securing data authentication with cryptographic signatures in bittorrent du wei wedu @ cc.hut.fi /...
TRANSCRIPT
Securing Data Authentication Securing Data Authentication with with Cryptographic Signatures in Cryptographic Signatures in
BitTorrentBitTorrent
Du Weiwedu @ cc.hut.fi / [email protected]
Supervisor : Professor Jukka Manner Instructor : Professor Sasu Tarkoma
Msc. Petri Savolainen
25-08-2009
Helsinki University of Technology, FinlandDepartment of Communications and Networking
OverviewOverview
1.Introduction
2.Background
3.Implemetation
4.Expermental Results and Analysis
5.Conclusion
Peer-to-Peer File Sharing systemsPeer-to-Peer File Sharing systems
Fast Growing Uses : Audio and Video files
A major part of traffic on the Internet
Different from Client/Server File Sharing systems
1. INTRODUCTION1. INTRODUCTION
BitTorrent BitTorrent
A Peer-to-Peer File Sharing system
The most popular P2P protocol worldwide
Millions of users
Critical ElementsA Web Server: provides the ‘metainfo’ file by HTTP
The .torrent File: contains ‘metainfo’ information (File name, size, checksum, URL of the Tracker, Pieces <hash1,hash2,….hashn>, Piece length )
A BitTorrent Tracker: manage the list of peers
Peers:
seeds: have the entire fileleechers: still downloading, also called downloaders.Free-riders: only download from others but do not upload
How BitTorrent Works?How BitTorrent Works?
Leecher A
Seed
Leecher B
Tracker
Web Server
1. O
btai
n.to
rren
t file
2. Contact the Tracker (U
RL) Get-announce
3. Obtain a peer list (c
ontains seeds &
leechers)
4. Shake-hand
4. Shake-hand
5. Get pieces
5.Get Pieces
BitTorrent
Messages Peer - Peer Messages: TCP Sockets
Peer - Tracker Messages: HTTP Request/Response
File Organization
A PieceChunk size=256KB
A Block(subpiece)
16KB
File
421 3
Incomplete Piece
Piece Hash Value (SHA1)Size=20Bytes
How to validate dataGenerate piece hashes by SHA1 hashing algorithm
Save piece hashes in .torrent file
Seed will check if hashes are matched before upload the file
Leecher will verify data with hashes in .torrent file when each chunk is downloaded in parallel
Problems to AddressPiece hashes in .torrent file are not secure enough.
The size of .torrent file grows, when the file size increases.
Especially, when the chunk size (piece size) is small.
In P2P live streaming, the chunk size is smaller, the speed is faster. However, the chunk sizes are always large.
2. BACKGROUND2. BACKGROUND
Related WorkHash tree : simple but infeasible for a latency sensitive communication
Hash chain : lightweight but more complex schemes
Cryptographic Signatures AlgorithmsRSA (Rivest-Shamir-Adleman)
DSA (Digital Signature Algorithm)
ECDSA (Elliptic Curve Digital Signature Algorithm)
3. IMPELEMENTATION3. IMPELEMENTATION
3.1 Design
DSA
ECDSA
RSA
Key Pair
Step 1- Generate Key Pair by using Cryptographic
Algorithms
Step 2- Create signatures for .sig file with Private key
Save Public key in .torrent file
Step 3- Verify Signatures with Public key
Public keys are saved in the .torrent file with different Cryptographic Algorithm (Using Openssl library)
RSA : n, e
DSA : p, q, g
ECDSA : ecp
Adding SIGNATURE message in BitTorrent Protocol
Policy: Once downloading a piece completely, the peer can authenticate it efficiently right away.
This policy lets complete pieces could be authenticated quickly, even for smaller piece sizes (large piece numbers)
In order to keep the .torrent file smaller, we save the signatures in a .sig file separately and send corresponding signature separately before a piece is sent.
