers without an aid of a management server (or manager) to solve security problems with the identifiers in a serverless distributed P2P network.
An aspect of the present invention also provides an identifier verification method for precluding attacks such as mis-rout, deceit and interruption caused by forgery of the identifiers in a process where a node of a serverless distributed P2P network obtains an identifier of a peer node thereof or in a communication process thereafter.
According to an aspect of the present invention, there is provided an identifier verification method for determining whether an identifier of a second peer node is reliable, at first peer node, in a distributed peer to peer network without a server, the network having a plurality of peer nodes connected to an Internet, the identifier verification method including: obtaining the identifier of the second peer node; requesting identifier verification for checking whether the identifier of the second peer node is forged, by using a cryptographic method via a third peer node randomly selected, when receiving a request for the identifier verification from a user; and verifying reliability of the identifier of the second peer node depending on a result of the identifier verification request.
According to another aspect of the present invention, there is provided an identifier verification method in a peer to peer network, a distributed peer to peer network without a server, the server having a plurality of peer nodes connected to an Internet, the identifier verification method including: transmitting and receiving an identifier verification request message and a response message to obtain an identifier of a counterpart second peer node, the transmitting and receiving performed by a first peer node; transmitting an identifier proxy verification request message to a third peer node randomly selected, the transmitting performed by the first peer node; transmitting an identifier proxy verification transmission message to the second peer node when the third peer node receives the identifier proxy verification request message, the transmitting performed by the third peer node; transmitting an identifier verification authentication message including authentication information obtained by performing the identifier verification authentication to the first peer node when the second peer node receives the identifier proxy verification transmission message, the transmitting performed by the second peer node; and determining whether the identifier of the second peer node is reliable depending on the authentication information obtained from the identifier verification authentication message, the determining performed by the first peer node.
The above and other aspects, features and other advantages of the present invention will be more clearly understood from the following detailed description taken in conjunction with the accompanying drawings, in which:
The above and other aspects, features and other advantages of the present invention will be more clearly understood from the following detailed description taken in conjunction with the accompanying drawings, in which:
Exemplary embodiments of the present invention will now be described in detail with reference to the accompanying drawings. In the following description, well-known functions and construction are not described in detail since they would obscure the intention in unnecessary detail.
According to exemplary embodiments of the present invention, a description will be given of a cryptographically robust identifier verification method for increasing a successful verification rate by using a serverless distributed peer to peer (P2P) network. First, a P2P network structure for applying the present embodiment will be described with reference to
Referring to
The peer nodes 10a to 10e may be present on an identical subnet and be distributed across the world, directly and indirectly connected with one another. For example, when one 10a of the nodes is to transmit data to the other node 10c, the node 10b may function to transmit the data. Moreover, each of the peer nodes 10a to 10e is located differently, thus gathering information about the other peer nodes. The information gathered in this fashion is managed as peer identifier lists 30a to 30e by the peer nodes 10a to 10e, respectively. These respective peer identifier lists 30a to 30e are subsets of the peers present in the entire P2P network. One of the peer identifier lists may be different from the other peer identifier list.
The peer node 10a to 10e generally may be Internet-connectable computers and communication devices such as personal computers (PC), personal digital assistants (PDAs), lap top computers, servers and mobile phones. Specific methods for connecting these computers and communication devices to the Internet do not affect the scope of the invention. Also, a resource shared by collaboration among the peer nodes in the specific P2P network may vary according to characteristics of the network, and the present embodiment is not limited to the specific P2P network as described above.
The peer node 10a to 10e does not function as a management server (or manager). Therefore, due to absence of the management regulation, the peer node 10a to 102 may join or leave the network at any time.
An identifier verification method in the P2P network configured as above will be described according to an exemplary embodiment of the invention. First, operations of one peer node verifying an identifier of the other peer node will be described in detail.
Referring to
Then, in operation 103, the first peer node 10a randomly selects a third peer node 10c, a proxy verifier, in a peer identifier list, and transmits an identifier proxy verification message to the selected third peer node 10c. Accordingly, in operation 104, the third peer node 10c transmits an identifier proxy verification transmission message to the second peer node 10b.
Thereafter, in operation 105, the second peer node 10b transmits an identifier verification authentication message to the first peer node 10a. In turn, the first peer node 10a interprets the identifier verification authentication message and identifies an identifier verification result of the second peer node 10b.
