Architecture and components of secure and anonymous peer-to-peer systems

Changes to lower layers of the Internet architecture are difficult, in particular on network and transport layer. Standardization and economic incentives for manufacturers and Internet service providers are necessary. As a consequence, many desirable services cannot be realized there. The application layer is more flexible. End-users can run their own services and networked applications. This led to the advent of Peer-to-Peer systems in the late 1990ies. Peer-to-Peer systems enable normal users to provide the services instead. Despite the subsequent hype and research, the Peer-to-Peer paradigm is not yet a fully mature technology. In particular, it faces severe and fundamental security issues. This dissertation covers three major topics: Peer-to-Peer, Security, and Anonymity. We will present and evaluate components and a variety of aspects of the architecture of Peer-toPeer systems. Many classifications of Peer-to-Peer systems are not suitable for describing or designing a system. There is often a focus on a small number of aspects, that do not cover all problems from bootstrapping over routing to security. We see Peer-to-Peer systems as a combination of a set of solutions. Each solution solves a particular problem and some common problems are presented as categories. This is not only suitable for filesharing applications, but also valid for commercial or future Peer-to-Peer applications. Description is, however, not our primary goal. We think that structuring the problem of a Peer-to-Peer system into necessary components helps to design Peer-to-Peer systems and to structure the problems that need to be solved. Optimization is another issue. In case of Peer-to-Peer systems this includes a suitable distribution of load among the peers and the reduction of distances (latency) in the network. Systems do not necessarily end up with a uniform load. In fact, we show that most systems will not. We discuss load balancing for a distributed gaming application. A particular problem for load balancing is also that items usually do not have a uniform weight. Given the common Power Law distributions some items may have an extreme weight so that load balancing can only succeed if the handling of this item is further distributed among multiple nodes. For the optimization of distances we looked at Proximity Node Selection and evaluated its impact. We created a diagram for the selection of solutions for both problems when designing a system. Security is a big problem for Peer-to-Peer systems and many security issues are caused by inherent properties of these systems. We categorize the security problems and introduce the Cheapriding attack. It is a variant of freeriding and operates against reputation systems. It can hardly be stopped completely. The basic idea to mitigate the attack is to adapt the benefit gained for a good action in a reputation systems as good as possible to the actual cost of the action. The attack may be detected by checking the weight of positive and negative feedback. Security in this thesis is not limited to security purely for Peer-toPeer systems. The performance of cryptographic operations and transport protocols goes beyond the scope of Peer-to-Peer systems. We conclude that performance of symmetric cryptography is not a bottleneck on today’s hardware. In our studies hash functions were often more expensive than encryption. Also from this perspective it is good that