A MODIFIED ALGORITHM FOR PEER-TO-PEER ... - Semantic Scholar

Appl. Comput. Math. 6 (2007), no.2, pp.258-264

A MODIFIED ALGORITHM FOR PEER-TO-PEER SECURITY SEDAT AKLEYLEK †, LEVENT EMMUNGIL ‡, URFAT NURIYEV ††, § Abstract. In this paper we present the steganographic approach to peer-to-peer systems with a modified algorithm. This gives the user a very high level of protection against being compelled to disclose its contents. Even the realization of the quantum computer cannot solve NP-hard problem in a polynomial time, a modified algorithm with steganographic use depending on Knapsack problem may make peer-to-peer systems secure. Keywords: peer-to-peer (P2P) security, cryptography, steganography, El Gamal, Knapsack problem.

1. Introduction The popularity of information technologies is increasing day by day. But increased usage of these technologies will cause the computer networks operate clumsily. The studies about Internet2 and a new computer network by Japans just emerged. The reason for the new approaches to the computer networks began with the increase in the number of nodes. The servers became insufficient although the bandwidths are high enough. Moreover, the servers may not have data that the user needs. Although there are studies about new computer networks, information technologies overcome these obstacles by using peer-to-peer communication. Peer-to-peer networks combine the advantages of dedicated servers with improved bandwidth usage and amount of data. There may be servers but mostly these are used for indexing. While each user shares some files the network becomes a huge collection of data. Peer-to-peer networks can be used for file sharing, real-time communications or distributed computing. a) File sharing can be much more efficient than usual servers. Limewire, Ares are examples. Some peer-to peer networks have millions of users and terabytes of files. This leads a user to reach intended data in seconds. While usual servers use standard transmission protocols, the bandwidth usage becomes limited. Appropriate protocols and parallel communications lead peer-to-peer applications to use almost all available bandwidth. b) Real-time communications is another usage of peer-to-peer networks. Skype is one of the most famous one. At past there are many voice and video communication applications, but they were not successful as Skype. Of course there are many firms developing these communication techniques. Their success is the result of appropriate usage of peer-to-peer networks. c) Distributed computing is another one. In fact, it is the most economic way of obtaining high computing power. Very high computing power is very difficult to cover no matter which institution it is. Instead of it, institutions used peer-to-peer communication techniques with other institutions to combine the resources. This leads for institutions to reach almost impossible computing power levels. Peer-to-peer (P2P) networks are also being improved. The P2P system reached to fourth generation. According to the first generation, the system has evolved and it is being improved. †Institute of Applied Mathematics, Middle East Technical University, e-mail: [email protected], ‡Computer Education and Instructional Technology, Bakent University,e-mail: [email protected] ††Department of Mathematics, Ege University e-mail: [email protected] M Department of Mathematics, Ege University §Manuscript received 29 September, 2007. 258

SEDAT AKLEYLEK, LEVENT EMMUNGIL, URFAT NURIYEV : A MODIFIED ALGORITHM ...

259

The first generation of P2P has server-client model. In this generation the queries were sent to the server and the server replied with the list of nodes which have the requested file. The second generation emerged by the legal problems of first generation software. This generation brings decentralized servers. In fact it is not so different from the former generation, instead this did not have centralized server, some powerful nodes act as servers. The aim of this strategy was overcome the legal obstacles. Most P2P software still uses this technique. Bittorrent is the most famous example. Third generation brings anonymity to the P2P networks. Although it did not have much implementation, having offered some encryption and anonymity makes this a new generation. Fourth generation supports streams over P2P networks. Of course the success of P2P networks did not limited to file sharing. Video conference, VoIP, radio and TV broadcasts became popular and presented the fourth generation P2P networks. Podcasts is one of the most famous types. One of the network administrators of ULAKBIM (National Academic Network Institution of Trkey) admits that the most successful application is peer-to-peer networking applications (Soysal, 2006, Personal Interview, National Academic Network Institution, Ankara). ”Although it is not easy to deal with those programs’ high bandwidthusage in national network, I have to admit that, in my opinion, the most successful applications are peer-to-peer networking applications. They can use the bandwidth in the most appropriate way, and no other software can accomplish those levels. There are new studies to improve the effectiveness of the internet, but it becomes more difficult as time passes. So, in the near future the peer-to-peer applications remain popular. So it is necessary to consider about the security issues of peer-to-peer networks. Information technologies are based on resource sharing. A computer mostly does not mean much without belonging to a network. When it is connected to a network the resources of that computer can be shared or it can use the resources on other computers. The most important resource is information regardless its type. Although printers, scanners etc. an be shared in local area network, the information can be shared across all over the internet. In this manner information sharing becomes the most important factor of computer networks. There are many ways of information sharing. Building a web site, joining to mailing lists, using forums are some examples. But there is another way, combining the speed, usability, and security of local area network with the unlimited resources of the internet. This is what we called peer-topeer networks. You can share whatever information you like with anyone using all available bandwidth by overwhelming the limitation of regular browser speeds. It is as fast as it can be, usable as takes the advantages of LAN and the internet. However, what about the security. Does it secure or does it open to sniffing or manipulating? This article intends to offer one of the strategies of overcoming the security problems of Peer-to-peer networks.

