Halo: A Hierarchical Identity-Based Public Key Infrastructure for Peer-to-Peer Opportunistic Collaboration

Abstract

The lack of information security protection for peer-to-peer systems has hampered the use of this robust and scalable technology in sensitive applications. The security weakness is rooted in the server-less architecture and the demand driven ad-hoc operation scenarios of peer-to-peer systems. Together, they prohibit scalable key management using traditional symmetric/asymmetric cryptographic techniques. The advent of hierarchical identity-based cryptography and thresholded/joint secret sharing offers a possible solution to this problem. In this paper, we present the design of Halo, a hierarchical identity-based public key infrastructure that uses these novel technologies to perform recursive instantiation of private key generators and establish a trust hierarchy with unlimited number of levels. The PKI thus enables the employment of hierarchical identity-based public key encryption, signature, and signcryption for the protection of peer-to-peer applications. The effort to implement a proof-of-concept prototype as a JXTA service module was also discussed.