Graduate School and Research Center in Digital Sciences

Exploiting KAD: possible uses and misuses

Steiner, Moritz;En-Najjary, Taoufik;Biersack, Ernst W

Computer communications review, Volume 37, N°5, October 2007

Peer-to-peer systems have seen a tremendous growth in the last few years and peer-to-peer traffic makes a major fraction of the total traffic seen in the Internet. The dominating application for peerto- peer is file sharing. Some of the most popular peer-to-peer systems for file sharing have been Napster, FastTrack, BitTorrent, and eDonkey, each one counting a million or more users at their peak time. We got interested in KAD, since it is the only DHT that has been part of very popular peer-to-peer system with several million simultaneous users. As we have been studying KAD over the course of the last 18 months we have been both, fascinated and frightened by the possibilities KAD offers. Mounting a Sybil attack is very easy in KAD and allows to compromise the privacy of KAD users, to compromise the correct operation of the key lookup, and to mount DDOS with very little resources. In this paper, we will relate some of our findings and point out how KAD can be used and misused.

Document Doi Bibtex

Title:Exploiting KAD: possible uses and misuses
Keywords:Distributed Hash Table; Sybil attack;peer-to-peer system
Type:Journal
Language:English
City:
Date:
Department:Digital Security
Eurecom ref:2324
Copyright: © ACM, 2007. This is the author's version of the work. It is posted here by permission of ACM for your personal use. Not for redistribution. The definitive version was published in Computer communications review, Volume 37, N°5, October 2007 http://dx.doi.org/10.1145/1290168.1290176
Bibtex: @article{EURECOM+2324, doi = {http://dx.doi.org/10.1145/1290168.1290176 }, year = {2007}, month = {10}, title = {{E}xploiting {KAD}: possible uses and misuses}, author = {{S}teiner, {M}oritz and {E}n-{N}ajjary, {T}aoufik and {B}iersack, {E}rnst {W}}, journal = {{C}omputer communications review, {V}olume 37, {N}°5, {O}ctober 2007}, url = {http://www.eurecom.fr/publication/2324} }
See also: