Security protocols for hybrid peer-to-peer file sharing networks
First Claim
1. A method implemented at a receiver peer in a peer-to-peer network, the method comprising:
- a) receiving at the receiver peer from a server a ticket authorizing the receiver peer to obtain a data object O;
b) sending the ticket from the receiver peer to a provider peer;
c) sending from the receiver peer to the provider peer a request for a block of the data object O;
d) receiving at the receiver peer from the provider peer the block of O, wherein the block is encrypted;
e) sending from the receiver peer to the provider peer an acknowledgement of receipt of the block, wherein the acknowledgement comprises a digest of the block and a provider identifier;
f) receiving from the provider peer, in response to the acknowledgement, a block key;
g) verifying at the receiver peer that the block key originated from the provider peer;
h) decrypting the block at the receiver peer using the block key received from the provider peer; and
i) verifying at the receiver peer an integrity of the block of O.
1 Assignment
0 Petitions
Accused Products
Abstract
In a hybrid peer-to-peer file sharing network including a receiver peer and a provider peer, the receiver sends the provider a ticket [710] obtained from a server authorizing the receiver to obtain a data object O. The receiver obtains a root value of a hash tree for the object, verifies its digital signature, and sends the provider peer a request for a block of data object O and a request for a corresponding set of hash values from the hash tree [714]. The receiver receives from the provider peer the block of O and the corresponding set of hash values of the hash tree [716] that do not contain any hash value in the local hash tree. The receiver sends the provider an acknowledgement of receipt [718], obtains a block key from the provider [720], decrypts the block, verifies the integrity of the block using the subset of hash values and the local hash tree for O, and updates the local hash tree by adding the subset of hash values to the local hash tree, as well as any newly calculated hash values [722]. The provider may submit to a server the acknowledgements as proof of its service to the receiver.
-
Citations
12 Claims
-
1. A method implemented at a receiver peer in a peer-to-peer network, the method comprising:
-
a) receiving at the receiver peer from a server a ticket authorizing the receiver peer to obtain a data object O; b) sending the ticket from the receiver peer to a provider peer; c) sending from the receiver peer to the provider peer a request for a block of the data object O; d) receiving at the receiver peer from the provider peer the block of O, wherein the block is encrypted; e) sending from the receiver peer to the provider peer an acknowledgement of receipt of the block, wherein the acknowledgement comprises a digest of the block and a provider identifier; f) receiving from the provider peer, in response to the acknowledgement, a block key; g) verifying at the receiver peer that the block key originated from the provider peer; h) decrypting the block at the receiver peer using the block key received from the provider peer; and i) verifying at the receiver peer an integrity of the block of O. - View Dependent Claims (2, 3, 4)
-
-
5. A method implemented at a provider peer in a peer-to-peer network, the method comprising:
-
a) receiving from a receiver peer a ticket authorizing the receiver peer to obtain a data object O; b) verifying the ticket; c) receiving from the receiver peer a request for a block of the data object O; d) sending to the receiver peer the block of O, wherein the block is encrypted; e) receiving from the receiver peer an acknowledgement of receipt of the block, wherein the acknowledgement comprises a digest of the block and a provider identifier; f) sending to the receiver peer, in response to the acknowledgement, a block key; and g) sending to a server the acknowledgement. - View Dependent Claims (6, 7, 8)
-
-
9. A method implemented at a server in a peer-to-peer network, the method comprising:
-
a) receiving from a receiver peer a request for a data object O; b) sending to the receiver peer a ticket authorizing the receiver to obtain the data object O, wherein the ticket is digitally signed by the server; c) receiving from a provider peer a copy of an acknowledgement sent from the receiver peer to the provider peer, wherein the acknowledgement is digitally signed by the receiver peer and comprises a provider identifier and a digest of at least one block of data object O that was transmitted from the provider peer to the receiver peer; and d) giving credit to the provider peer (i.e., using the acknowledgement as proof-of-service) if a digital signature of the acknowledgement is verified and the digest contained in the acknowledgement is verified. - View Dependent Claims (10, 11, 12)
-
Specification