2. Cryptography and Steganography There are several ways to make Peer-to-peer networks secure. Cryptography is the most important role in each way. Cryptography is the study of mathematical techniques related to a spects of information security such as confidentiality, integrity, authentication and nonrepudiation [10]. (1) Confidentiality is a service used to keep the content of information from all but those authorized to have it. Secrecy is a term synonymous with confidentiality and privacy. (2) Integrity is a service which addresses the unauthorized alterion of data. (3) Authentication is a service related to identification. This function applies to both entities and information itself. (4) Non-repudiation is a service which prevents an entity from denying previous commitments or actions.

260

APPL. COMPUT. MATH., VOL. 6, NO.2, 2007

A fundamental goal of cryptography is to adequately address these four areas in both theory and practice. Cryptography is about the prevention and detection of cheating and other malicious activities. Therefore, cryptographic algorithms are very useful in peer-to-peer systems since they can uniquely protect message for an individual recipient, and verify its integrity. Steganography is the art of covered or hidden writing. A steganographic system embeds hidden content in unremarkable cover media so as not to arouse an eavesdropper’s suspicion. The purpose of steganography is covert communication to hide a message from a third party [7]. This differs from cryptography, the art of secret writing, which is intended to make a message unreadable by a third party but does hide the existence of the secret communication. Steganography has a wide application area [8]. Internet users need to store, send and receive private information over insecure channels. Only encrypting message may not be good solution since if given enough time, someone could decrypt the message. Steganography may be a solution to this problem [1]. When encryption and steganography work together, data is safe and anybody cannot see that there is data in it. Many common digital steganography techniques employ graphical images or audio files as the carrier. The most common steganography method in graphical images and audio files employs some type of least significant bit substitution or overwriting. The least significant bit term comes from the numeric significance of the bits in a byte. The most significant bit is the one with the highest arithmetic value, whereas the least significant bit is the one with the lowest arithmetic value. [2] is an example of this kind.

3. Knapsack Problem Knapsack problem is the namesake of type of cryptosystems of which Merkle-Hellman scheme is the progenitor. However, there is some confusion over this namesake. Some writers feel that Knapsack cryptosystem is a misnomer because the cryptosystem is actually based on the subset sum problem. For example, Douglas R. Stinson points out that a Knapsack problem usually refers to one “involving selecting objects with given weights profits in such a way that a specified capacity is not exceeded and aP specified target profit is attained”. That is a Knapsack problem, P as he sees it, is to maximize pi · xi ≤ c subject to wi · xi ≤ c where pi and wi are the profit and the weight of object i respectively, xi is a binary variable signifying whether object i is selected or not, and c is the capacity. And the subset problem usually is defined as one under which a finite set of natural numbers is given and we are asked whether there is a subset of this set whose elements sum up to a certain target, which is also a natural number. On the other hand, there are people [4], [5] who define a Knapsack problem exactly as the subset sum problem described above. It is exactly [4] and [5] that Merkle and Hellman cited in their paper as the description of the Knapsack problem on which they based their cryptosystem. Interestingly, on the other hand, there are also people who view the subset sum problem as a particular form of the Knapsack problem as described by Stinson. In this point of view, subset sum problem is a Knapsack problem, as described by Stinson, in which the per-object profits and the per object weights are equal for all objects. Therefore, whether it should be called Knapsack problem or subset sum problem depends on how these problems are defined and there appears to be no uniform definition. In this paper, we would use the term “Knapsack problem” (the decision version) as Merkle and Hellman used it, that is, as a problem in which given a set of integersA = (a1 , a2 , ..., an ), and an integerS, we are to decide whether there is a subset of A that sums to exactlyS. There is another twist to the definition of the Knapsack problem. As it is defined by the sources quoted in [5], the Knapsack problem is a decision problem, which is NPcomplete. But the version actually used in [5] is a search problem, where we are asked what that subset of A is, rather than just whether it exists or not. [5] properly recognized this distinction and in effect stated correctly that this Knapsack search problem is NP-hard. NP-completeness is defined for decision problems only. Accordingly, we would define the “Knapsack problem”


