Hier finden Sie wissenschaftliche Publikationen aus den Fraunhofer-Instituten.

Security mechanisms of a legal peer-to-peer file sharing system

: Ebinger, Peter; Schinzel, Sebastian; Schmucker, Martin

Guimaraes, N. ; International Association for Development of the Information Society -IADIS-:
IADIS International Conference Applied Computing 2008. Proceedings. CD-ROM : Algarve, Portugal, 10-13 April 2008
Lisbon: IADIS Press, 2008
ISBN: 978-972-8924-52-2
International Conference Applied Computing <2008, Algarve>
Fraunhofer IGD ()
content distribution; content sharing; perceptual hashing; Peer-to-peer (P2P); security protocol

Contrary to Digital Rights Management systems (DRMS), CONFUO©O [Schmucker, M. and Ebinger, P., 2005] is a legal peer-to-peer file sharing application that controls content distribution as opposed to content usage. A central entity called Trusted Third Party (TTP) validates whether users are allowed to legally distribute a particular content and users within the CONFUO©O system enable peer monitoring to identify irregularities. Several of the core features (such as inter-user observation) are as yet untested nor approved for use on the Internet. This article demonstrates the iterative improvement of CONFUO©O's security over conventional DRM systems. A summary of the extensive security analysis performed to identify threats and potential vulnerabilities resulting from the abuse of this new protocol is presented and led to the discovery of a possible Denial-of-Service (DoS) threat. In this instalment several advances for CONFUO©O's architecture involving the introduction of public-key technology and user-based accountability are presented which, significantly increases the overall security of the system.