Peer-to-peer name resolution protocol (PNRP) security infrastructure and method

Assignee

• Microsoft Corporation · US

Inventors

• Rohit Gupta · Redmond, US
• Alexandru Gavrilescu · Redmond, US
• John Miller · Redmond, US
• Graham A. Wheeler · Redmond, US

Key dates

Classification

• Technology area (CPC Y)Emerging Cross-Sectional Technologies
• CPC primaryY10S707/99939
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

A security infrastructure and methods are presented that inhibit the ability of a malicious node from disrupting the normal operations of a peer-to-peer network. The methods of the invention allow both secure and insecure identities to be used by nodes by making them self-verifying. When necessary or opportunistic, ID ownership is validated by piggybacking the validation on existing messages. The probability of connecting initially to a malicious node is reduced by randomly selecting to which node to connect. Further, information from malicious nodes is identified and can be disregarded by maintaining information about prior communications that will require a future response. Denial of service attacks are inhibited by allowing the node to disregard requests when its resource utilization exceeds a predetermined limit. The ability for a malicious node to remove a valid node is reduced by requiring that revocation certificates be signed by the node to be removed.