KR100747147B1 - A Peer to Peer system which provides benefit to all of content provider, operator of the network and distributor and provides securities in the network - Google Patents

Abstract

The present invention relates to a method of operation of a P2P system that provides various security solutions for content. To this end, the present invention, by generating a unique information file of the content to be provided by the content provider, and transmits its certificate and the generated unique information file to the server to register with the server, a new New to use the P2P communication service After the Peer authenticates with the server, it receives an AC (Attribute Certificat) indicating the New Peer's authorization information and the Super Peer's IP list that manages the IP information of the plurality of Peers from the server, and receives a specific Super Peer. Connecting to receive management, and consuming peers who want to search or download contents P2P, broadcasting search messages related to their desired contents to all distribution peers, and the distribution peers display contents matching the search message. Transmitting the information of the content and its own IP to the consuming peer, if any; Requesting the download of the content by the consumption peer that has received the information and the IP of the distribution peer, and the distribution peer transmits the content encrypted with the public key to the consumption peer after a predetermined authentication with the consumption peer. And after the consuming peer successfully downloads the content and verifies the integrity of the content, transmitting the payment message (E _np ) requesting payment to the server, and the server sends the payment message (E). _np ) is stored in a predetermined database, and the distribution Peer is notified of the payment fact as a message E _pa .

Description

A Peer to Peer system which provides benefit to all of content provider, operator of the network and distributor and provides securities in the network}

The present invention relates to a method of operating a P2P system that provides various security solutions for content. In a conventional file sharing P2P system, a copyrighted content is illegally shared between peers using a P2P program. Due to the peculiarities of the P2P system, the peer plays the role of a consumer receiving content from another peer, and at the same time, a role of a relay to transmit content to another peer. That is, as shown in FIG. 1, there are two stages of distribution infrastructure providers (servers providing P2P programs: eg, Gnutella, Napster, Sori) and Peer (consumer Peer and relay Peer). In this structure, the author of information (content) is excluded from the P2P system, and the distributed contents are also illegal contents without the permission of the author. On the other hand, the representative companies operating in P2P are Napster, Gnutella, and Soribada. have.

Napster: The list of peers is kept on the server. In addition, the server saves the query results from the peer. Therefore, content distribution occurs between peers, but in order to exchange content, the list of peers holding the content must be received from the server, so if a problem occurs in the server, the network does not work.

Gnutella:

The server does not participate in the P2P network at all. In other words, the server is not involved in the initial system installation, nor is it involved in searching for content or exchanging data between peers.

Soundbar: The server manages only Super Peer. The middle manager also has only the addresses of the Peers that have joined the network. That is, when the Pee searches for data, it serves to provide addresses for the target peers, and each peer directly searches the peers for its own peers and distributes the content.

Any P2P architecture belongs to one of the three big classes above, and for the protection of content, there is no provision of security-related services in network systems.

1. Authentication between peers, peers and servers, and servers and content providers for content protection. In other words, it provides a way to authenticate each other between parties.

2. Technology that can determine the authenticity of content: is the content currently in circulation illegal? Or a technique that can determine if it is not forged.

3. Payment system: protocol for accurate revenue distribution

In order for the P2P system to generate revenue, as shown in FIG. 6, the operator (the first person to distribute the content and the copyright holder of the content), the distribution infrastructure provider (P2P program such as Soribada server), the consumer and It has to be composed of three stages, Peer, so that operators are rewarded for content copyright, distribution infrastructure providers are rewarded for payment and system management, and consumers are the consumers who consume the content and deliver the content to other consumers. Rewards as a distribution network must also be rewarded: in these three-phase models, each role is rewarded, and the end-user also gains business benefits by taking part of the distribution at the same time as consumption. In order to establish such a model, unlike the existing P2P system, various requirements are required. Such security matters will be described below. Overall network structure

Role of each component in the network

In FIG. 2, the central P2P server simply has IP information for the super peer, and the super peer manages the IP for the peers belonging to it. Super Peers also share IP information of their peers. If the Super Peer terminates, it notifies the server and the server notifies each Super Peer again. When each peer searches, it sends a search term to the IPs of all peers obtained through Super Peer.

Full protocol description

Before content can be distributed on this network, the owner must provide the content on this network. In order to provide content, a unique information file of the content must first be created.

Creation of unique information file by the owner of the content

In order to distribute content through the P2P network, a unique information file of the content by the owner of the content to be distributed must be generated. In other words, there is a need for a method of preventing the forgery and alteration of the content by signing the owner of the unique information message for the content. In order to create a unique information file of the content and distribute the content legally, the content owner obtains a business ID from the server in advance and accesses the super peer.

Protocol to log in as a business and register unique information file

The expression [a | b | c] used hereinafter means a, b and c.

Step 1) The operator creates a content information file of the content and the content to be distributed.

Information that the unique information file should include is as follows.

[Company | Author | Title | Filename | Privilege | Price | Hash Value | S _Company ]

Company: The company that owns the copyright of the content.

Author: Creator of the content

Title: Title of the content

Filename: filename of the content

Price of the content.

Privilege: the right to receive content (adults, paid members, etc.)

Hash Value: the hash value of the content

SCompany: Signature value of the company that owns the content copyright.

Step 2) The operator accesses the super peer with the ID issued from the server.

Step 3) The operator sends his certificate and unique information files to the server. The operator's certificate is then automatically renewed once by the server once for all peers that connect.

Step 4) The server verifies the signature of the unique information files with the operator's certificate and stores the name of the file in the database. This is needed later as an initialization value when backtracking the distribution of content to illegal users during payment.

Step 5) The operator operates as a Peer or Super Peer. That is, it becomes a provider (distributor) of information.

Login and AC Issuance Protocol

In order for the New Peer (Newly Joined Peer) to access the network managed by the P2P server, the server and the New Peer mutually authenticate, and upon successful authentication, the server authenticates the AC (Attribute Certificate) and Super Peer according to the authority of the New Peer. Forwards their IP list to New Peer.

After receiving AC, New Peer connects to the appropriate Super Peer. Subsequently, New Peer will be managed by this Super Peer. For reference, the server certificate is installed when the peer program is distributed.

Detailed Course

Step 1) New Peer checks the Certificate Revocation List (CRL) of the certificate to verify the validity of the server certificate before connecting to the server. If the certificate is revoked, it cannot be used.

Step 2) New Peer establishes a TCP connection with the server.

Step 3) The server generates a random number (random value) and delivers it to New Peer.

Step 4) After receiving a random number from the server, New Peer generates a random random value and then generates the next message.

E _pub ([ID | Password | R _P | R _S ])

ID: User Id

Password: user password

RP: A random value generated by New Peer and used as a session key until New Peer logs in and closes the connection.

RS: This is a random value generated by the server. It changes every time New Peer logs in. Prevents Replay Attack.

Epub: Encrypt the message with the server's public key.

Step 5) Send the generated message and ID to the server.

E _pub ([ID | Password | R _P | R _S ]), ID

Step 6) The server decrypts with its own private key, checks the following and shares R _P as a session key.

The check is sent from the server, R _S and R _S From New peer equality.

Check if ID received and ID decrypted in the message are the same.

Check if the password decrypted in the message is the same as the password stored in the server.

Step 7) Create an AC that matches the authority of New Peer stored in the server and deliver it to New Peer. The structure of AC is as follows.

[File Type | Privilege | CertBindInfo | Date | SIpList | S _pri ]

File Type: Displays the types of files that are allowed to New Peer among the contents shared by P2P system. There can be more than one file type, which consists of a list. (mp3, avi, wmv, asf, pdf etc.)

Privilege: shows the privilege of New Peer. Privileges can have one or more privileges and are organized into a list. (Adult user, paid user, free user, employee, agent, manager, etc.)

CertBindInfo: Information to bind New Peer's certificate and AC. It contains the issuer of the certificate and the hash value of the certificate's serial number. This is the only value.

Date: Indicates the validity period of the issued AC and uses UTC (Universal Time Coordinate). It should be very short compared to a certificate and is usually issued on a daily basis.

SIpList: IP list value of Super Peers.

Spri: Takes a signature value in a message.

Step 8) Close the TCP connection.

Step 9) As a peer, connect to the appropriate Super Peer.

Search content

Let's call the Peer you want the current search or content. The consuming peer periodically obtains the IPs of the peers belonging to the entire P2P network through the Super Peer, and broadcasts the search message to the IPs of all peers by UDP or TCP to find the desired content. Each peer that receives the search message sends the information of the content and its IP directly to the consuming peer if it finds a content that matches the search message. In existing P2P systems, this poses a risk of hacking. In other words, they cheat the content they don't have, change the hacking tool or virus to the name of the content that the consuming peer wants, and send the information of the content and its IP to Peer. Then, the consuming peer thinks that the content is what they want, and if they download and run a hacking tool or virus, they will be harmed. Therefore, there is a need to supplement the content search message. However, the content search message on the P2P network is delivered to all peers and is very frequent, so applying the supplementary measures to all the content search messages takes a lot of system load. Therefore, in the proposed P2P system, the content search message is used in the same way as the general P2P program, and the countermeasure against hacking or virus is to check if the content is actually downloaded.

Content search and response protocol

Step 1) Consuming peer is sent to all peers by searching message UDP or TCP to IP of all peers received from Super Peer to find the desired contents.

Step 2) Each peer transfers its own IP to the consuming peer if there is a match among the contents it has.

Protocol to download the searched contents by direct connection

If the content that the consumption peer wants is in the distribution peer (distributed peer), the consumption peer gets the content through the direct TCP connection to the distribution peer. At this time, the distribution and consumption peers need to authenticate each other. This authentication method is shown in [Fig. 3], and the protocol is described in the following order.

Step 1) The consuming peer requests the desired file from the distribution peer. The request content structure is as follows:

Consumption peer Cert | FileName | Time stamp | S _NewPeer ], AC _NewPeer

Consuming peer Cert: The certificate of the consuming peer who wants the file

FileName: Name of file desired by consuming peer

Time stamp: Valid time (for preventing Replay Attack attack)

S _NewPeer : Consumption peer's signature on the message

          (= Sign ([Consumer peer Cert | FileName | Time stamp])

AC _NewPeer : AC of consuming peer

Step 2) The distribution peer _{verifies the} received AC _NewPeer with the server's certificate and verifies the validity of the ACNewPeer in Local Time. In this case, an error may occur if the local machine time is set incorrectly even during the normal validity period. If verification fails, request the server to verify the correct UTC time again.

Step 3) Check the binding of the AC _NewPeer and the consuming peer Cert. In other words,

Hash [Cert Issuer | Cert Serial Number] == CertBindInfo

Step 4) The distribution peer verifies the signature of the unique information file for the content requested by the consuming peer with the certificate of the company that owns the content. Next, the unique information file corresponding to the content is found by the content file name, and then the integrity is verified by comparing the hash value of the content with the hash value obtained from the content unique information file. This prevents hacking tools or viruses from deceiving them as valid content and sending them to other peers.

Step 5) The distribution peer decides whether to allow by comparing the authority specified in AC _NewPeer with the authority stored in the unique information file for the content desired by the consuming peer.

Step 6) If the content is acceptable, the distribution peer generates a random value and sends the following message to the consuming peer.

[Distribution peer Cert | unique informationfile | E _NewPeerPub (R _PeerA ) | S _PeerA ]

Distribution peer Cert: The certificate of the distribution peer sending the file.

Unique information file: Unique information file corresponding to the content desired by the consuming peer

E _NewPeerPub (R _PeerA ): The encryption key random value generated by the distribution peer with the public key of the consuming peer.

S _PeerA : Signature value of distribution peer for message

Step 7) The consuming peer verifies S with the distribution peer's certificate. This authenticates the distribution peer.

Step 8) Signature verification of the signature of the unique information file with the certificate of the owning company.

Step 9) After verifying, the consuming peer requests content distribution to the distribution peer.

Step 10) The distribution peer encrypts and transmits the content using the public key of the consuming peer. When retransmission is requested because the transmission is broken, the next block of the previously transmitted block is transmitted.

Step 11) Integrity is checked by comparing the hash value of the content and the hash value of the unique information file.

Hash [Data] == Hash Value

Payment for the acquired content

After the consuming peer normally receives the content from the distribution peer, the consuming peer sends a completion message to the server. The server stores the received completion message in its database for payment, and then notifies the distribution peer that the payment has been made. In this case, the processing such as billing takes a lot of load on the server to perform in real time, so once the payment information is stored in the database, it is processed on the payment day or is made immediately. Depending on your system, it may be efficient to have a separate database server for processing. That is, it is stored through the Super User in the DB Server of FIG.

Inspection and payment order is shown in [Fig. 5], the order is as follows.

Step 1) Consumption Peer sends the following payment message to server after receiving contents normally.

E _np ([Receiver | Sender | Filename | Time | Primary Key | Hash Value]), Receiver

Receiver: ID of the consuming peer

Sender: Distributor Peer ID

Filename: File name of the content

Time: Prevents Replay Attack with current time up to seconds

Primary Key: Hash [R _p | Filename | Time] value, unique during current Peer session.

Hash Value: hash value of the message for integrity checking

Step 2) The server decrypts the message with the Rp of the receiver (consumer peer) and checks whether it is equal to the receiver value in the message.

Step 3) The server stores the contents of the decrypted message in the database. Where Hash [R _p | Filename | Time] value is unique in the current session of the consuming peer, so it can be prevented by specifying the primary key in the database.

Step 4) The server checks whether there is a record that the distribution peer has registered the content or downloaded the payment.

Step 5) After saving to the database, the server informs the distribution peer of the payment. That is, it has the following structure.

E _pa ([Receiver | Status | Filename | Primary Key])

Receiver: Peer that received content from distribution peer (consumer peer)

Status: indicates whether the content was successfully received or failed

Filename: File name of the content received from the distribution peer

Primary Key: Prevent Replay Attack with unique value during one session

Epa: Random value shared by the distribution peer when it logs in to the server

Validation of P2P system with security and authority management

Identity verification using a public certificate

The P2P system utilizes a certificate that has already been issued for electronic commerce and internet finance through the web. This certificate has already been issued by a registration authority (RA), such as a bank, to verify its identity and provide legal protection. In addition, by issuing AC to the user using such a certificate, it is possible to know the age of the user and to judge whether or not it is an adult.

Password sniffing protection of users

The reason why sniffing of ID or password does not occur in P2P system is that there is no benefit from sniffing ID or password. However, when used commercially like the proposed P2P, there is a great possibility of sniffing ID or password. When logging in, it is possible to prevent attacks such as Replay Attack by using the server's public key to change confidentiality using ID and password encryption and random values each time.

Illegal users want to make and distribute illegal content themselves

If illegal user wants to distribute MP3 file of song hello through CD, distribution peer cannot download because there is no unique information file about hello. In addition, if you copy only the unique information file offline and distribute it with hello, if the hash value of the file is wrong, for example, the MP3 file called hello created by the owner of the content and the MP3 file called hello created by the illegal user When Peer downloads, the comparison of hash values in step 4) is incorrect, so dissemination is impossible.

If you want to copy and distribute the content and unique information file of the content

In case of distributing the content and its unique file information through offline together, it can be caught as follows when payment of the content. In other words, when the illegal distribution peer illegally copies the content and another consumption peer (eg, Peer B) receives the content, Peer B sends a payment message to the server. The server takes the name of the content Peer B received from the distribution peer in real time and checks if the distribution peer has received the content from another peer. If the content is not in the distribution peer's list, the content is illegally copied. Known and real-time traceback is possible.

Spoof extensions, change content, deceive viruses or hacking tools as content

One of the problems with P2P security is to trick viruses and hacking tools into tricky content downloads. In addition, there is a case of confusion by changing the file name, when the user changes the name of hello.mp3 to bye.mp3 and distributes it. In all these cases, it can be prevented because it can be verified in the unique information file of the content of step 4) during the download.

If you download content that doesn't match your permissions

In the case of existing P2P, adolescents are unprotected and exposed to adult material such as pornography, and there is no way to prevent it. In P2P, AC can be issued to each user to prevent downloading of content that does not conform to authority.