Then, the operations described above will be explained in detail.
In the operations, the first peer node 10a performs identifier verification and determines whether the identifier of the second peer node 10b is forged, thereby verifying reliability of the identifier. Operations of the first peer node 10a performing the identifier verification will be described with reference to
Referring to
Meanwhile, when there is no identifier of the second peer node 10b in operation 203, the first peer node 10a transmits an identifier search request message in operation 206. Here, the identifier search request message is transmitted typically by broadcasting, which may be implemented by various methods. The present embodiment is not limited to a specific P2P identifier search method.
Next, a description will be given in detail of operations of the first peer node receiving a result of the identifier search request during identifier verification according to an exemplary embodiment of the invention with reference to
In operation 301, the first peer node 10a receives the identifier and IP address of the second peer node 10b newly searched in response to the identifier search request message. In operation 302, the first peer node 10a stores the received identifier and IP address in the local peer identifier list. Here, such an identifier response message may be transmitted by a variety of peer nodes constituting the P2P network as shown in
Then, in operation 303, the first peer node 10a checks whether capable of verifying the received identifier at the request of the user. In a case where the first peer node 10a is not capable of performing the identifier verification, the first peer node 10a finishes the operation immediately. On the other hand, in a case where the first peer node 10a is capable of performing the identifier verification, in operation 304, the first peer node 10a sets a parameter necessary for the identifier verification and in operation 305, transmits the identifier verification request message to the second peer node 10b.
To set the parameter necessary for the identifier verification, the first peer node 10a generates a session identifier sid by Equation 1:
sid
i
=h(IDi|0|0|Ni|IPi) Equation 1
where h denotes a cryptographic hash function, and IDi denotes an identifier of the first peer node 10a. “|” denotes a connection between a first string and a second string. Connecting the first string to a string marked with 0 is the same as connecting the first string to nothing. The first peer node 10a generates the session identifier with second and third strings set to 0. Ni denotes a random one-time string (nonce) and IPi denotes an Internet Protocol (IP) address of the first peer node 10a.
Also, the identifier verification request message generated by the first peer node 10a and transmitted to the second peer node 10b has a format satisfying Equation 2:
<“request”|IDi|IDt|Ni> Equation 2
where “request” denotes a string indicating that the message is for the identifier verification request, IDi denotes the identifier of the first peer node 10a, IDt denotes the identifier of the second peer node 10b whose identifier is to be verified, and Ni denotes a random one-time random string identical to the string of the afore-mentioned Equation 1.
Operations of the second peer node receiving the identifier verification request message will be described in detail with reference to
Referring to
To generate the identifier verification response message in operation 402, the second peer node 10b generates a session identifier thereof by Equation 3 below.
sid
t
=h(IDt|Pt|Ni|NtIPt) Equation 3,
where h denotes a cryptographic hash function, IDt denotes the identifier of the second peer node 10b, “|” denotes a connection between a first string and a second string, Pt denotes a public key self-generated by the second peer node 10b, Ni denotes a random one-time string included in the identifier verification request message of Equation 2, and Nt denotes a random one-time string generated by the second peer node 10b. The second peer node 10b also generates the session identifier sidi identical to the session identifier generated by the first peer node 10a according to Equation 1. Information necessary for the second peer node 10b to generate the session identifier sidi is included in the identifier verification request message received in operation 401.
The identifier verification response message generated from the second peer node 10b has a format satisfying Equation 4.
<“response”|sidt|PtEP
where “response” denotes a string indicating that the message is for the identifier verification response, sidt denotes the session identifier of the second peer node 10b, Pt and Rt denote a pair of the public key and a private key self-generated by the second peer node 10b. Ep
Operations of the first peer node receiving the identifier verification response message will be described with reference to
Referring to
To generate the identifier proxy verification message in operation 502, the first peer node 10a generates a key value k by following Equation 5:
k=E
P
(Nv|Nt) Equation 5,
where Nv denotes a random one-time string newly generated by the first peer node 10a for identifier verification.
