Distributed Hash Tables (DHTs) promise to manage huge sets of key-value pairs in a Peer-to-Peer manner. The Content-Addressable Network (CAN) is a prominent variant of DHT. A critical challenge when designing a CAN, or indeed any DHT, is ensuring that all data items are accessible despite the presence of malicious and faulty peers. Such peers may hinder other peers in accessing the keys in various ways. In this paper we identify various types of attacks and propose, where possible, some countermeasures. To counter man-in-the-middle attacks we have developed a dynamically-adjustable multi-path routing algorithm. We evaluate the efficacy of our method both analytically and by simulation. For networks with less than 1% malicious peers we were able to reduce the effect of such attacks by 80%.
Thomas Reidemeister, Klemens Böhm, Paul A. S.