P2PWNCWireless Community Network

CMSC 711: Computer NetworksYee Lin Tan

Adam Phillippy

Introduction

♦ Ubiquitous Internet access is a necessity♦ Email, web, VoIP, messaging, remote

network access♦ Current state♦ Internet access far from ubiquitous♦ Required infrastructure not yet in place

♦ Wireless Internet Service Providers (WISPs)♦ Coverage limited to selected hotspots

♦ Wireless LAN (WLAN)♦ Deployed in homes, schools, airports, etc.

♦ Idea♦ Why not unite all WLANs to provide

ubiquitous access to the Internet?

Peer-to-Peer Wireless Network Confederation (P2PWNC)

♦ Framework for uniting WLAN hotspots

♦ Community of administrative domains that offer wireless internet access to each other’s users

♦ P2P network of domain agents (DA)

Peer-to-Peer Wireless Network Confederation (P2PWNC)

♦ Administrative Domain♦ Examples:

♦ Residential hotspot with 1 access point♦ WISP with access points in many locations

♦ Domain Agent (DA)♦ Each administrative domain maintains 1 DA♦ Physical node that represents the WLAN♦ Responsibilities:

♦ Regulates wireless service provision and consumption

♦ Eliminates need for roaming agreements

Peer-to-Peer Wireless Network Confederation (P2PWNC)

♦ Simple accounting mechanism based on token-exchange♦ When roaming in another P2PWNC

domain♦ To compensate for resources

consumed, home DA transfers tokens to visited DA

P2PWNC Design

♦ Based on reciprocity♦ Domains must provide resources

to visitors ♦ So that their own users can

consume resources of other P2PWNC domains when roaming

Distinctive Characteristics

♦ Open to all♦ No registration or central authority

♦ Joining P2PWNC is similar to joining a file-sharing network

♦ Free to use♦ No barrier to entry♦ Reciprocity drives the system

♦ Autonomous domains♦ Each domain decides how much resources

it wants to provide to visitors♦ Protects privacy♦ Identity and location privacy

P2P Systems

♦ Communities of economic agents cooperating for mutual benefit without centralized control

♦ Characteristics:♦ Makes use of otherwise underused

resources♦ Agent autonomy♦ Scalability, fault-tolerance, reliability

P2PWNC as a P2P System

♦ Underused resources♦ Residential hotspots typically operate only at a small

percentage of maximum throughput

♦ Cost-sharing♦ Distribute cost among participating administrative

domains♦ High cost for a single provider to cover large areas

♦ Hardware ♦ Administration, operations, maintenance

♦ Decentralized control♦ Distributed accounting to track who owes who and

how much

♦ Agent autonomy♦ Can dynamically adjust provisioning rates

Architectural Overview

♦ Unique logical name for each DA♦ Can reuse DNS name

♦ Registered users♦ Local users of a particular domain♦ Examples:♦ Residential hotspot: all household

members♦WISP: all subscribers

♦ Roaming users♦ Visiting users from another domain

DA Modules

♦ Name service♦ Maps logical P2PWNC domain names to IP

addresses of DAs♦ Authentication

♦ Maintains a database of registered users along with security credentials

♦ Traffic-policing♦ Logs and shapes internet traffic♦ Allocates specific amounts of bandwidth to

visitors♦ WLAN

♦ Firewall, DHCP, DNS, access point control♦ Distributed accounting

♦ Secure storage of accounting data

DA Modules (2)

♦ Consumer-strategy♦ Home DA’s consumer-strategy is

contacted when roaming user wants service

♦ Decides if transaction should continue♦ Pays required tokens to visited DA’s

provider-strategy module♦ Provider-strategy♦ Decides whether to provide service to

visitor♦ Decides current service prices

DA Modules (3)

♦ Privacy-enhancement♦ Protects identity privacy♦Hides user name and home DA of

roaming user from visited DA

♦ Protects location privacy♦Hides visited DA from home DA

♦ Distributed Hash Table♦ Low-level module used by name

service and distributed accounting

Security and Privacy Issues

♦ Abuse by untrustworthy visitors♦ Illegal activities

♦ Traffic logging by untrustworthy providers♦ Possible solution: tunneling through

trusted gateway (e.g. home DA)

♦ Identity privacy♦ Possible solution: create a new alias for

every new connection?