SIGNATURE:<len=005+X>< id=88><piece_index><signature>Payload Information:
len : (32 bits integer)
id : (32 bits integer)
piece_index : (32 bits integer)
signature : (X bytes)
3.2 SIGNATURE Message
4. 4. EXPERIMENTAL RESULTS AND ANALYSISEXPERIMENTAL RESULTS AND ANALYSIS
Hardware:2 Desktop PCs
1 Switch
Software:Ubuntu 9.04
Ktorrent 3.2.1
Openssl 0.9.8g
Wondershaper 1.0
4.1 Lab Environments
PC1 PC2CPU Intel(R) Core(TM)2
Duo CPU E6750 @ 2.66GHz
Intel(R) Core(TM)2 Quad CPU Q9300 @ 2.50GHz
Memory 4GB 8GBNIC Intel Corporation
82566DM-2 Gigabit Ethernet
Broadcom Corporation NetXtreme BCM5754 Gigabit Ethernet
i686 GNU/Linux x86_64 GNU/Linux
Signature Size (Chunk size=32KB)
4.2 Experimental Results
Key SizeKey Size 512(bit)512(bit) 1024(bit)1024(bit) 2048 (bit)2048 (bit) 3072(bit)3072(bit)
RSA Signature (Bytes)RSA Signature (Bytes) 6464 128128 256256 384384DSA Signature(Bytes)DSA Signature(Bytes) 4848 4848 4848 4848
Size (Bytes)Size (Bytes) ECSDA Secp-160r1ECSDA Secp-160r1 ECDSA Secp-224r1ECDSA Secp-224r1
ECC SignatureECC Signature 4242 5656
ECC 160bit = RSA 1024bit (algorithms strengths)
ECC 224bit = RSA 2048bit (algorithms strengths)
Signing and Verifying Time of Openssl PC1 Sign(ms) Verify(ms) Sign/s Verify/s
rsa 512 bits 0.446 0.033 2243.1 30283.3rsa 1024 bits 1.998 0.086 500.6 11679.6rsa 2048 bits 10.756 0.269 93.0 3723.2rsa 4096 bits 64.196 0.873 15.58 1145.8dsa 512 bits 0.345 0.410 2894.8 2440.3dsa 1024 bits 0.864 1.013 1157.8 987.2dsa 2048 bits 2.690 3.224 371.7 310.2ecdsa(secp160r1) 160 bits 0.3 1.4 3518.4 719.4ecdsa(secp224r1) 224 bits 1.5 1.7 677.9 576.37
PC2 Sign(ms) Verify(ms) Sign/s Verify/s
rsa 512 bits 0.229 0.016 4359,3 63609rsa 1024 bits 0.897 0.043 1115,2 23120,2rsa 2048 bits 5.061 0.136 197,6 7338,4rsa 4096 bits 32.323 0.467 30,9 2140,9dsa 512 bits 0.158 0.174 6320,2 5731,8dsa 1024 bits 0.418 0.492 2394,5 2034,5dsa 2048 bits 1.325 1.578 754,8 633,8ecdsa(secp160r1) 160 bits 0.200 0.700 6285,5 1424,3ecdsa(secp224r1) 224 bits 0.700 1.100 1428,571 937,8
Average Download Speed (MB/s) : PC2, PC2, File File Size =150MBSize =150MB
Max Download Speed = 10MB/s, Max Upload Speed =10MB/s, Chunk size=32KB Max Download Speed = 10MB/s, Max Upload Speed =10MB/s, Chunk size=32KB Average Download Speed (MB/s) Average Download Speed (MB/s)
Algorithms/Key Size (bit) 512 1024 2048 3072
RSA 9,05 8,89 8,77 8,60
DSA 8,85 8,53 8,38 8,15
ECDSA(spec160r1/spec224r1) 9,00 8,80
No Signature 9,23 9,23 9,23 9,23
Max Download Speed =128KB/s, Max Upload Speed =128KB/s, Max Download Speed =128KB/s, Max Upload Speed =128KB/s, Chunk size=32KBChunk size=32KB Average Download Speed (KB/s) Average Download Speed (KB/s)
Algorithms/Key Size (bit) 512 1024 2048 3072
RSA 120,85 120,41 119,33 118,65
DSA 120,75 120,84 120,72 120,68
ECDSA(spec160r1/spec224r1) 120,89 120,75
No Signature 121,43 121,43 121,43 121,43
4.3 Data AnalysisMax Download Speed Max Download Speed =10MB, 150MB File Size, Chunk size=32KB =10MB, 150MB File Size, Chunk size=32KB
Max Download Speed Max Download Speed =128KB, 150MB File Size, Chunk size=32KB =128KB, 150MB File Size, Chunk size=32KB
RSA is faster than DSA when Max download speed is 10MB
But RSA is slower than DSA when Max donwload speed is 128KB
Signature size is smaller, average download speed is faster, when bandwidth is small.
Verify time is faster, average download speed is faster, when bandwidth is large.
ECC is faster due to its small signature size, although it’s slower to verify
5. Conclusion5. Conclusion
P2P Networks P2P Networks Millions of UsersMillions of Users
Secure, Efficient, Secure, Efficient, Energy saving… Energy saving…
VoIP
BitTorrent
TCP
http
ServicesServices
Thank You!