Methods & Tools Peer-to-Peer Jakob Jenkov

Transcription

1 Methods & Tools Peer-to-Peer Jakob Jenkov

2 Peer-to-Peer (P2P) Definition(s) Potential Routing and Locating Proxy through firewalls and NAT Searching Security

3 Pure P2P There is no central server or router. Peers act as equals, as both clients, servers, and routers. Peers run autonomously, and may join or leave the network at any time.

4 Hybrid P2P A combination of pure P2P and Client/Server There may be one or more central servers that aid the P2P network. E.g. Authentication server or Index / Search server

5 Pure P2P

6 Hybrid P2P

7 P2P Potential Resource Sharing CPU, Storage, Data Communication Chat, VoIP, Video Conferencing / Streaming Collaboration Mail, Calendar, Projects, Forums, Polls etc.

8 P2P Routing & Locating How do you get a message from A to B or C? A B C

9 P2P Routing & Locating 1) Assign each peer a GUID 1 A B C

10 P2P Routing & Locating 2) Organize the peers into a circle C A 3 8 B

11 P2P Routing & Locating 3) Let each peer reference its successor

12 P2P Routing & Locating 1 Peer joining the network To 2: I m joining. Your successor is?

13 P2P Routing & Locating 1 Peer leaving the network To 2: I m leaving. My successor is

14 P2P Routing & Locating 2 Peers leaving the network simultanously To 2: I m leaving. My successor is

15 P2P Routing & Locating 1 Peer crashes

16 P2P Routing & Locating 3) Let each peer reference its X successors

17 P2P Routing & Locating Stabilization after changes

18 P2P Routing & Locating Ring routing doesn t scale Peers Message Speed: peers / sec Message ETA: seconds = minutes 7 5 6

19 P2P Routing & Locating 5) Add Shortcut references

20 P2P Routing & Locating 5) Add Shortcut references But which?

21 P2P Routing & Locating Chord: n = bit-size of GUID space (eg. 8 bit) n = number of references distance(n1, n2) = (GUID(n) GUID(p) + 2 n ) mod 2 n E.g. ( ) mod 256 = 137)

22 P2P Routing & Locating Chord:... Peer GUID references n closest successors of: GUID mod 2 n GUID mod 2 n GUID + 2 mod 256 GUID mod 2 n GUID + 4 mod 256 GUID mod 2 n GUID + 2 n-1 mod 2 n GUID + 1 mod 256 GUID + 8 mod 256 GUID mod 256

23 P2P Routing & Locating 5) Add shortcut references 1 2 n = mod 16 = mod 16 = mod 16 = mod 16 =

24 P2P Routing & Locating 5) Add shortcut references 1 2 n = mod 16 = mod 16 = mod 16 = mod 16 =

25 P2P Routing & Locating Example: 6 sends a message to n = mod 16 = mod 16 = mod 16 = mod 16 = n = mod 16 = mod 16 = mod 16 = mod 16 = 14 6

26 P2P Routing & Locating Stabilization of shortcut references 1 2 n = mod 16 = mod 16 = mod 16 = mod 16 = n = mod 16 = mod 16 = mod 16 = mod 16 = 14 6

27 P2P Routing & Locating Chord: n = bit-size of GUID space (eg. 8 bit) n = number of references N = max number of peers ( = 2 n ) Routing : O(log(N)) 128 bit GUID space = possible nodes log(2 128 ) - 1 = 127 references needed Routing in ~127 hops

28 P2P Routing & Locating P2P routing algorithms: Chord Pastry Kademlia (MIT) (Microsoft Research) (New York University)

29 P2P Routing & Locating Routing: All messages are routed by intermediate peers, from A to B. Locating: Once a peer s IP is located, the peers communicate directly via TCP/IP

30 P2P Distributed Hash Table Capable of: Storing (key, value) pairs in the network Locating (key, value) pairs in the network

31 P2P Distributed Hash Table Storing Data: 1) Assign X keys to the data (file name, author etc.) 2) Compute GUID-size hash value from each key. 3) Store each (key, value) at peer with GUID closest to hash value ( distance(guid, hash value) ). 4) When leaving the network a peer will transfer its (key, value) pairs to the peer with second-closest GUID.

32 P2P Distributed Hash Table Locating Data: 1) Determine keys to search for, e.g. keywords, artist, title etc. 2) Compute a hash value from each key, with the same bit-size as the GUID. 128 bit GUID = 128 bit hash value. 3) Locate the peer with the GUID closest to each hash value. 4) Request keys + data for hash values from located peer.

33 P2P Distributed Hash Table Example: 3 stores a document 1 p2p : doc 2 Data: document Keys: p2p, networks distributed systems Hash: hash(p2p) hash(networks) = 5 hash(distributed) = networks : doc distributed : doc 6

34 P2P Distributed Hash Table Example: 4 searches for a document 1 p2p : doc 2 Keys: p2p 9 3 Hash: hash(p2p) networks : doc distributed : doc 6

35 P2P Proxies How to communicate with a peer behind a firewall or NAT? Public Peers Firewall / NAT Private Peers

36 P2P Proxies 1) Private peers connect to a proxy peer Public Peers Proxy Peer Firewall / NAT Private Peers

37 P2P Proxies Closest GUID is proxy Firewall / NAT

38 P2P Proxies Example: 8 sends a message to Firewall / NAT

39 P2P Proxies Publish (GUID, proxyguid) as (key, value) pair 1 2 Firewall / NAT ( 4.5, 2 ) 7 5 6

40 P2P Proxies Realistic Scenario: Private Peer 33 Private Peer Public Peers

41 P2P Proxies Special Case: 1 public peer = client/server Firewall / NAT Firewall / NAT 2 Private Peer 4 7 Public Peer Private Peer

42 P2P Security Security Challenges: Denial of Service Sniffing, Modification, Fabrication Identity Anonymity

43 P2P Security Denial of Service: Sending lots of messages to a peer. Sending a huge message to a peer. Not forwarding messages to a peer.

44 P2P Security Sniffing, Modification, Fabrication SSL

45 P2P Security Sniffing, Modification, Fabrication Clear Text SSL SSL Private Peer Proxy Peer Private Peer

46 P2P Security Sniffing, Modification, Fabrication SSL SSL Private Peer Proxy Peer Private Peer Tunnel SSL Negotiation to which peer?

47 P2P Security Sniffing, Modification, Fabrication SSL Virtual Host 1: SSL Certificate Virtual Host 2: SSL Certificate Client Web Server Virtual Host 3: SSL Certificate SSL Negotiation using which certificate?

48 P2P Security Identity How to prevent multiple peers from using the same GUID? How do I make sure that a peer represents the person I want to communicate with? (PKI)

49 P2P Security Anonymity in searching Publicly searchable keys cannot be encrypted Malicious peers can store the keys searched for by other peers, thereby profiling peers.

50 P2P Security Anonymity in communication Malicious peers can profile a peer on what other peers it communicates with.

51 P2P Security Onion Routing: Anonymous Routing R1 R2 R3 PK-R1 PK-R2 PK-R3 Data

52 P2P Resources (search for P2P, Chord, Pastry etc.) Distributed Systems: Concepts and Design (book) The Chord Project Pastry Kademlia Search Google or Wikipedia.

53 Remember! Enter the evaluation form and be a part of making Øredev even better. You will automatically be part of the evening lottery