♦ Identity and location privacy♦ Possible solution: Mix network

Mix network

Peer ‘P’(provider)

Peer ‘A’(mix 1)

Peer ‘B’(mix 2)

Peer ‘C’(home)

“My P2PWNC ID is Alias_X@A”

Credentials include real ID and a mix chain encrypted using nested public-key encryptions

Alias_X@A{ MIX, B, { MIX, C, { STOP, X }C }B }A

Alias_X@B{ MIX, C, { STOP, X }C }B

Alias_X@C{ STOP, X }C

X@CIdea credit: David Chaum

Slide credit: George Polyzos

Economic Considerations

♦ Optimal system parameters♦ Consumer/Provider strategies, token prices

♦ Secure distributed accounting subsystem♦ Monitors peer contribution and consumption♦ Uses cryptographically secure tokens (cannot be

forged)

♦ Domain strategies♦ How to charge usage:

♦ KBytes or hour, current congestions levels, identity of consumer

♦ How to balance conflicting requirements:♦ Want best possible service for its own roaming users♦ Must provide service to visitors to earn tokens for use

by roaming users♦ May affect service provided to its own local users

Economic Considerations (2)

♦ Offline DAs♦ Problem

♦ Roaming user requests service from visited DA♦ Visited DA unable to contact home DA

♦ Possible Solution (decentralized version)♦ Home DA distributes token allowances to users♦ User pays without intervention of home DA

♦ Token generation♦ How DAs first acquire tokens♦ Distributed banks generate tokens and

distribute to new entrants

Economic Considerations (3)

♦ Domain heterogeneity ♦ Different in terms of:

♦ Coverage size♦ Coverage location♦ Number of registered users

♦ Problem:♦ Domains with few visitors, difficult to earn tokens♦ Possible solution: set high token prices

♦ More general problem:♦ How to make sure a few domains don’t

monopolize all tokens?

Summary of DA Responsibilities

♦ Regulate prices for service♦ Make sure visitor traffic does not

adversely affect traffic from registered users

♦ Ensure best possible treatment for own (registered) users that are roaming

Business Models - Who can make a profit

♦ Upstream ISPs that allow P2PWNC may be preferred by customers

♦ “Pay-as-you-go” domains♦ Vendors can sell pre-paid cards

containing P2PWNC user id and credentials

♦ Virtual P2PWNC♦ Virtual DA obtains tokens from P2PWNC

domains outside normal interaction model♦ Sells tokens in the form of pre-paid cards

Business Models – Who can make a profit (2)

♦ P2PWNC domain aggregators♦ Host DA for multiple small WLANs♦ Similar to web hosting

♦ Vendors of DA modules♦ Provide consumer-strategy and

provider-strategy modules♦ Hotspot indexing engines♦ Tune DA parameters♦ Security and privacy enhancements

Operational Issues

♦ Need more economic analysis and simulations♦ How P2PWNC and token-based

incentive operate in real-world environment

♦ Regulatory obstacles♦ Some ISPs prohibit sharing of

broadband connections

P2PWNC Implementation

♦ http://mm.aueb.gr/research/p2pwnc

♦ GPL Licensed♦ AP: Linksys WRT54GS♦ Firmware

♦ Client: QTEK 9100♦ C and Java

Implementation Assumptions

♦ Good♦ No central authority♦ Users may use unlimited, free IDs♦ User consumption is not homogeneous♦ Software can be modified/hacked♦ Teams (domains) will try and cheat♦ Teams will collude

♦ Not so good♦ Team consumption is homogeneous♦ Team members trust each other♦ ISPs allow connection sharing

Teams, users, and receipts (IOUs)

