Security Issues and Solutions in Peer-to-Peer Systems for Realtime Communications
RFC 5765

Document Type RFC - Informational (February 2010; Errata)
Last updated 2015-10-14
Replaces draft-schulzrinne-p2prg-rtc-security
Stream IRTF
Formats plain text pdf html bibtex
Stream IRTF state (None)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state RFC 5765 (Informational)
Telechat date
Responsible AD Robert Sparks
Send notices to (None)
Internet Research Task Force (IRTF)                       H. Schulzrinne
Request for Comments: 5765                           Columbia University
Category: Informational                                       E. Marocco
ISSN: 2070-1721                                           Telecom Italia
                                                                 E. Ivov
                                                        SIP Communicator
                                                           February 2010

         Security Issues and Solutions in Peer-to-Peer Systems
                      for Realtime Communications

Abstract

   Peer-to-peer (P2P) networks have become popular for certain
   applications and deployments for a variety of reasons, including
   fault tolerance, economics, and legal issues.  It has therefore
   become reasonable for resource consuming and typically centralized
   applications like Voice over IP (VoIP) and, in general, realtime
   communication to adapt and exploit the benefits of P2P.  Such a
   migration needs to address a new set of P2P-specific security
   problems.  This document describes some of the known issues found in
   common P2P networks, analyzing the relevance of such issues and the
   applicability of existing solutions when using P2P architectures for
   realtime communication.  This document is a product of the P2P
   Research Group.

Status of This Memo

   This document is not an Internet Standards Track specification; it is
   published for informational purposes.

   This document is a product of the Internet Research Task Force
   (IRTF).  The IRTF publishes the results of Internet-related research
   and development activities.  These results might not be suitable for
   deployment.  This RFC represents the consensus of the Peer-to-Peer
   Research Group of the Internet Research Task Force (IRTF).  Documents
   approved for publication by the IRSG are not a candidate for any
   level of Internet Standard; see Section 2 of RFC 5741.

   Information about the current status of this document, any errata,
   and how to provide feedback on it may be obtained at
   http://www.rfc-editor.org/info/rfc5765.

Schulzrinne, et al.           Informational                     [Page 1]
RFC 5765         Security in P2P Realtime Communications   February 2010

Copyright Notice

   Copyright (c) 2010 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (http://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.

Schulzrinne, et al.           Informational                     [Page 2]
RFC 5765         Security in P2P Realtime Communications   February 2010

Table of Contents

   1. Introduction ....................................................4
      1.1. Purpose of This Document ...................................6
      1.2. Structure of This Document .................................7
   2. The Attackers ...................................................8
      2.1. Incentive of the Attacker ..................................8
      2.2. Resources Available to the Attacker ........................9
      2.3. Victim of the Attack ......................................10
      2.4. Time of Attack ............................................10
   3. Admission Control ..............................................10
   4. Determining the Position in the Overlay ........................11
   5. Resilience against Malicious Peers .............................12
      5.1. Identification of Malicious Peers .........................13
           5.1.1. Proactive Identification ...........................13
           5.1.2. Reactive Identification ............................13
      5.2. Reputation Management Systems .............................14
           5.2.1. Unstructured Reputation Management .................14
           5.2.2. Structured Reputation Management ...................14
   6. Routing and Data Integrity .....................................15
      6.1. Data Integrity ............................................15
      6.2. Routing Integrity .........................................15
   7. Peer-to-Peer in Realtime Communication .........................16
      7.1. Peer Promotion ............................................17
           7.1.1. Active vs. Passive Upgrades ........................17
           7.1.2. When to Upgrade ....................................18
           7.1.3. Which Clients to Upgrade ...........................18
Show full document text