With the increased popularity of the Internet and other computer networks, communication-oriented applications such as instant messaging applications are now widely employed to exchange messages and other data (e.g., files) between peer devices. Instant messaging services often expose, among other features, mechanisms to detect presence information about a designated peer (sometimes referred to as a “buddy”) and to exchange messages with that peer when the peer is online. When a user gets online, the instant messaging application on the client device typically connects to an instant messaging server that then authenticates the user using a suitable client-server authentication protocol. Thereafter, the server typically identifies for the user those of the user's buddies who are also online and connected to the server, and may likewise inform the user's buddies that the user is online. The user and his or her buddies can then initiate sessions with one another for exchanging messages and other data. The authenticated communication channel between each client device (i.e., either the user or a buddy) and the server commonly remains active throughout the duration that the client is online, until the client chooses to disconnect or shut down the instant messaging application.
If all data exchanged between peer devices is routed through the server, the server typically becomes a limiting factor (e.g., a bottleneck) in terms of data throughput, especially when large amounts of data are transferred as in the case of file transfers. Additionally, some peer devices may wish to communicate with one another using a language or protocol that the server does not support. Though some existing systems may include functionality that allows peer devices to establish direct peer-to-peer connections between the peer devices, such existing systems do not provide mechanisms to authenticate the peer-to-peer connection.
For these reasons, a system for verifying that peers on opposite ends of a peer-to-peer connection are the same peers that previously established authenticated or otherwise trusted connections with a server common to both peers without requiring additional functionality from the common server is desired to address one or more of these and other disadvantages.