Slide 1
P2P Private P2P 2010 All rights reserved. No part of this
publication and file may be reproduced, stored in a retrieval
system, or transmitted in any form or by any means, electronic,
mechanical, photocopying, recording or otherwise, without prior
written permission.
Slide 2
(Private Network) P2P P2P (Private P2P Network) P2P (Anonymous
P2P Communication) 2
Slide 3
(Private Network) P2P P2P (Private P2P Network) P2P (Anonymous
P2P Communication) 3
Slide 4
(Private Network) Digital Data Network Leased Line (DDN)
Virtual Private Network (VPN) 4
Slide 5
- DDN DDN (Digital Data Network Leased Line) 5
Slide 6
DDN 6
Slide 7
DDN 7 64K128K~512K768K~2048K ( ) 45M155M622M2.5G
3,6004,60012,700 042,40071,280213,800555,880
>0~3~10~20~30149,500306,800920,5002,393,300 3,6004,60014,000
046,00079,200237,600617,760
>0~3~10~20~30165,000340,1001,022,8002,659,280 ( ) 450 1,462
8,70019,14057,420- ( )
http://www.cht.com.tw/BusinessCat.php?Module=Fee,Describe&CatID=360&PageID=792
Slide 8
VPN (1) (Virtual Private Network, VPN): ( ) 8
Slide 9
VPN (2) Integrity Authentication Nonrepudiation Confidentiality
9
Slide 10
VPN (3) Hash 10 Private peer-to-peer (P2P)
~!@#$%^&*()_+~!@#$
Slide 11
IPSec VPN IPSec 3 ISAKMP(Internet Security Association and Key
Management Protocol) IKE(Internet Key Exchange ): (secret key)
AH(Authentication Header): (integrity check) ESP(Encapsulating
Security Payload): (data encryption) (integrity check)
Slide 12
ISAKMP SA Establishment 12 From:
http://docs.hp.com/en/J4256-90003/ch01s04.html ISAKMP Phase One
(Main Mode, MM) Negotiate and establish an ISAKMP SA, a secure
communication channel for further communication by generating a
Diffe-Hellman shared value as the base for a symmetric (shared)
key. Verify the remote system's identity (primary authentication)
ISAKMP Phase Two (Quick Mode, QM) Negotiate two SAs for IPSec
transforms (AH or ESP): one for inbound and one for outbound
traffic.
Slide 13
Diffie-Hellman Key Generation 13 From:
http://docs.hp.com/en/J4256-90003/ch01s04.html
Slide 14
Primary Authentication Preshared keys: A preshared key is
manually configured on both systems and is used for authentication
only. Digital Signatures: Digital signatures are based on security
certificates, and are managed using a Public Key Infrastructure
(PKI) consisting of CAs (Certificate Authorities). 14 From:
http://docs.hp.com/en/J4256-90003/ch01s04.html
Slide 15
AH Symmetric Key Authentication 15
http://docs.hp.com/en/J4256-90003/ch01s02.html?btnPrev=%AB%A0prev
Slide 16
ESP Symmetric Key Cryptosystem 16
http://docs.hp.com/en/J4256-90003/ch01s03.html?btnPrev=%AB%A0prev
Slide 17
ESP Illustration 17 From:
http://msdn.microsoft.com/zh-tw/magazine/ee412260.aspx
Slide 18
(Private Network) P2P P2P (Private P2P Network) P2P (Anonymous
P2P Communication) 18
Slide 19
P2P P2P P2P P2P 19
Slide 20
P2P File Sharing P2P 20
Slide 21
P2P 21
Slide 22
P2P 22
Slide 23
P2P P2P P2P 23
Slide 24
P2P 24
Slide 25
P2P P2P 25
Slide 26
P2P Winny Winny 1652 2005 26
Slide 27
P3P 2009 P2P P3P ICO 27
Slide 28
P3P 2010 5 10 25 28
Slide 29
(Private Network) P2P P2P (Private P2P Network) P2P (Anonymous
P2P Communication) 29
Slide 30
P2P (1) Private P2P Networks (network overlay) (physical link)
(logical link) 30
Slide 31
P2P (2) P2P Free Rider 31
Slide 32
P2P (3) 32 Network P2PClient/Server PublicPrivate Group
basedF2F
Slide 33
P2P -- P2P VPN 33
Slide 34
P2P VPN P2P VPN (Centralized) (Decentralized) (Structured)
(Unstructured) 34
Slide 35
(Centralized) VPN P2P VPN P2P Hamachi GBridge Wippien 35 Peer
to peer Relayed
Slide 36
(Decentralized) P2P VPN P2P overlay P2P (Structured)
(Unstructured) 36
Slide 37
(Structured) IPOP (IP over P2P) 37 Mike John
Slide 38
(Unstructured) N2N P2PVPN 38
Slide 39
(Private Network) P2P P2P (Private P2P Network) P2P (Anonymous
P2P Communication) 39
Slide 40
P2P Anonymous P2P ? P2P P2P P2P IP 40 P2P P2P IP = 140.118.X.X
IP = 114.46.X.X
Slide 41
P2P P2P (Anonymous Browsing) (File-Sharing) (E-mail) (Remote
login) (Instant Messaging) 41
Slide 42
P2P P2P P2P (File Sharing) Freenet GNUnet ANts P2P iMule Vuze
Perfect Dark Share 42 1. P2P 2. 3.
Slide 43
P2P (Cont.) JAP Tor I2P 43 1. 2. 3. P2P P2P
Slide 44
Freenet 44 P2P http://freenetproject.org/
Slide 45
iMule 45 P2P
http://contentdb.emule-project.net/view.php?pid=1719
Slide 46
Vuze 46 P2P http://en.wikipedia.org/wiki/Vuze
Slide 47
JAP P2P 47
http://anon.inf.tu-dresden.de/screenshot_en.html
Slide 48
Tor P2P 48 http://www.torproject.org/index.html
Slide 49
Unimessage-based Split message-based Replicated message-based
49 P2P
Slide 50
Unimessage-based A.Fundamental: (onion routing) ( Tor)
B.Probability-Based: ( Crowds) C.Mimic Traffic-Enhanced: ( Tarzan)
50 P2P Destination A. B. C.
Slide 51
51 P2P From: R. Y. Xiao, Survey on anonymity in unstructured
peer- to-peer systems, Journal of Computer Science and Technology,
2008.
Slide 52
Split message-based (secret sharing) ( Free Haven) 52 P2P
Message (request or file)
Slide 53
(publish anonymity) 53 P2P
Slide 54
Replicated message-based P 5 (Peer-to-Peer Personal Privacy
Protocol) (Broadcast) (Multicast) 54 P2P
Slide 55
(Sending anonymity) 55 P2P
Slide 56
56 Questions?? Thanks for Your Listening!
LOAD MORE