Peer-to peer name resolution protocol (PNRP) security infrastructure and method

US 7,251,694 B2
Filed: 03/15/2006
Issued: 07/31/2007
Est. Priority Date: 04/29/2002
Status: Expired due to Fees

First Claim

Patent Images

1. A method of inhibiting a denial of service attack based on a synchronization process in a peer-to-peer network, comprising:

receiving a SOLICIT message at a second node, the SOLICIT message requesting cache synchronization from a first node and containing a first node peer address certificate (PAC);

examining the first node PAC to determine its validity at the second node;

dropping the SOLICIT message when the step of examining the first node PAC determines that the first node PAC is not valid;

generating first connection information specifically identifying the SOLICIT message with the first node;

maintaining the first connection information when examining the first node PAC determines that the first node PAC is valid;

generating second connection information specifically identifying a REQUEST message with the first node; and

comparing the first connection information and the second connection information.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A security infrastructure and methods are presented that inhibit the ability of a malicious node from disrupting the normal operations of a peer-to-peer network. The methods of the invention allow both secure and insecure identities to be used by nodes by making them self-verifying. When necessary or opportunistic, ID ownership is validated by piggybacking the validation on existing messages. The probability of connecting initially to a malicious node is reduced by randomly selecting to which node to connect. Further, information from malicious nodes is identified and can be disregarded by maintaining information about prior communications that will require a future response. Denial of service attacks are inhibited by allowing the node to disregard requests when its resource utilization exceeds a predetermined limit. The ability for a malicious node to remove a valid node is reduced by requiring that revocation certificates be signed by the node to be removed.

Citations

20 Claims

1. A method of inhibiting a denial of service attack based on a synchronization process in a peer-to-peer network, comprising:
- receiving a SOLICIT message at a second node, the SOLICIT message requesting cache synchronization from a first node and containing a first node peer address certificate (PAC);
  
  examining the first node PAC to determine its validity at the second node;
  
  dropping the SOLICIT message when the step of examining the first node PAC determines that the first node PAC is not valid;
  
  generating first connection information specifically identifying the SOLICIT message with the first node;
  
  maintaining the first connection information when examining the first node PAC determines that the first node PAC is valid;
  
  generating second connection information specifically identifying a REQUEST message with the first node; and
  
  comparing the first connection information and the second connection information.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, wherein the first connection information is maintained in a bit vector at the second node.
  - 3. The method of claim 2, wherein generating first connection information specifically identifying the SOLICIT message with the first node comprises:
    - generating a nonce at the second node;
      
      extracting a first node identification information from the SOLICIT message; and
      
      setting a bit at a first bitpos, the first bitpos comprising the index of the bit vector corresponding to a hash of the nonce and the first node identification information.
  - 4. The method of claim 3, further comprising:
    - encrypting the nonce using a first node public key;
      
      constructing an ADVERTISE message, the ADVERTISE message comprising a second node PAC and the encrypted nonce;
      
      sending the ADVERTISE message to the first node;
      
      validating the ADVERTISE message;
      
      decrypting the encrypted nonce; and
      
      sending a REQUEST message from the first node to the second node if the ADVERTISE message is valid, the REQUEST message comprising the first node identification information and the decrypted nonce.
  - 5. The method of claim 4, wherein generating the second connection information specifically identifying the REQUEST message with the first node further comprises:
    - extracting the nonce from the REQUEST message;
      
      extracting a first node identification information from the REQUEST message; and
      
      calculating a second bitpos as the hash of the nonce and the first node identification information wherein the second bitpos corresponds to an index of a bit in the bit vector.
  - 6. The method of claim 5, wherein comparing the first connection information and the second connection information further comprises determining if the bit at the second bitpos is set.
  - 7. The method of claim 6, further comprising rejecting the REQUEST message when the bit at the second bitpos is not set.
  - 8. The method of claim 2, wherein generating first connection information specifically identifying the SOLICIT message with the first node comprises:
    - generating a nonce at the second node; and
      
      setting a bit at a first bitpos, the first bitpos comprising the index of the bit vector corresponding to the nonce.
  - 9. The method of claim 3, wherein the first node identification information is a first node PNRP ID.

10. A computer-readable medium comprising computer-executable instructions for inhibiting a denial of service attack based on a synchronization process in a peer-to-peer network, the computer-executable instructions comprising instructions for:
- receiving a SOLICIT message at a second node, the SOLICIT message requesting cache synchronization from a first node and containing a first node peer address certificate (PAC);
  
  examining the first node PAC to determine its validity at the second node;
  
  dropping the SOLICIT message when the step of examining the first node PAC determines that the first node PAC is not valid;
  
  generating a first connection information specifically identifying the SOLICIT message with the first node;
  
  maintaining the first connection information when the step of examining the first node PAC determines that the first node PAC is valid;
  
  generating a second connection information specifically identifying a REQUEST message with the first node; and
  
