Luca Maria Aiello. Università degli Studi di Torino – Dipartimento di Informatica – SecNet Group 1 Secure distributed applications: a case study Luca Maria.

Luca Maria Aiello. Università degli Studi di Torino – Dipartimento di Informatica – SecNet Group 1

Secure distributed applications:a case study

Luca Maria Aiello, Federica Cesano, Marco Milanesio, Giancarlo Ruffo, Rossano Schifanella

Speaker:Luca Maria AielloSecNet GroupDipartimento di Informatica, Università degli Studi di TorinoCorso Svizzera, 185 – 10149, Torino, [email protected]

Italian Networking Workshop

Luca Maria Aiello. Università degli Studi di Torino – Dipartimento di Informatica – SecNet Group 2

Motivations

In distributed identity-based commercial applications, user data are retained by central servers.

Secure infrastructure Loss of user privacy

Exploiting DHT systems for data storage could preserve privacy…

Respect of user data secrecy Infrastructure prone to common attacks

Our contribution:• Likir: a secure p2p middleware• LiCha: the first Likir application, is a demonstrative Likir service

Luca Maria Aiello. Università degli Studi di Torino – Dipartimento di Informatica – SecNet Group 3

Likir

Layered Identity-based Kademlia-like InfRastructure

A novel DHT layer• Identity: user identity management at middleware level• Security:

oProtection against known overlay attacks (Routing poisoning, Sybil attack, MITM, Pollution…)

Luca Maria Aiello. Università degli Studi di Torino – Dipartimento di Informatica – SecNet Group 4

Likir architecture

Many other attempts to secure overlay networks:•Myrmic•KadSec•Maelstrom•…

By introducing a strong binding between user ID and node ID, Likir solves (or effectively mitigates) DHT security problems

Luca Maria Aiello. Università degli Studi di Torino – Dipartimento di Informatica – SecNet Group 5

Likir protocol

Luca Maria Aiello. Università degli Studi di Torino – Dipartimento di Informatica – SecNet Group 6

Likir

Other good features•No Single Point Of Failure•No additional system constraints (e.g. clock synchronization)•Likir middleware is transparent to application developers•Ease of developement and integration of id-based applications•Limited computational overhead respect to Kademlia•Simple API

Possible enhancements•Replace RSA with IBS•…

Luca Maria Aiello. Università degli Studi di Torino – Dipartimento di Informatica – SecNet Group 7

LiCha

The Likir Chat

Fully distributed IM application•User data stored in the DHT•Personal data are encrypted before being stored•Every content is signed by Likir layer

Luca Maria Aiello. Università degli Studi di Torino – Dipartimento di Informatica – SecNet Group 8

How LiCha works

LiCha

Likir

Hi!

Cedric

Password

TCP

App

licat

ion

Ove

rlay

net

DH

T s

tora

ge

ID

Contact Personalinfo

Dynaer

Lookup(UDP)

StoreID

Find(“cedric.myopenid.com”)

Get(“cedric.myopenid.com”)

Luca Maria Aiello. Università degli Studi di Torino – Dipartimento di Informatica – SecNet Group 9

A possible future?

Likir becomes an ideal framework for privacy aware social networks

•Security•Identity•Privacy•Scalability

Luca Maria Aiello. Università degli Studi di Torino – Dipartimento di Informatica – SecNet Group 10

Contacts and Credits

http://[email protected]

[email protected]

We would thankEdoardo Rossi, cooperated with us for Licha developement

Elton Kola, built Likir registration portal with OpenID verification

To get Likir/Licha code, or to contact us:

Luca Maria Aiello. Università degli Studi di Torino – Dipartimento di Informatica – SecNet Group 11

Thank you!