CORPS: Building a Community Of Reputable PeerS in Distributed Hash Tables Erika Rosas 1 , Olivier Marin 1 and Xavier Bonnaire 2 1 Laboratoire d’Informatique de Paris 6, Universit´e Pierre et Marie Curie INRIA-CNRS 4 place Jussieu, 75005 Paris, France 2 Departamento de Inform´atica, Universidad T´ecnica Federico Santa Mar´ıa Avenida Espa˜ na 1680, Valpara´ıso, Chile Email: Erika.Rosas@lip6.fr, Olivier.Marin@lip6.fr, Xavier.Bonnaire@inf.utfsm.cl Building trust is a major concern in Peer-to-Peer networks as several kinds of applications rely on the presence of trusted services. Traditional techniques do not scale, produce very high overhead or rely on unrealistic assumptions. In this paper, we propose a new membership algorithm (CORPS) for Distributed Hash Tables which builds a community of reputable nodes and thus enables the implementation of pseudo-trusted services. CORPS uses a reputation-based approach to decide whether a node can be a member of the group or not. We demonstrate the benefits of this approach and evaluate how much it improves the reliability of a trusted routing service. Keywords: Peer-to-Peer, Trust, Reputation Systems, Secure Routing, Membership Algorithm Received ; revised 1. INTRODUCTION The fully distributed nature of Peer-to-Peer (P2P) networks creates a scalable, fault tolerant and self- organized system with the potential to involve millions of nodes. However, the lack of central control, the considerable number of peers and the high dynamism of the network make it very hard to build trust among peers. To deliver a valuable service in P2P applications, it is important to trust that the participants will act as requested. For instance in file sharing applications, a peer must trust that others will not upload a virus. In P2P storage applications, a client must trust that the designated peers will indeed save the information, and even more importantly that other peers will forward messages correctly so that communication can be successful. Building trust is especially complex since a P2P network includes untrusted nodes from an open environment, such as the Internet. Users from all parts of the world interact and share their resources without knowing each other. Untrusted nodes may be faulty, malicious, and act together to attack the network. Consequently, the quality of service of applications may be deteriorated due to message overhead or data loss. There are two categories of P2P networks: structured and unstructured ones. Our work is oriented on the former, and especially on Distributed Hash Tables (DHT), which provide efficient key lookups, high data availability and persistence. Among the existing solutions for building trust in P2P networks, reputation systems [1] and accountabi- lity [2] have shown to be very good and efficient ap- proaches. Accountability detects and exposes faulty nodes by creating non-repudiable records of every node’s actions. PeerReview [2], for example, is able to detect even a single misbehaviour since it is based on deterministic actions. However, the actions of every node have to be periodically checked by other nodes, who must replay the protocol using the input in the log. If the protocol is computationally complex, this results in a heavy cpu load. In addition, accountability does not detect malicious behaviours that are not protocol related or not verifiable deterministic transactions. Reputation systems assess the past history of a peer by gathering feedback from nodes with previous interactions with this peer. This evaluation is an estimation of the peer’s future behaviour in a context related situation [1]. Reputation systems are easily applicable, since there is no need to know which protocol the nodes are following. However, this means that the feedback information does not constitute an irrefutable proof of misbehaviour; it also makes it nearly The Computer Journal, Vol. ??, No. ??, ????