[p2p-hackers] P2P Authentication
Bryan Turner
bryan.turner at pobox.com
Tue Oct 25 15:20:39 UTC 2005
Frank,
Davide's suggestion is correct, your situation is exactly what the
Public Key Infrastructure was designed to handle. [1]
Under PKI a node must first register with the central authority, who
signs the public key of the new node. This step need only be done once for
each entity in the network (you can be the CA for your network).
Later, when two nodes in the network meet, they simply exchange
public keys and check the signature. Authentication is implicit if you hold
a signed public key and its private counterpart. SSL uses this type of
mechanism (given the correct options), and is well documented in
RFCs/TechNotes [2].
Using PKI, each client must store only one key pair, the central
authority's public key, and the CA's signature on their public key.
You should be aware that revoking authentication is very cumbersome
and requires active participation by the clients. This tends to be a weak
link in PKI deployments. I prefer to sign keys as a 'lease' for some amount
of time (weeks/months) and they are automatically rejected after this time,
not sure if this extension has made it into the newer versions of SSL yet.
[1] PKI : http://www.pki-page.org/
[2] SSL/TLS : http://www21.ocn.ne.jp/~k-west/SSLandTLS/index-e.html
--Bryan
bryan.turner at pobox.com
-----Original Message-----
From: p2p-hackers-bounces at zgp.org [mailto:p2p-hackers-bounces at zgp.org] On
Behalf Of Davide Carboni
Sent: Tuesday, October 25, 2005 10:23 AM
To: Peer-to-peer development.
Subject: Re: [p2p-hackers] P2P Authentication
I have a similar problem. Currently I'm thinking to use socket over SSL to
establish a connection between peers. So my idea is:
(1) a unique certification authority CA for the community issues
certificates to participants who are entitled to join
(2) once p1 connects to p2, ssl authentication via certificate is requested
both for the 'client' and for the 'server'. If both certificates are issued
by CA the connection is up otherwise the connection fails.
This way, there is no need to connect to a central DB and there are not
shared secrets but each node must keep secret its private key.
I'm just concerned about performances.
D.
More information about the P2p-hackers
mailing list