Team AP

Team member

Receipt accounting

CO

NN

C

P

CA

CK R

CPT

RR

EQ

RC

PT

RR

EQ

RR

EQ

RC

PT

R

t0 w2

t0 w2

t0 w1?

provider, team timestamp, weight

Centralized

R

Decentralized

R

R

R

Decentralized

♦ One receipt server per team♦ Gossiping protocol♦ Devices carry a sample of receipts♦ Consumers share receipts with

providers

♦ Adds overhead for verifying receipts

♦ Incomplete view of the “receipt graph”

Receipt graph

A

B

C

G

H

FE

D

I

CD

B

G

HDoes C owe H?

Maxflow decision

♦ Probability of me granting you service

1,)(

)(min

PCmf

CPmfp

What IOU

What you owe me

Maxflow (bottle neck flow)

A

FE

I

C H

Min C-H cut

D

B

G

Abuse

♦ Uncooperative teams♦ Evident from receipt graph♦ Other teams will stop providing

service

♦ DOS attacks♦ Centralized server is vulnerable♦ Decentralized servers have secret IPs♦ Teams do not communicate via Internet

♦ Colluding teams…

Naive collusion

B

G

H

F

I

X2

X0

X1

C

Sophisticated collusion

B

G

H

F

I

X2X0

X1

X3

C

Generalized Maxflow

♦ Look for collusion hub X0

♦ Discount suspicious paths♦ Discount flow passing through

vertices with a high sum of outgoing edge weights

♦ Discount flow passing through many vertices

♦ Assumes homogeneous team usage

Security

♦ Team leader♦ Public/private keys for team identity♦ Signs member certificates

♦ Team members♦ Public/private keys for member identity

♦ All receipts are signed♦ Elliptic Curve Digital Signature Algorithm

(ECDSA)♦ Signing faster than verification♦ Mobile devices have limited computing

power

♦ No central authority (decentralized)

Security

Simulation

♦ Providers and consumers make decisions based on benefit-to-cost ratio♦ Evolutionary learning♦ Providing +cost, consuming +benefit

♦ Simulate interaction across 500 rounds♦ 1 new team added per round♦ 300 total teams

Strategies

♦ Switch to best strategy after each round♦ Most teams adopt cooperative

strategies♦ After 500 rounds♦ 175 Reciprocative teams♦ 100 Unconditional cooperator teams♦ 20 Random cooperator teams♦ 5 Unconditional defector teams

Strategy

Questions

♦ Will it work in the real world?♦ Sporadic usage♦ Receipt history flushing

♦ Is it scalable?♦ Maxflow could get expensive

♦ What about heterogeneous team usage?♦ Variable cost of bandwidth

♦ Who is responsible for the AP’s traffic?♦ Will the RIAA believe it wasn’t you?

P2PWNC Publications

♦ Initial idea♦ A Peer-to-Peer Approach to Wireless

LAN Roaming. Efstathiou EC, Polyzos GC. ACM WMASH, 2003.

♦ Implementation details♦ Stimulating Participation in Wireless

Community Networks. Efstathiou EC, Frangoudis PA, Polyzos GC. IEEE INFOCOM, 2006.

Receipt repository

Collusion

Maxflow overhead

Cryptographic overhead

Real-World Example - FON

♦ Largest WiFi community in the world

♦ Idea♦ Members (aka Foneros) share wireless

Internet access at home♦ In return, get free WiFi wherever

there is a Fonero Access Point♦Use Fonero login

♦ How to become a member:♦ Buy a WiFi router (aka La Fonera)

from FON

More about FON

♦ 3 types of Foneros (members)♦ Linuses

♦ People who share home WiFi to get free WiFi wherever there is a FON Access Point

♦ Aliens♦ People who do not share their WiFi but want access

to a FON Access Point♦ Charged $3 per day

♦ Bills♦ Businesses who want to make money off their WiFi♦ Don’t want free roaming♦ Get 50% of money Aliens pay♦ Can advertise on their own personalized FON

Access Point homepage