Privacy and security in decentralized networks

A growing number of communication networks is what is called decentralized networks in the sense that management and control of information transfer and network resources are handled in a decentralized manner. This dissertation addresses important issues as to how privacy and security in decentralized networks can be ascertained.; Chapter 2 and 3 present the design, implementation, and evaluation of a peer-to-peer system called Friends troubleshooting network (FTN), whereby a personal computer user can diagnose his/her misconfiguration problem by requesting his/her trustworthy peers (i.e. friends) to provide relevant configuration information in order to facilitate the troubleshooting procedure. Chapter 2 presents a cluster-based secure multi-party aggregation protocol to protect the privacy of peer users and their configuration information. Chapter 3 is concerned with protecting data integrity for fear that some machines might be compromised and hence may provide false configuration information. A solution is proposed based on a homomorphic encryption scheme with threshold decryption.; In Chapter 4, we investigate the use of erasure resilient code (ERC) in a peer-to-peer storage cloud. We compare the random linear code and the Reed-Solomon code, and study the proper ERC parameters in term of data reliability, computational efficiency and security concerns.; In Chapter 5, we address the key establishment problem between a reduced function device (RFD) and a powerful security manager. We propose an elliptic curve cryptography (ECC) based key-establishment protocol which utilizes the TESLA asymmetric certificate to allow efficient identity authentication on RFD nodes. We present a computationally rebalanced protocol by off-loading computationally intensive operations from low-end RFDs to powerful security managers.; Chapter 6 proposes a secure data forwarding (SDF) protocol that can securely forward data packets to their intended destination in a wireless ad hoc network. The protocol can detect and locate faulty links on a per packet basis so that an appropriate action can be taken. SDF is the first Byzantine detection protocol that can be deployed with distance vector routing protocols. It is designed to operate efficiently with resource constrained wireless nodes.