Also, the identifier proxy verification request message has a format satisfying following Equation 6:
<“delegate_request”|sidt|sidd|sidi|k|Pi|SR
where “delegate_request” denotes a string indicating that the message is for the identifier proxy verification request, sidt denotes the session identifier of the second peer node 10b received according to Equation 4, sidd denotes a session identifier of the third peer node 10c, sidi denotes the session identifier of the first peer node 10a generated according to Equation 1, k denotes a key value generated according to Equation 5, Pi and Ri denote a pair of a public key and a private key self-generated by the first peer node 10a, and SR
In operation 503, the first peer node 10a randomly selects the third peer node from the peer identifier list thereof. The third peer node 10c selected as an identifier proxy verifier generates an identifier sidd thereof by Equation 7:
sid
d
=h(IDd|0|0|0|IPd) Equation 7,
where IDd denotes the identifier of the third peer node, and IPd denotes an IP address of the third peer node.
A description will be given in detail of operations of the third peer node 10c receiving the identifier proxy verification request message transmitted from the first peer node 10a, with reference to
Referring to
Accordingly, in operation 602, the third peer node 10c checks electronic signature included in the identifier proxy verification message, and in operation 603, determines whether the electronic signature is correct. When the third peer node 10c determines the electronic signature to be not correct, the third peer node 10c finishes the operation. Meanwhile, when the third peer node 10c determines the electronic signature to be correct, in operation 604, the third peer node 10c generates an identifier proxy verification transmission message and transmits the identifier proxy verification transmission message generated in operation 605 to the second peer node 10b. Through this operation of transmitting the identifier proxy verification transmission message, the key value k is indirectly transmitted to the second peer node 10b. The third peer node 10c generates the identifier proxy verification transmission message by following Equation 8.
<“foward_delegate_|request”|sidt|sidt|sidd|k|Pd|SR
where “foward_delegate_request” denotes a string indicating that the message is for the identifier proxy verification transmission, sidt denotes the session identifier of the second peer node 10b received according to Equation 6, sidd denotes a session identifier of the third peer node 10c, k denotes the key value received according to Equation 6, Pd and Rd denote a pair of a public key and a private key generated by the third peer node 10c, and SR
The identifier proxy verification transmission message generated in this fashion is transmitted to the second peer node 10b and subsequent operations of the second peer node 10b will be described in detail with reference to
Referring to
Then in operation 703, the second peer node 10b determines whether the checked electronic signature is correct. When the electronic signature is determined to be not correct, the second peer node 10b finishes the operation. Meanwhile, when the electronic signature is determined to be correct, in operation 704, the second peer node 10b checks whether information included in the identifier proxy verification transmission message is identical to information included in the identifier verification request message. When the two information are not identical to each other, the second peer node 10b finishes the operation. Meanwhile, when the two information are identical to each other, the second peer node 10b generates an identifier verification authentication message in operation 705 and transmits the generated identifier verification authentication message to the first peer node 10a in operation 706.
When generating the identifier verification message in operation 704, the second peer node 10b decodes the key value k included in the identifier proxy verification transmission message using the private key Rt thereof to obtain an Nx value according to Equation 5, and checks whether the Nt value1 is identical to the value self-generated by Equation 3. An authentication value pr authenticated by this checking is obtained by Equation 9. Here, the authentication value pr is included in the identifier verification authentication message.
pr=h(sidt|sidi|Nv) Equation 9,
When receiving the identifier verification authentication message from the second peer node 10a in this fashion, the first peer node 10c performs operations as shown in
Referring to
Selection of the new proxy verifier and subsequent repetition of the identifier verification as described above serve as a follow-up measure against failed verification and constitute a significant feature of the invention, thereby enhancing reliability of the identifier verification. That is, even when the identifier verification result is successful, the firs peer node 10a may repeat the identifier verification. Particularly, the identifier verification is repeated three and four time but may be performed regularly or irregularly during future communication between the first peer node 10 and the second peer node 10b, thereby further increasing reliability. Specific implementation methods thereof may vary and will not be explained in the present embodiment.
As set forth above, according to exemplary embodiments of the invention, peers in a serverless P2P network are guaranteed with reliable identifiers. Also, reliability of the peers may be checked immediately if necessary, thereby suitable for the P2P network with numerous nodes. Moreover, one or more identifiers of the serverless P2P network are prevented from being forged by an attacker, thereby precluding attacks such as mis-route, deceit and interruption.
While the present invention has been shown and described in connection with the exemplary embodiments, it will be apparent to those skilled in the art that modifications and variations can be made without departing from the spirit and scope of the invention as defined by the appended claims.
Number | Date | Country | Kind |
---|---|---|---|
10-2006-122979 | Dec 2006 | KR | national |
10-2007-45194 | May 2007 | KR | national |