Cryptographic Access Control in P2P Networks


This Master's Thesis investigates the possibilities of providing read and write permissions as well as confidentiality, integrity and authentication in peer-to-peer filesharing networks. A security model based on cryptographic access control is developed and analyzed. A design based on the analysis and an investigation of existing peer-to-peer filesystems is created. Finally a prototype implementing the proposed design is developed and successfully tested.

The security model is based on the concept of key sets and key rings. All files, key rings and users are represented by individual key sets. A key set contains at most three keys: A public, a symmetric and a private key. The public and the private key is an asymmetric key pair. The keys correspond to three levels of permissions: Integrity, read permissions and write permissions.

The security model is quite flexible, since it is applicable in RBAC environments as well as in ordinary DAC environments. In addition it is possible to use the security model as part of a PKI. The thread analysis shows that the model provides good protection of confidentiality and integrity. However, possible attacks exist based on traffic analysis and denial of service (DoS).

The data is stored and sent in a high secured environment and regular keyloggers like these programs cannot record it.

A report (in danish) is available here.


As a part of our Master's Thesis we have developed a peer-to-peer client for a filesharing network where the files can be assigned permissions like read and write. A prototype version of the client, which we call Latinum, can be downloaded from the link below.