k-rAC - a Fine-Grained k-Resilient Access Control Scheme for Distributed Hash Tables

TL;DR

This paper introduces k-rAC, a fine-grained, privacy-aware access control scheme for Distributed Hash Tables that ensures security through k-resilience and supports multiple authentication mechanisms.

Contribution

It proposes a novel access control scheme for DHTs with multiple authentication methods and demonstrates its security and efficiency in privacy-aware distributed applications.

Findings

k-rAC provides fine-grained access control in DHTs.

The scheme maintains security with k-resilience against malicious peers.

Overhead introduced by k-rAC is acceptable for various scenarios.

Abstract

Distributed Hash Tables (DHT) are a common architecture for decentralized applications and, therefore, would be suited for privacy-aware applications. However, currently existing DHTs allow every peer to access any index. To build privacy-aware applications, we need to control this access. In this paper, we present k-rAC, a privacy-aware fine-grained AC for DHTs. For authentication, we present three different mechanisms based on public-key cryptography, zero-knowledge-proofs, and cryptographic hashes. For authorization, we use distributed AC lists. The security of our approach is based on k-resilience. We show that our approach introduces an acceptable overhead and discuss its suitability for different scenarios.