Most threats do originate from peers. A malicious node can do little damage without joining overlay. However, any peer will know certain part of topology in its finger table. By purposely rejoin the overlay with a different ID, A malicious peer can get more knowledge of the whole network. Encryption will do little help to this. Instead, security of enrollment and ID assignment is more important. As to refreshment of certification, as long as the peer will not keep on online for years, refresh the key pair when the peer login is secure enough considering security of the typical algorithm such as RSA. Skype do in this way. Another suggestion, why not just let the peers store their own certificaitons. So others need not to search for receiver's certification in the overlay.
xiaofeng Qiu MINE Lab, BUPT 2010/3/5 Konstantinos Birkos <[email protected]> > Dear Xiaofeng Qiu, > > Indeed, if protection against eavesdropping from inside the overlay is not > an issue, encryption by means of public/private key pairs is unnecessary. > However, eavesdropping is only one of the numerous threats a peer-to-peer > overlay may face. Overlay routing attacks and attacks on the structure of > the overlay depend on the exploitation of knowledge regarding the logical > topology. This knowledge is easily gained via the unprotected messages > exchanged in P2PSIP. The interesting part is that in p2p networks, many > challenging threats originate from peers that are already members of the > overlay. Of course, the security levels P2PSIP should provide is up to the > WG. Our motivation stems from the fact that P2PSIP may be used in > communication scenarios with strict security constraints (for example > communication between authorities). > What is your opinion about the refreshment of the peers' certificates? > > Konstantinos Birkos > University of Patras
_______________________________________________ P2PSIP mailing list [email protected] https://www.ietf.org/mailman/listinfo/p2psip
