|
A Defense Against Intentional P2P Stream Corruption. Phil Windley refers to my paper on using Information Additive Codecs (IAC) on P2P Networks, and asks, 'I was wondering if anyone has done any work in this area that uses IACs in the presence of byzantine faults. My gut tells me there's something there and the work would be important since one would want to thwart the efforts of "bad guys" to corrupt a data stream by sending bad IAC data (think RIAA, for example).'
I replied to Phil, "My initial instinct is that the solution is to use PKI to digitally sign each chunk of data with the author's or legitimate distributor's private key. Then it would be essentially impossible to corrupt the results by inserting counterfeited chunks. Every receiver would have access to the publich key in order to ascertain the authenticity of the data on a chunk-by-chunk basis.
"Another way (perhaps not as elegant) would be to give a unique name or number identifier to each chunk, create an MD5 digest of each one, and separately download the MD5 fingerprints from a known (not P2P) source. IOW, I get my high-volume data through the P2P streaming mechanism, but separately I get the much smaller MD5 files in order to certify the streams."
Posted Saturday, October 05, 2002 12:29:36 PM 
|
