Διπλωματική Εργασία

Click here to load reader

  • date post

    12-Jan-2016
  • Category

    Documents

  • view

    55
  • download

    0

Embed Size (px)

description

Διπλωματική Εργασία. The Peer-to-Peer Wireless Network Confederation Protocol: Design Specification and Performance Analysis Παρουσίαση: Παντελής Φραγκούδης Επιβλέπων: Γ. Πολύζος Εξωτερικός αξιολογητής: Κ. Κουρκουμπέτης. Outline. Introduction System overview and architecture - PowerPoint PPT Presentation

Transcript of Διπλωματική Εργασία

  • The Peer-to-Peer Wireless Network Confederation Protocol:Design Specification and Performance Analysis

    : :. :.

  • OutlineIntroductionSystem overview and architectureP2PWNC protocolReference implementationPerformance evaluationConclusion

  • IntroductionPeer-to-Peer Wireless Network Confederation (P2PWNC)WLAN roaming scheme based on the P2P paradigmSharing WLAN resourcesMotivationWide spread of WLAN low-cost equipment and broadband accessUnderutilized residential WLAN resourcesLimited WLAN roaming capabilitiesPurposeFueling ubiquitous internet accessExploiting underutilized residential WLAN resourcesEnforcing cooperation through reciprocityCharacteristicsDeployment simplicity Agent autonomyLow managerial overhead

  • P2PWNC OverviewUsers organized in teamsRule of reciprocityMembers of a team are freely served by other teams if their team also serves members of other teamsAutonomous decisionsDecisions are based on transaction historyDecision algorithms: not specified by the protocolTrust modelTeam members know and trust each otherTeams do not trust one anotherTwo operation modes: Centralized (TCA), Decentralized (no TCA)ASCII-based communication protocol

  • System Entities (1/3)TeamsP2PWNC peersTeam identifier: public/secret key pairEach team operates a number of access pointsTeam membersMember identifier: public/secret key pairTeam membership established via a certificateAccess Points

  • System Entities (2/3)ReceiptsProofs of prior transactionsIssued (signed) by service consumer1 receipt per sessionConsumerCertificateConsumerSignatureProviderPKTimestampWeightMemberPKTeamPKTeamSignature

  • System Entities (3/3)Receipt RepositoryStores transaction historyHistory used as input to the decision algorithmTrusted Central AuthorityIssues key pairs for teamsManages a central receipt repositoryTeam ServerIssues member key pairs and certificatesManages a team-local receipt repositoryUpdates member repositories by answering UPDT messages

  • Centralized Operation Mode

  • Decentralized Operation Mode

  • The P2PWNC ProtocolASCII-based messagesSupport for RSA and Elliptic Curve Cryptography (ECC) digital signaturesSpecifies cryptosystem parametersSpecifies key, certificate and signature data representationsDoes not specify decision algorithms, data storage formats, software agent implementation details

  • Cryptosystem ParametersRSABit lengths: 1024, 1536, 2048Digest values produced by SHA-1ECCBit lengths: 160, 192, 224, 256 ECDSA algorithm (using SHA-1)

  • Protocol MessagesCONN: session initiationCACK: session establishmentRREQ: receipt requestRCPT: receiptQUER: query to the Receipt RepositoryQRSP: query response (grant/deny access)UPDT: repository update request

  • Mobile User Access Point SessionMobile UserAccess PointRepositoryCONNQUERQRSPCACKRREQRCPTTimeout/Conn. closedRCPTRREQ

  • Reference Implementation (1/3)AP moduleRuns on top of embedded Linux-based wireless access pointsMultithreaded TCP serverUses netfilter/iptables for network access controlKernel-level traffic measurements per sessionMandatory support for RSA, ECCMobile User moduleCurrently, C and Java implementationsNeed not support both RSA, ECC.

  • Reference Implementation (2/3)Receipt Repository moduleComposite data structure for receipt storageDecision algorithms: pluggable modulesDecisions based on the maximum-flow algorithmPush-Relabel Algorithm - O(V3) Global relabeling heuristic

  • Reference Implementation (3/3)TCA moduleIncludes receipt repository moduleTCP server waiting for RCPT & QUER messagesTeam databaseTeam key pair generation moduleMandatory support for both RSA, ECCTeam Server moduleIncludes receipt repository moduleTCP server waiting for RCPT, QUER, UPDT messagesMandatory support for both RSA, ECC

  • Performance EvaluationTestbedLinksys WRT54GS wireless routerAMD AthlonXP 2800 laptopCryptographic operations performance testsSignature, verification testsECC vs RSA, AthlonXP vs Linksys WRT54GSMaximum flow algorithm performance testsPeer population: 100, 500, 1000 teamsReceipt repository size: 100 to 10000 receiptsRunning time and memory consumption testsEffects of signature verifications on AP operationTests run on Linksys WRT54GSFTP transfer of a ~220Mb file160bit ECDSA verifications

  • Testbed Platform Specifications

  • Cryptographic Operations PerformanceTime measured in milliseconds

  • Maximum Flow Algorithm Running Time on Athlon XP

  • Maximum Flow Algorithm Running Time on Linksys WRT54GS

  • Effect of CPU Intensive Tasks on ThroughputVerification wall clock time: 0.12sec223.33Mbyte FTP transfer over Linksys WRT54GS (wired): 3956.62 Kbytes/sec

  • ExtensionsDenial-of-Service attacksDoS attacks to APs/Receipt RepositoriesExploit of probabilistic nature of decision algorithmsImplementation issuesMaxflow algorithm heuristicsReceipt Repository as a distributed databaseStudy and improve ECC efficiencyDeployment issuesPorting client software to more platforms (esp. PDAs)Downloadable Linksys WRT54GS firmware distributionEvaluation issuesMaxflow testing on various graph types (based on user mobility models)

  • SummarySpecified, implemented and evaluated a protocol for the provision of unified WLAN roaming servicesAiming at fueling ubiquitous Internet accessScheme built around the ideas of agent autonomy and service reciprocityMaximum flow-based decision algorithmsDesigned with embedded/constrained devices in mindEfficient data structures for data storage/retrieval and graph operationsTested applicability of Elliptic Curve Cryptography