Email this article A Secure Protocol for Sharing Trust Data in Hybrid P2P Network
Abstract
The trust data is critical to the trust model of P2P system. In this paper we present an efficient certificateless cryptography scheme and propose a protocol which provides the ability for sharing trust data securely. The protocol avoids the escrow problem identity-based cryptosystem and the secure delivery of private keys. The security of scheme is based on some underlying problems closely related to the Bilinear Diffie-Hellman Problem are computationally hard. It tolerates the Type I and Type II adversary. The proof of security is presented in the random oracle model. Through security discussion, we show that my secure protocol is extremely secure when encounter a variety of possible attacks.
Keywords
References
[1] H. Chen and Z. Ye. Research of P2P Trust based on Fuzzy Decision-making, CSCWD 2008. 12th International Conference on Computer Supported Cooperative Work in Design. 2008, pp. 793-796.
[2] P. Bedi and H. Kaur. Trust based Personalized Recommender System, INFOCOM Journal of Computer Science, 5 (1) 2006, pp. 19-26.
[3] R. Aringhieri, E. Damiani, S.D.C.D. Vimercati, S. Paraboschi and P. Samarati, Fuzzy techniques for trust and reputation management in anonymous peer-to-peer systems: Special Topic Section on Soft Approaches to Information Retrieval and Information Access on the Web, Journal of the American Society for Information Science and Technology, 57 (4) 2006, pp. 528-537.
doi:10.1002/asi.20307
[4] M.S. Hou, X.L. Lu and X. Zhou and C. Zhan. A trust model of p2p system based on confirmation theory, Operating Systems Review, 39(1) 2005, pp. 56-62.
[5] S.S. Song, K. Hwang and Y.K. Kwok, Trusted Grid Computing with Security Binding and Trust Integration, Journal of Grid Computing, 3 (1-2) 2005, pp. 53-73.
doi:10.1007/s10723-005-5465-x
[6] S.D. Kamvar, M.T. Schlosser and H. Garcia-Molina, EigenRep: Reputation management in P2P networks, In: Proceedings of the 12th international conference on World Wide Web, vol. 1, 2003,pp.123-134.
[7] W. Dou, H.M. Wang, Y. Jia and P. Zou. A recommendation-based peer-to-peer trust model. Journal of Software, 15, 2004, pp.571-583.
[8] K. Aberer and Z. Despotovic. Managing Trust in a Peer-2-Peer Information System, In: Proceedings of the 10th International Conference on Information and Knowledge Management, vol. 1, 2001, pp.310-317.
[9] A. Singh and L. Liu. TrustMe: Anonymous management of trust relationships in decentralized p2p systems, In: Proceedings of IEEE International Conference on P2P Computing, vol. 1, 2003, pp.142-149.
[10] A. Shamir. Identity Based Cryptosystems and Signature Schemes. In Advances in Cryptology-CRYPTO, volume 196 of LNCS, pages 37-53. Spinger, 1984.
[11] Sepandar D. Kamvar, Mario T. Schlosser, Hector Garcia-Molina, EigenRep: Reputation management in P2P networks, In: Proceedings of the 12th international conference on World Wide Web, vol. 1, 2003, pp. 123~134.
[12] D. Boneh, F. Franklin. Identity-based encryption from the Weil pairing. Advances in Cryptology-Crypto' 2001, Lncs 2139, pages 213-229. Springer-Verlag, 2001.
[13] S. S. Al-Riyami and K. Paterson. Certificateless public key cryptography. Asiacrypt 2003, vol. 2894 of LNCS, 2003, pp. 452-473.
[14] D.H. Yum and P.J. Lee. Generic construction of certificateless signature, in: Proceedings of Australasian Conference on Information Security and Privacy, ACISP, 2004, pp. 200-211.
[15] B. Libert, J.J. Quisquater. On construction certificateless cryptosystems from identity based encryption, in: Proceedings of the Ninth International Conference on Theory and Practice in Public-Key Cryptography, New York, USA, 2006, pp. 474-490.
[16] P.S.L.M. Barreto, B. Libert, N. McCullagh and J. Quisquater. Efficient and provably-secure identity-based signature and signcryption from bilinear maps. Advances in cryptology –ASIACRYPT’05, vol. 3788 of LNCS, 2005, pp. 515-532.
[17] B. Lee, C. Boyd, E. Dawson, K. Kim, J. Yang and S. Yoo. Secure key issuing in ID-based cryptography. In proceedings of the Second Australian Information Security Workshop-AISW 2004, ACS Conferences in Research and Practice in Information Technology, vol.32, 2004, pp. 69-74.
[18] V. Goyal. Reducing Trust in the PKG in Identity Based Cryptosystems. In Advances in Cryptology - CRYPTO2007, vol. 4450 of LNCS, 2007, pp. 430-447.
[19] S. S. Al-Riyami and K. Paterson. CBE from CL-PKE: A generic construction and efficient schemes. In PKC’05, volume 3386 of LNCS, pages 398–415. Springer, 2005.
[20] Z. Cheng and R. Comley. Efficient certificateless public key encryption. Cryptology ePrint Archive, Report 2005/012, 2005. http://eprint.iacr.org/2005/012.
[21] K. Bentahar, P. Farshim, J. Malone-Lee, and N. P. Smart. Generic construction of identity-based and certificateless KEMs. Cryptology ePrint Archive, Report 2005/058, 2005. http://eprint.iacr.org/2005/058.
[22] X. Huang, W. Susilo, Y. Mu and F. Zhang. On the security of a certificateless signature scheme. CANS 2005, LNCS, vol. 3810, pages 13-25, Springer-Verlag, 2005.
[23] Z. Zhang, D. Wong, J. Xu and D. Feng. Certificateless public-key signature: security model and efficient construction. ACNS 2006, LNCS, vol. 3989, pages 293-308, Springer-Verlag, 2006.
[24] B. Hu, D. Wong, Z. Zhang and X. Deng. Key replacement attack against a generic construction of certificateless signature. ACISP 2006, LNCS, vol. 4058, pages 235-346, Springer-Verlag, 2006.
[25] M. Au, J. Chen, J. Liu, Y. Mu, D. Wong and G. Yang. Malicious KGC Attacks in Certificateless Cryptography. ACM ASIACCS’07, pages 302-311, 2007.
[26] Y. Long and K. Chen. Certificateless threshold cryptosystem secure against chosen-ciphertext attack, Information Sciences 177, 2007, pp. 5620-5637
doi:10.1016/j.ins.2007.06.014
Full Text: PDF