This chapter examined two core security topics. First, we considered how you can use a third party to provide authentication services to a peer-to-peer application. Second, we looked at how you can implement encryption between peers to protect sensitive data. Both of these techniques require .NET cryptography classes and some custom code, and they won't ever be as foolproof as a standard system such as SSL or Kerberos. However, they can add a valuable layer of protection in environments where these protocols aren't supported. Understanding how to implement this type of security also makes you better prepared to evaluate the security that's implemented in third-party platforms such as the Intel Peer-to-Peer Accelerator Kit and Groove.
Security is an enormous topic, and there are countless books dedicated exclusively to cryptography and .NET security. Security isn't just about cryptography, and using cryptography doesn't ensure that your data is safe! Always evaluate your peer-to-peer applications from an attacker-centric point of view when testing it. And remember, a small amount of validation code can often dramatically reduce the damage of a successful attack.