Anonymous and Distributed Authentication for Peer-to-Peer Networks

Abstract

Well-known authentication mechanisms such as Public-key Infrastructure (PKI) and Identity-based Public-key Certificates (ID-PKC) are not suitable for integration in a Peer-to-Peer (P2P) network environment, the reason being either the lack of or the difficulty in maintaining a centralized authority to manage the certificates. Authentication becomes even harder in anonymous environments. In this study, we present three authentication protocols such that the users can authenticate themselves in an anonymous P2P network, without revealing their identities. The first protocol uses existing ring signature schemes to obtain anonymous authentication, the second is an anonymous authentication protocol utilizing secret sharing schemes, and lastly a zero-knowledge-based anonymous authentication protocol. We provide security justifications for the three aforementioned protocols in terms of anonymity, completeness, soundness, resilience to impersonation attacks, and resilience to replay attacks. We also provide examples of conceptual topologies and how the peers would behave and rearrange in case of failure