Chord-PKI: Embedding a Public Key Infrastructure into the Chord Overlay Network ⋆ Agapios Avramidis, Panayiotis Kotzanikolaou, and Christos Douligeris Department of Informatics, University of Piraeus, Karaoli & Dimitriou 80, 185 34 Piraeus, Greece {agapios,pkotzani,cdoulig}@unipi.gr Abstract. Our goal in this paper is to provide authentication, encryp- tion and non-repudiation services for nodes within Peer-to-Peer net- works, in an efficient and scalable way. To accomplish this, we propose a distributed Public Key Infrastructure model, suitable for Peer-to-Peer networks and more particularly for the Chord protocol. Our solution in- tegrates the PKI infrastructure within the Chord architecture. We use well known cryptographic techniques as building blocks, such as thresh- old cryptography and proactive updating. 1 Introduction Peer to peer (P2P) networks have received considerable attention in the last few years. In particular, one class of P2P networks, namely structured overlays [1,2,3] seems a very attractive choice for building large scale systems. Almost all structured overlay networks utilize a Distributed Hash Table (DHT) abstraction. The DHT uses a consistent hash function (e.g. a cryptographic hash function such as SHA-1) in order to assign identifiers to nodes and keys 1 . Moreover, the DHT allows the lookup operations (get and put ) to be performed with loga- rithmic cost in terms of communication messages. DHTs offer a desirable set of properties for distributed applications such as load balancing, decentralization and scalability. Until recently, the main focus of research for DHTs was targeted to the per- formance of the lookup protocols, the topology of the overlay, load balancing and search issues (such as range queries, multi-attribute and aggregation queries) [4]. Recently, research for DHTs has also focused on security issues, e.g. [5,6,7]. Towards this direction, we propose the Chord-PKI, a distributed Public Key Infrastructure (PKI) embedded into the Chord [1] overlay network. Our system provides certification to the Chord nodes through a synergetic protocol that en- ables the collaboration of the nodes themselves, without the need for an external ⋆ Research funded by the General Secretariat for Research and Technology (GSRT) of Greece under a PENED grant. 1 These keys correspond to indices to objects such as files and are not keys in the cryptographic sense. J. Lopez, P. Samarati, and J.L. Ferrer (Eds.): EuroPKI 2007, LNCS 4582, pp. 354–361, 2007. c  Springer-Verlag Berlin Heidelberg 2007