- A significant exposure specific to P2P is malicious peer nodes that could
inject false routing information in the peer discovery process. One way
to counter this is to store data in parts across a number of nodes, and in
multiple copies. This way, collusion of a number randomly selected
nodes is required to inject false information into the overlay network.
Conventional security procedures can be applied to P2P networks, includ-
ing the following:
■■ Cryptographic key exchange
■■ Digital digests (hashing)
■■ Encryption
■■ Signatures
Other tools developed specifically for P2P computing include the following:
■■ Sandboxing to protect against malicious code
■■ Reputation and accountability
■■ Digital rights management for content distribution
NAT and firewall traversal has long been a well-honed skill mastered by the
inventors of various P2P networks to reach the many millions of their users. It
is actually reported that blocking P2P in enterprise network is not a trivial job.
Skype has been reported to have the agility to change ports on a dynamic base
to traverse NATs and firewalls. Techniques similar to ICE [7] for SIP have been
developed, although the design details are different.
The Chord Protocol
Chord [8] is an example of a DHT algorithm that has been widely studied.
Chord uses a ring architecture, as shown in Figure 20.3. A node joining the ring
determines its position in the ring and then inserts itself between two neigh-
bors. A node in a Chord network keeps track of its predecessor node and suc-
cessor node, and makes periodic checks to ensure that these nodes are still
available. Should one of these nodes go away or loose connectivity, the node
will determine its new predecessor or successor node. In addition to these two
nodes, the node also maintains a “finger table” of other nodes in the ring. The
number of nodes in this finger table grows with the logarithm of the total num-
ber of nodes in the network, allowing a very large network to be spanned by a
small finger table. When searching the overlay network, the finger table allows
the node to quickly jump to the part of the ring that is responsible for the data.
This allows the Chord ring to scale and grow very large without resulting in
very long lookup latency.
Peer-to-Peer SIP 345