Securing Peer-to-Peer Networks Using Trusted Computing

It seems likely that TCG-compliant computing platforms will become widespread over the next few years. Once one accepts that the Trusted Computing paradigm offers an interesting and powerful set of security features, the natural question arises: for what purposes can this technology be exploited? In this chapter, we examine the application of Trusted Computing to securing Peer-to-Peer (P2P) networks. The concept of P2P networking covers a diverse set of network types, supporting a wide variety of applications. The common feature shared by almost all P2P networks is the lack of any centralised control. In this respect, P2P networks are the antithesis of the traditional client-server model. They have most famously become popular in the form of P2P file-sharing networks, providing a means of distributing (often copyrighted) material such as music and video. Commercially-oriented P2P networks are now coming to the fore. Useful introductions to P2P networking can be found in [23, 25]. Aside from availability, security issues for P2P networks have not yet been widely addressed. A major conflict arises from the perceived requirement to provide anonymity for users of P2P networks and an increasing need to provide robust access control, data integrity, confidentiality and accountability services. These services are increasingly important as industry moves towards using P2P technology in applications and as P2P e-commerce emerges. The security situation for P2P networks is made worse because, by definition, they lack any centralised authority who can vouch for identities or security parameters. Without the foundation of stable, verifiable identities, it is difficult to build any of the desired security services. In particular, pseudospoofing attacks, in which malicious parties claim multiple identities and disrupt the operation of P2P networks, are difficult to prevent. We provide an overview of the main security issues for P2P networks in Section 2. In this chapter, we demonstrate how features of the TCG specification [31, 34] can be employed to enhance the security of P2P networks. In particular, we show how the TCG protocols for Direct Anonymous Attestation (DAA) can be used to enforce the use of stable, platform-dependent pseudonyms and reduce pseudospoofing in P2P networks. Further, our use of DAA provides a means of building entity authentication and simple access control