1 / 24

Διπλωματική Εργασία

This paper presents the design and performance analysis of the Peer-to-Peer Wireless Network Confederation Protocol (P2PWNC) for WLAN roaming and resource sharing. The protocol aims to fuel ubiquitous internet access and exploit underutilized residential WLAN resources. The paper outlines the system architecture, P2PWNC protocol, reference implementation, and performance evaluation. The protocol supports RSA and elliptic curve cryptography and does not specify decision algorithms or software agent implementation details. Performance evaluations include cryptographic operations tests, signature verifications, and maximum flow algorithm tests.

gmays
Download Presentation

Διπλωματική Εργασία

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Διπλωματική Εργασία The Peer-to-Peer Wireless Network Confederation Protocol: Design Specification and Performance Analysis Παρουσίαση: Παντελής Φραγκούδης Επιβλέπων: Γ. Πολύζος Εξωτερικός αξιολογητής: Κ. Κουρκουμπέτης

  2. Outline • Introduction • System overview and architecture • P2PWNC protocol • Reference implementation • Performance evaluation • Conclusion

  3. Introduction • Peer-to-Peer Wireless Network Confederation (P2PWNC) • WLAN roaming scheme based on the P2P paradigm • Sharing WLAN resources • Motivation • Wide spread of WLAN low-cost equipment and broadband access • Underutilized residential WLAN resources • Limited WLAN roaming capabilities • Purpose • Fueling ubiquitous internet access • Exploiting underutilized residential WLAN resources • Enforcing cooperation through reciprocity • Characteristics • Deployment simplicity • Agent autonomy • Low managerial overhead

  4. P2PWNC Overview • Users organized in teams • Rule of reciprocity • Members of a team are freely served by other teams if their team also serves members of other teams • Autonomous decisions • Decisions are based on transaction history • Decision algorithms: not specified by the protocol • Trust model • Team members know and trust each other • Teams do not trust one another • Two operation modes: Centralized (TCA), Decentralized (no TCA) • ASCII-based communication protocol

  5. System Entities (1/3) • Teams • P2PWNC peers • Team identifier: public/secret key pair • Each team operates a number of access points • Team members • Member identifier: public/secret key pair • Team membership established via a certificate • Access Points

  6. System Entities (2/3) • Receipts • Proofs of prior transactions • Issued (signed) by service consumer • 1 receipt per session Member PK Team PK Consumer Certificate Team Signature Provider PK Timestamp Weight Consumer Signature

  7. System Entities (3/3) • Receipt Repository • Stores transaction history • History used as input to the decision algorithm • Trusted Central Authority • Issues key pairs for teams • Manages a central receipt repository • Team Server • Issues member key pairs and certificates • Manages a team-local receipt repository • Updates member repositories by answering UPDT messages

  8. Centralized Operation Mode

  9. Decentralized Operation Mode

  10. The P2PWNC Protocol • ASCII-based messages • Support for RSA and Elliptic Curve Cryptography (ECC) digital signatures • Specifies cryptosystem parameters • Specifies key, certificate and signature data representations • Does not specify decision algorithms, data storage formats, software agent implementation details

  11. Cryptosystem Parameters • RSA • Bit lengths: 1024, 1536, 2048 • Digest values produced by SHA-1 • ECC • Bit lengths: 160, 192, 224, 256 • ECDSA algorithm (using SHA-1)

  12. Protocol Messages • CONN: session initiation • CACK: session establishment • RREQ: receipt request • RCPT: receipt • QUER: query to the Receipt Repository • QRSP: query response (grant/deny access) • UPDT: repository update request

  13. Mobile User – Access Point Session Mobile User Access Point Repository CONN QUER CACK QRSP RREQ RCPT RREQ Timeout/ Conn. closed RCPT

  14. Reference Implementation (1/3) • AP module • Runs on top of embedded Linux-based wireless access points • Multithreaded TCP server • Uses netfilter/iptables for network access control • Kernel-level traffic measurements per session • Mandatory support for RSA, ECC • Mobile User module • Currently, C and Java implementations • Need not support both RSA, ECC.

  15. Reference Implementation (2/3) • Receipt Repository module • Composite data structure for receipt storage • Decision algorithms: pluggable modules • Decisions based on the maximum-flow algorithm • Push-Relabel Algorithm - O(V3) • “Global relabeling” heuristic

  16. Reference Implementation (3/3) • TCA module • Includes receipt repository module • TCP server waiting for RCPT & QUER messages • Team database • Team key pair generation module • Mandatory support for both RSA, ECC • Team Server module • Includes receipt repository module • TCP server waiting for RCPT, QUER, UPDT messages • Mandatory support for both RSA, ECC

  17. Performance Evaluation • Testbed • Linksys WRT54GS wireless router • AMD AthlonXP 2800 laptop • Cryptographic operations performance tests • Signature, verification tests • ECC vs RSA, AthlonXP vs Linksys WRT54GS • Maximum flow algorithm performance tests • Peer population: 100, 500, 1000 teams • Receipt repository size: 100 to 10000 receipts • Running time and memory consumption tests • Effects of signature verifications on AP operation • Tests run on Linksys WRT54GS • FTP transfer of a ~220Mb file • 160bit ECDSA verifications

  18. Testbed Platform Specifications

  19. Cryptographic Operations Performance Time measured in milliseconds

  20. Maximum Flow Algorithm Running Time on Athlon XP

  21. Maximum Flow Algorithm Running Time on Linksys WRT54GS

  22. Effect of CPU Intensive Tasks on Throughput • Verification wall clock time: 0.12sec • 223.33Mbyte FTP transfer over Linksys WRT54GS (wired): 3956.62 Kbytes/sec

  23. Extensions • Denial-of-Service attacks • DoS attacks to APs/Receipt Repositories • Exploit of probabilistic nature of decision algorithms • Implementation issues • Maxflow algorithm heuristics • Receipt Repository as a distributed database • Study and improve ECC efficiency • Deployment issues • Porting client software to more platforms (esp. PDAs) • Downloadable Linksys WRT54GS firmware distribution • Evaluation issues • Maxflow testing on various graph types (based on user mobility models)

  24. Summary • Specified, implemented and evaluated a protocol for the provision of unified WLAN roaming services • Aiming at fueling ubiquitous Internet access • Scheme built around the ideas of agent autonomy and service reciprocity • Maximum flow-based decision algorithms • Designed with embedded/constrained devices in mind • Efficient data structures for data storage/retrieval and graph operations • Tested applicability of Elliptic Curve Cryptography

More Related