Lets say that I have only DHT (distributed hash table) implemented (in Python), and I want to build authentication service over P2P network, but without introducing centralized authentication server with such a service. Can it be done, and if so how can I achieve this?
I'm familiar with how Skype and Wuala have done this, but I am looking for decentralized solution without single point of failure.
The real problem is trusting the information you receive. For that matter, you have to at least authenticate the person you are receiving the information from. The question is good, but for really good solutions you would have to consider ranking-based algorithms.
These work a little like Pretty Good Privacy (PGP), where a trusted relationship propagates and is used to authenticate a chain of recommendations. There is a good deal of academic research on the subject:
Towards a Model for Trust Relationships in Virtual Enterprises
Prague, Czech Republic
September 01-September 05
ISBN: 0-7695-1993-8.
Nicola Mezzetti, "Towards a Model for Trust Relationships in Virtual Enterprises," Database and Expert Systems Applications, International Workshop on, pp. 420, 14th International Workshop on Database and Expert Systems Applications (DEXA'03), 2003.
Modelling trust relationships in Collaborative Networked Organisations
International Journal of Technology Transfer and Commercialisation
Volume 6, Number 1 / 2007, pages 40 - 55