Lets say that I have only DHT (distributed hash table) implemented (in Python), and I want to build authentication service over P2P network, but without introducing centralized authentication server with such a service. Can it be done, and if so how can I achieve this?
I'm familiar with how Skype and Wuala have done this, but I am looking for decentralized solution without single point of failure.
Well the great thing about a single point of failure with authentication is that it is easier to ensure that the results from the authentication machine[s] are safe and valid. You would have to be able to set values on the DHT, which are not overwritten by other values, you would have to validate their results, validate that they match with your application, and would have to encrypt the values from being read by other people. [Many large DHT servers are available to a lot of people]
The real problem is trusting the information you receive. For that matter, you have to at least authenticate the person you are receiving the information from. The question is good, but for really good solutions you would have to consider ranking-based algorithms.
These work a little like Pretty Good Privacy (PGP), where a trusted relationship propagates and is used to authenticate a chain of recommendations. There is a good deal of academic research on the subject:
Towards a Model for Trust Relationships in Virtual Enterprises
Prague, Czech Republic
September 01-September 05
ISBN: 0-7695-1993-8.
Nicola Mezzetti, "Towards a Model for Trust Relationships in Virtual Enterprises," Database and Expert Systems Applications, International Workshop on, pp. 420, 14th International Workshop on Database and Expert Systems Applications (DEXA'03), 2003.
Modelling trust relationships in Collaborative Networked Organisations
International Journal of Technology Transfer and Commercialisation
Volume 6, Number 1 / 2007, pages 40 - 55