Security of Content over Network Transport

When Peer vs Peer sends and receives the content, the sending Peer encrypts the content and the receiving Peer decrypts the content.

Payment process hacking function

Even if Peer sends a payment message to the server, there is a possibility of hacking. This can be solved by encrypting the Peer using a random value (session key) exchanged with the server when logging in.

1 is a diagram illustrating a P2P system consisting of two steps, a conventional distribution infrastructure provider and a peer. FIG. 2 is a diagram illustrating a relationship between a server, a super peer, and a peer according to an embodiment of the present invention. According to an embodiment of the present invention, a flow chart illustrating a process of authenticating between a distribution peer and a consuming peer. FIG. 4 is a diagram illustrating storing payment information in a database server according to an embodiment of the present invention. 5 is a flowchart illustrating an integrity check and a payment step for P2P downloaded content according to an embodiment of the present invention. FIG. 6 is a diagram illustrating a P2P system according to an embodiment of the present invention.

Claims (6)

Generating a unique information file of content to be provided by a content provider and transmitting the certificate and the generated unique information file to a server to register with the server; New Peer who wants to use P2P communication service authenticates with the server, and then IP list of Super Peers that manages the IP (Attribute Certificat) indicating the new Peer's authorization information and the IP information of the multiple peers from the server. Receiving and receiving management by accessing a specific Super Peer, Broadcasting a search message related to the content desired by the consuming peer who wants to search or download the content P2P to the entire distribution peer; When the distribution peer has content that matches the search message, transmitting the information of the content and its IP to the consuming peer; Requesting the download of the content by the consuming peer receiving the content information and the IP of the distribution peer; The distribution peer transmits the content encrypted with the public key to the consumption peer after the predetermined authentication with the consumption peer; After the consumption peer successfully downloads the content and verifies the integrity of the content, transmitting the payment message (E _np ) requesting payment to the server; The server stores the payment message (E _np ) in a predetermined database and notifies the distribution peer as a message (E _pa ) of the payment. Method of operation of a P2P system comprising a. The method of claim 1, wherein the unique information file, It includes a field of [Company | Author | Title | Filename | Privilege | Price | Hash Value | S _Company ], where the company is the company that owns the copyright of the content, the Authorr is the creator of the content, and the Title is the creator of the content. The Filename is the file name of the content, the Price is the price of the content, the Privilege is the right to receive the content according to the rating of the consumption peer, the Hash Value is the hash value of the content, the S _Company owns the content copyright A method of operation of a P2P system that represents the signature value of a company. The method of claim 1, wherein the AC (Attribute Certificat), It contains a field of [File Type | Privilege | CertBindInfo | Date | SIpList | S _pri ], where File Type is the type of file permitted to New Peer in the content, Privilege is the authority of New Peer and the issuer of the CertBindInfosms certificate. The hash value of the serial number value of the certificate, Date is the validity period of the issued AC, SIpList is the IP list of the Super Peers, S _pri is a signature value of the message operation method. The method of claim 1, wherein the consuming peer verifies the integrity of the downloaded file. Verifying the signature of the unique information file for the content requested by the consuming peer as a certificate of a company having ownership of the content; Finding the unique information file of the content by the content file name, and comparing the hash value of the content with the hash value obtained from the unique information file of the content Method of operation of a P2P system comprising a. The method of claim 1, wherein the payment message (E _np ), [Receiver | Sender | Filename | Time | Primary Key | Hash Value] field, wherein the Receiver is the ID of the consuming peer, the Sender is the ID of the distribution peer, the Filename is the file name of the content, and the Time is in seconds. Current time, wherein the Primary Key is a unique value for preventing a relay attack, Hash Values is a hash value of the content. The message E _pa of claim 1, wherein the message E _pa notifying the distributor Peer of the payment is provided. It contains a field of [Receiver | Status | Filename | Primary Key], wherein the receiver receives the content from the distribution peer, the status indicates whether the content has been successfully received, the file name indicates the content file name received from the distribution peer, Primary Key is a method of operating a P2P system that represents a unique value to prevent a relay attack.