Security protocols for hybrid peer-to-peer file sharing networks

US 20090006853A1
Filed: 08/19/2008
Published: 01/01/2009
Est. Priority Date: 08/22/2005
Status: Active Grant

First Claim

Patent Images

1. A method implemented at a receiver peer in a peer-to-peer network, the method comprising:

a) receiving at the receiver peer from a server a ticket authorizing the receiver peer to obtain a data object O;

b) sending the ticket from the receiver peer to a provider peer;

c) sending from the receiver peer to the provider peer a request for a block of the data object O;

d) receiving at the receiver peer from the provider peer the block of O, wherein the block is encrypted;

e) sending from the receiver peer to the provider peer an acknowledgement of receipt of the block, wherein the acknowledgement comprises a digest of the block and a provider identifier;

f) receiving from the provider peer, in response to the acknowledgement, a block key;

g) verifying at the receiver peer that the block key originated from the provider peer;

h) decrypting the block at the receiver peer using the block key received from the provider peer; and

i) verifying at the receiver peer an integrity of the block of O.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In a hybrid peer-to-peer file sharing network including a receiver peer and a provider peer, the receiver sends the provider a ticket [710] obtained from a server authorizing the receiver to obtain a data object O. The receiver obtains a root value of a hash tree for the object, verifies its digital signature, and sends the provider peer a request for a block of data object O and a request for a corresponding set of hash values from the hash tree [714]. The receiver receives from the provider peer the block of O and the corresponding set of hash values of the hash tree [716] that do not contain any hash value in the local hash tree. The receiver sends the provider an acknowledgement of receipt [718], obtains a block key from the provider [720], decrypts the block, verifies the integrity of the block using the subset of hash values and the local hash tree for O, and updates the local hash tree by adding the subset of hash values to the local hash tree, as well as any newly calculated hash values [722]. The provider may submit to a server the acknowledgements as proof of its service to the receiver.

Citations

12 Claims

1. A method implemented at a receiver peer in a peer-to-peer network, the method comprising:
- a) receiving at the receiver peer from a server a ticket authorizing the receiver peer to obtain a data object O;
  
  b) sending the ticket from the receiver peer to a provider peer;
  
  c) sending from the receiver peer to the provider peer a request for a block of the data object O;
  
  d) receiving at the receiver peer from the provider peer the block of O, wherein the block is encrypted;
  
  e) sending from the receiver peer to the provider peer an acknowledgement of receipt of the block, wherein the acknowledgement comprises a digest of the block and a provider identifier;
  
  f) receiving from the provider peer, in response to the acknowledgement, a block key;
  
  g) verifying at the receiver peer that the block key originated from the provider peer;
  
  h) decrypting the block at the receiver peer using the block key received from the provider peer; and
  
  i) verifying at the receiver peer an integrity of the block of O.
- View Dependent Claims (2, 3, 4)
- - 2. The method of claim 1 wherein the acknowledgement is digitally signed by the receiver and further comprises a receiver identifier, and an object identifier.
  - 3. The method of claim 1 wherein the acknowledgement further comprises a reference to multiple received blocks.
  - 4. The method of claim 1 wherein the acknowledgement further comprises digests of multiple received blocks.

5. A method implemented at a provider peer in a peer-to-peer network, the method comprising:
- a) receiving from a receiver peer a ticket authorizing the receiver peer to obtain a data object O;
  
  b) verifying the ticket;
  
  c) receiving from the receiver peer a request for a block of the data object O;
  
  d) sending to the receiver peer the block of O, wherein the block is encrypted;
  
  e) receiving from the receiver peer an acknowledgement of receipt of the block, wherein the acknowledgement comprises a digest of the block and a provider identifier;
  
  f) sending to the receiver peer, in response to the acknowledgement, a block key; and
  
  g) sending to a server the acknowledgement.
- View Dependent Claims (6, 7, 8)
- - 6. The method of claim 5 wherein the acknowledgement is digitally signed by the receiver and further comprises a receiver identifier, and an object identifier.
  - 7. The method of claim 5 wherein the acknowledgement further comprises a reference to multiple received blocks.
  - 8. The method of claim 5 wherein the acknowledgement further comprises digests of multiple received blocks.

9. A method implemented at a server in a peer-to-peer network, the method comprising:
- a) receiving from a receiver peer a request for a data object O;
  
  b) sending to the receiver peer a ticket authorizing the receiver to obtain the data object O, wherein the ticket is digitally signed by the server;
  
  c) receiving from a provider peer a copy of an acknowledgement sent from the receiver peer to the provider peer, wherein the acknowledgement is digitally signed by the receiver peer and comprises a provider identifier and a digest of at least one block of data object O that was transmitted from the provider peer to the receiver peer; and
  
  d) giving credit to the provider peer (i.e., using the acknowledgement as proof-of-service) if a digital signature of the acknowledgement is verified and the digest contained in the acknowledgement is verified.
- View Dependent Claims (10, 11, 12)
- - 10. The method of claim 9 further comprising:
    - receiving from the receiver peer a request for a block key corresponding to a block of the data object O sent from a provider peer to the receiver peer;
      
      calculating the block key based upon a provider identifier, a receiver identifier, a block identifier, and a secret shared between the provider and the server; and
      
      sending to the receiver peer the block key.
  - 11. The method of claim 9 wherein the acknowledgement further comprises a receiver identifier and an object identifier.
  - 12. The method of claim 9 wherein the acknowledgement comprises multiple digests.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
State Of Oregon Acting By And Through The State Board Of Higher Education On Behalf Of Portland State University
Original Assignee
Oregon State University (Oregon University System)
Inventors
Li, Jun

Granted Patent

US 8,028,159 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/176
CPC Class Codes

H04L 63/0428   wherein the data content is...

H04L 63/06   for supporting key manageme...

H04L 63/12   Applying verification of th...

H04L 67/06   specially adapted for file ...

H04L 67/104   Peer-to-peer [P2P] networks

H04L 67/1065   Discovery involving distrib...

H04L 67/108   characterised by resources ...

Security protocols for hybrid peer-to-peer file sharing networks

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

12 Claims

Specification

Solutions

Use Cases

Quick Links

Security protocols for hybrid peer-to-peer file sharing networks

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

12 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links