  comparing the first connection information and the second connection information.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
- - 11. The computer-readable medium of claim 10, wherein the first connection information is maintained in a first bit vector at the second node.
  - 12. The computer-readable medium of claim 11, wherein the instructions for generating a first connection information specifically identifying the SOLICIT message with the first node comprises:
    - generating a nonce at the second node;
      
      extracting a first node identification information from the SOLICIT message; and
      
      setting a bit at a first bitpos, the first bitpos comprising the index of the bit vector corresponding to a hash of the nonce and the first node identification information.
  - 13. The computer-readable medium of claim 12, further comprising computer-executable instructions for:
    - encrypting the nonce using a first node public key;
      
      constructing an ADVERTISE message, the ADVERTISE message comprising a second node PAC and the encrypted nonce;
      
      sending the ADVERTISE message to the first node;
      
      validating the ADVERTISE message;
      
      decrypting the encrypted nonce; and
      
      sending a REQUEST message from the first node to the second node if the ADVERTISE message is valid, the REQUEST message comprising the first node identification information and the decrypted nonce.
  - 14. The computer-readable medium of claim 13, wherein the instructions for generating the second connection information specifically identifying the REQUEST message with the first node further comprises computer-executable instructions for:
    - extracting the nonce from the REQUEST message;
      
      extracting a first node identification information from the REQUEST message; and
      
      calculating a second bitpos as the hash of the nonce and the first node identification information wherein the second bitpos corresponds to an index of a bit in the bit vector.
  - 15. The computer-readable medium of claim 14, wherein the instructions for comparing the first connection information and the second connection information further comprises computer-executable instructions for determining if the bit at the second bitpos is set.
  - 16. The computer-readable medium of claim 15, further comprising computer-executable instructions for rejecting the REQUEST message when the bit at the second bitpos is not set.
  - 17. The computer-readable medium of claim 11, wherein the instructions for generating a first connection information specifically identifying the SOLICIT message with the first node comprise computer-executable instructions for:
    - generating a nonce at the second node; and
      
      setting a bit at a first bitpos, the first bitpos comprising the index of the bit vector corresponding to the nonce.
  - 18. The computer-readable medium of claim 10, wherein the first node identification information is a first node PNRP ID.

19. A method of inhibiting a denial of service attack based on a synchronization process in a peer-to-peer network comprising:
- receiving a SOLICIT message at a second node, the SOLICIT message requesting cache synchronization from a first node and containing a first node peer address certificate (PAC);
  
  examining the first node PAC to determine its validity at the second node;
  
  dropping the SOLICIT message when the step of examining the first node PAC determines that the first node PAC is not valid;
  
  generating first connection information specifically identifying the SOLICIT message with the first node, the first connection information maintained in a bit vector at the second node;
  
  generating a nonce at the second node;
  
  extracting a first node identification information from the SOLICIT message;
  
  setting a bit at a first bitpos, the first bitpos comprising the index of the bit vector corresponding to a hash of the nonce and the first node identification information;
  
  encrypting the nonce using a first node public key;
  
  constructing an ADVERTISE message, the ADVERTISE message comprising a second node PAC and the encrypted nonce;
  
  sending the ADVERTISE message to the first node;
  
  validating the ADVERTISE message;
  
  decrypting the encrypted nonce;
  
  sending a REQUEST message from the first node to the second node if the ADVERTISE message is valid, the REQUEST message comprising the first node identification information and the decrypted nonce;
  
  maintaining the first connection information when examining the first node PAC determines that the first node PAC is valid;
  
  generating second connection information specifically identifying a REQUEST message with the first node;
  
  extracting the nonce from the REQUEST message;
  
  extracting a first node identification information from the REQUEST message;
  
  calculating a second bitpos as the hash of the nonce and the first node identification information wherein the second bitpos corresponds to an index of a bit in the bit vector;
  
  comparing the first connection information and the second connection information;
  
  determining if the bit at the second bitpos is set; and
  
  rejecting the REQUEST message when the bit at the second bitpos is not set.
- View Dependent Claims (20)
- - 20. The method of claim 19, wherein the first bitpos comprises the index of the bit vector corresponding to the nonce.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Miller, John L., Gavrilescu, Alexandru, Gupta, Rohit, Wheeler, Graham A.
Primary Examiner(s)
Dinh; Khanh

Application Number

US11/375,748
Publication Number

US 20060161657A1
Time in Patent Office

503 Days
Field of Search

709/203, 709/224, 709/226, 709/238, 707/9, 707/10, 711/141, 711/146
US Class Current

709/226
CPC Class Codes

H04L 61/00   Network arrangements, proto...

H04L 61/45   Network directories; Name-t...

H04L 63/0823   using certificates cryptogr...

H04L 63/126   the source of the received ...

H04L 63/1458   Denial of Service

H04L 67/104   Peer-to-peer [P2P] networks

Y10S 707/99939   Privileged access

Peer-to peer name resolution protocol (PNRP) security infrastructure and method

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Peer-to peer name resolution protocol (PNRP) security infrastructure and method

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links