Decentralized Distribution of PCP Mappings Over Blockchain for End-to-End Secure Direct Communications

• Main Authors: Elie F. Kfoury, Jose Gomez, Jorge Crichigno, Elias Bou-Harb, David Khoury
• Format: Article
• Language: English
• Published: IEEE 2019-01-01
• Series: IEEE Access
• Subjects: Blockchain; mapping distribution; NAT traversal; PCP; secure communications; trust model
• Online Access: https://ieeexplore.ieee.org/document/8792050/

Network Address Translation (NAT) is a method that enables devices with private IP addresses to connect to the Internet by sharing a public IP address. Traversing the NAT device remains a challenge for a wide range of applications such as Voice over IP (VoIP) and Internet of Things (IoT). The Port Control Protocol (PCP) is a relatively new protocol standardized by the Internet Engineering Task Force (IETF) to solve the NAT traversal issues. It allows a NATed device to request and manage a mapping between its private IP address and transport-layer port to a public IP address and port. As PCP requires an application-dependent method for distributing the mappings to remote hosts, several attacks can target the distributing server and render the communication channel vulnerable. In this paper, we propose and implement a decentralized Blockchain-based approach for distributing PCP-mappings, enabling secure end-to-end (e2e) direct communications without any trusted third party server. NATed devices register their PCP mappings and public keys into the Blockchain, and other peers can then learn about these mappings to establish end-to-end secure direct communications. The implementation verifies that the system is feasible in terms of transactions fees, can simplify and secure end-to-end direct communications, and can interwork with conventional security methods.