261

(the search version) as: Given a vector, the so-called cargo vector, (a1 , a2 , ..., an ), where ai is an integer and is called a weight or size, find P a binary vector (x1 , x2 , ..., xn ) such that their dot product is exactly equal to a given S, i.e. ai · xi = S. Still another complication is that [5] extends the Knapsack problem somewhat. In the basic Knapsack problem, there is a binary vector x, i.e. a vector of variables that can take on values of either 0 or 1; thus the problem is also referred to as a 0-1 Knapsack problem. [5] generalizes it so that xi ’s can take on values in the set {0, 1, 2, . . . , 2b − 1} where b is a positive integer, rather than just in {0, 1}. Some call this modified version “compact Knapsack” or “general Knapsack.” 3.1. Merkle-Hellman Knapsack Cryptosystem. This well-known cryptosystem was first described in 1978 [11]. In the Merkle-Hellman cryptosystem can be described as follows: j−1 P Step 1 : A super-increasing sequence, A, is chosen, ai < aj , 2 ≤ j ≤ n, where A = (a1 , a2 , ..., an ), for all ai ’s are integer. Step 2 : m, w are computed with m >

i=1

n P i=1

ai and gcd(w, m) = 1.

Step 3 : Elements of sequence B are computed with bi ≡ ai · wmodm, 1 ≤ i ≤ n. Step 4 : The message is the binary form like X = (x1 , x2 , ..., xn ). Then, encryption is to n P compute S = bi · xi . i=1

Step 5 : w−1 is computed by using w · w−1 modm ≡ 1. Then, decryption is compute X ≡ w−1 · Smodm. Step 6 : X = x1 · a1 + x2 · a2 + ... + xn · an is calculated. 3.2. Knapsack Problem with El Gamal Cryptosystem. In this section, El Gamal cryptosystem [10] is connected with Knapsack problem. This new system can be described as follows : j−1 P Step 1 : A super-increasing sequence, A, is chosen, ai < aj , 2 ≤ j ≤ n, where A = i=1

(a1 , a2 , ..., an ), for all ai ’s are integer. Step 2 : The keys of El Gamal {y, g, p, x} are calculated. Step 3 : Elements of sequence B are computed with the following operations : y ≡ g x modp, si ≡ g k modp, ui ≡ y k · ai modp and bi = (si , ui ), where 1 ≤ i ≤ n. Finally, B = (b1 , b2 , ..., bn ) = ((s1 , u1 ), (s2 , u2 ), ..., (sn , un )) is obtained. Step 4 : The Qnmessage isxi the binary form like X = (x1 , x2 , ..., xn ). Then, encryption is to compute S = i=1 (si , xi ) . Qn Q ui is computed. Then, h = ni=1 axi i . Step 5 : To decrypt the message h = Qn i=1 x i=1 si modp Step 6 : X = (x1 , x2 , ..., xn ) is calculated. Figure 1 shows the process flow of secretly transmitting data using steganography and Knapsack problem with El Gamal cryptosystem. 3.3.Security and Implementation Analysis of Knapsack Problem with El Gamal Cryptosystem There is no polynomial time algorithm to solve El Gamal cryptosystem based on the difficulty of a problem called the ”discrete logarithm”. Merkle-Hellman knapsack cryptosystem can be cracked by using LLL algorithm. Since the structure of super-increasing sequence is changed by El Gamal cryptosystem, LLL algorithm is not applicable for long sequences such as bigger than 100. Moreover, as the new system’s security depends upon El Gamal cryptosystem and

262


the hardness of Knapsack problem, Knapsack problem with El Gamal cryptosystem has similar security with RSA for equivalent key lengths. However, one should be careful to choose exponents not being weak. After comparing this system with RSA, one can notice that RSA is about 10 to 100 slower than this system. Although this system has more advantages, it may not be feasible to use in such systems because of the memory problem and standards.

