110 likes | 245 Views
Italian Networking Workshop. Secure distributed applications: a case study. Luca Maria Aiello, Federica Cesano, Marco Milanesio, Giancarlo Ruffo, Rossano Schifanella. Speaker: Luca Maria Aiello SecNet Group Dipartimento di Informatica, Università degli Studi di Torino
E N D
Italian Networking Workshop Secure distributed applications:a case study Luca Maria Aiello, Federica Cesano, Marco Milanesio, Giancarlo Ruffo, Rossano Schifanella Speaker: Luca Maria Aiello SecNet Group Dipartimento di Informatica, Università degli Studi di Torino Corso Svizzera, 185 – 10149, Torino, Italy aiello@di.unito.it Luca Maria Aiello. Università degli Studi di Torino – Dipartimento di Informatica – SecNet Group
Motivations • In distributed identity-based commercial applications, user data are retained by central servers. • Secure infrastructure • Loss of user privacy • Exploiting DHT systems for data storage could preserve privacy… • Respect of user data secrecy • Infrastructure prone to common attacks • Our contribution: • Likir: a secure p2p middleware • LiCha: the first Likir application, is a demonstrative Likir service Luca Maria Aiello. Università degli Studi di Torino – Dipartimento di Informatica – SecNet Group
Likir Layered Identity-based Kademlia-like InfRastructure • A novel DHT layer • Identity: user identity management at middleware level • Security: • Protection against known overlay attacks (Routing poisoning, • Sybil attack, MITM, Pollution…) Luca Maria Aiello. Università degli Studi di Torino – Dipartimento di Informatica – SecNet Group
Likir architecture • Many other attempts to secure overlay networks: • Myrmic • KadSec • Maelstrom • … • By introducing a strong binding between user ID and node ID, Likir solves (or effectively mitigates) DHT security problems Luca Maria Aiello. Università degli Studi di Torino – Dipartimento di Informatica – SecNet Group
Likir protocol Luca Maria Aiello. Università degli Studi di Torino – Dipartimento di Informatica – SecNet Group
Likir • Other good features • No Single Point Of Failure • No additional system constraints (e.g. clock synchronization) • Likir middleware is transparent to application developers • Ease of developement and integration of id-based applications • Limited computational overhead respect to Kademlia • Simple API • Possible enhancements • Replace RSA with IBS • … Luca Maria Aiello. Università degli Studi di Torino – Dipartimento di Informatica – SecNet Group
LiCha The Likir Chat • Fully distributed IM application • User data stored in the DHT • Personal data are encrypted before being stored • Every content is signed by Likir layer Luca Maria Aiello. Università degli Studi di Torino – Dipartimento di Informatica – SecNet Group
ID How LiCha works Password Find(“cedric.myopenid.com”) Cedric Dynaer TCP Application Hi! LiCha Contact Personal info Get(“cedric.myopenid.com”) Lookup(UDP) Overlay net Likir ID Store DHT storage Luca Maria Aiello. Università degli Studi di Torino – Dipartimento di Informatica – SecNet Group
A possible future? Likir becomes an ideal framework for privacy aware social networks • Security • Identity • Privacy • Scalability Luca Maria Aiello. Università degli Studi di Torino – Dipartimento di Informatica – SecNet Group
Contacts and Credits To get Likir/Licha code, or to contact us: http://likir.di.unito.it likir@di.unito.it aiello@di.unito.it We would thank Edoardo Rossi, cooperated with us for Licha developement Elton Kola, built Likir registration portal with OpenID verification Luca Maria Aiello. Università degli Studi di Torino – Dipartimento di Informatica – SecNet Group
Thank you! Luca Maria Aiello. Università degli Studi di Torino – Dipartimento di Informatica – SecNet Group