Hi all,
Thanks for your opinions Alexander Pevzner wrote : >This is not very correct to speak about security "in general". Security issues should be discussed in >a context of particular threats for which protection is required. OK, this is my context : A P2P network where all nodes are certified by a centralized CA, I meant that one could use a CA or some other mechanism to prevent non-members from joining (citing Jeff Hoye) therefore I have a PKI. Scenario 1 one-to-one communication : I think I could adopt a SSL channel or an hand-made protocol (e.g. http://www.hamachi.cc/security/ approach), using TCP or UDP or other transport protocols; Scenario 2 one-to-many multicast communication : Each receiver member joins group with its owned credentials and then it receives a shared key from a well-know server (or in a distributed manner?), the broadcaster sends a crypted stream to all members using the shared key, now a receiver member could use the key to corrupt the stream. I am using RTP over UDP. What is the best solution (for security, latency, bandwidth overhead) to obtain in a p2p multicast channel : authentication, integrity, optionally confidentiality, optionally non repudiation ? I am looking for an implementation too. Interesting papers : Efficient Multicast Packet Authentication, Alain Pannetrat, Refik Molva. <http://www.isoc.org/isoc/conferences/ndss/03/proceedings/papers/16.pdf> www.isoc.org/isoc/conferences/ndss/03/proceedings/papers/16.pdf ; TESLA-SRTP http://tools.ietf.org/html/draft-ietf-msec-srtp-tesla-02; Thanks Luigi
_______________________________________________ p2p-hackers mailing list [email protected] http://lists.zooko.com/mailman/listinfo/p2p-hackers