Figure 1. Process flow

4. CONCLUSION Peer-to-peer systems can be used for a wide range of functions. Moreover, they are more effective than others. Cryptographic properties confidentiality, integrity, authentication and nonrepudiation play an important role to make this communication secure. Modified algorithm with steganographic use described in this paper may be a solution to security problem of peer-to-peer systems. Authentication problem can be achieved by using Kerberos a network authentication protocol. It is designed to provide strong authentication for client/server applications by using secret key cryptography [15].


263

References [1] Artz, D. , Spotlight: Digital Steganography. IEEE Internet Computing 5(3): 75- (2001) [2] Akleylek, S., Nuriyev, U.G. , Steganography and It’s A New Application, IEEE 13. Signal Processing and Communication Applications Council (SIU-2005), Communiques Book, Kayseri, May 16-18 , Erciyes University, 2005. [3] Garey, M. R. ,and Johnson, D. S. , Computers and Intractability: A Guide to the Theory of NP-Completeness, 1979 [4] Horowitz, E. , Sahni, S. , Computing Partitions with Applications to the Knapsack Problem, Journal of the ACM, vol. 21, no. 2, April 1974, pp. 277-292. [5] Karp, R. M. , Reducibility among Combinatorial Problems, Complexity of Computer Computations. Plenum, New York, 1972, pp. 85-104. [6] Kellerer, H. , Pferschy, U. , Pisinger, D. , Knapsack Problems, Berlin, Springer, 2004. [7] Kessler, G. , An Overview of Steganography for the Computer Forensics Examiner, 2004 [8] http://jp.fujitsu.com/group/labs/downloads/en/business/activities/activities-4/fujitsu-labs-imagevoice003-en.pdf. [9] Martello, S., Toth, P. , Knapsack Problems:Algorithms and Computer Implementations, John Wiley, Chichester, England, 1990. [10] Menezes, J., Oorschot, P. C., Vanstone, S. A.,(1996), Handbook of Applied Cryptography, http://www.cacr.math.uwaterloo.ca/hac/ [11] Merkle, R.C., Hellman, M. E. , Hiding Information and Signatures in Trapdoor Knapsacks, IEEE Transactions on Information Theory, vol. IT-24, 1978, pp. 525-530. [12] Nuriev, U.G., Optimal logation of reserving files in distributed computer systems, Applied and Computational Mathematics (An International Journal), Vol.1, No:2, 2002, pp. 195-200. [13] Nikitin, A.I., Nuriev, U.G., On a method of the solution of the Knapsack Problem (Russian, English summary), Kibernetika, No. 2, 1983, pp. 108 - 110. [14] Taher ElGamal, A public key cryptosystem and a signature scheme based on discrete logarithms, in Advances in Cryptology, volume CRYPTO ’84, pages 10-18. Springer. [15] http://web.mit.edu/Kerberos/

Sedat Akleylek - is currently a research assistant in the Institute of Applied Mathematics at Middle East Technical University (METU). He received the B.Sc. degree in mathematics and computer science from Ege University in 2004. He is in the thesis stage in M.Sc. at Cryptography Department of METU. He has many studies in the areas of cryptography, technology, computer science and distance education. His research interests include security of online learning, public key cryptography, block ciphers, e-government implementations, public key infrastructure. He believes that security and accessibility are the necessities to reach and use the technology efficiently.

264


Levent Emmungil - is an instructor at Computer Education and Instructional Technology Department of Baskent University. He completed the undergraduate study at the same department of Middle East Technical University (METU) in 2002. He got the M.S. degree at 2004 from the department of Secondary Science and Mathematics Education (SSME) at METU. He is in the thesis stage in Ph.D. at SSME department of METU. He also had some cooperative works with the commercial firms, in order to give more useful instruction to the students. Levent Emmungil has many studies in the area of both education and technology. He is mostly studying on integrating technology into education especially web supported instruction. Besides he thinks that effective technology usage should be emphasized in the perspectives of security and usability. Urfat G. Nuriyev -received the B.S. and M.S. degrees in 1976 from Baku State University. He received Ph. D. degree in 1983 from Institute of Cybernetic, National Academy of Science of Ukraine. Between 1984 and 1992 he worked as researcher at Institute of Cybernetic, National Academy of Science of Azerbaijan and he became the Head of Parallel Systems of Decision Making Department there. He received Associate Professor Degree in 1989 from Cybernetic Institute of Academy of Science, Azerbaijan. He received Professor Degree in 2005 from Mathematic Department, Science Faculty of Ege University, Turkey and he still works there. His research interests are operational research, discrete mathematics, combinatorial optimization, applied programming, computer systems. He has published over 100 research papers.