Abstract
This paper presents a practical solution to Sybil and eclipse attacks in a fully decentralised peer-to-peer context by utilising trusted computing features of modern Android devices. We achieve this by employing hardware-based attestation mechanisms introduced in recent Android versions and bind each P2P network node identifier to a distinct physical device. In contrast to resource-testing approaches, this binding makes it impossible for attackers to rely on cheap cloud computing resources to outperform legitimate users. We address well-known P2P challenges by applying trusted computing approaches, which were previously only theorised in this context. This results in a system that can now actually be implemented on a global scale. We thoroughly mind bandwidth, power and performance constraints to achieve a ready-to-use solution whose only requirement is the possession of a recent Android phone.
Originalsprache | englisch |
---|---|
Titel | Proceedings of the 16th International Joint Conference on e-Business and Telecommunications |
Herausgeber (Verlag) | SciTePress - Science and Technology Publications |
Seiten | 252--259 |
Band | 2: SECRYPT |
DOIs | |
Publikationsstatus | Veröffentlicht - Juli 2019 |