It would make more sense to implement existing file-sharing protocols such as BitTorrent in my opinion, since you can verify them easier. Related threads:
An easy solution to the problem with malicious attackers is to ONLY fetch the file from the person asserting the mapping is correct. That way, they can’t do more damage than they could by just sending random garbage over UDP. You could also slowly build up trust even if you don’t have any keys signed in the following manner:
Node B asserts that piece 1-2000 in torrent X corresponds to piece 1-1000 of file.
Node A picks a random piece and starts downloading it from node B. If it matches, node A can repeat this process until it’s satisfied a large portion of the mappings are correct, at which point it can start downloading from the entire network. Node B can’t give a partially valid mapping, since it doesn’t know which pieces node A will pick. If node A downloads 10% of a 1000-chunk file from node B, and node B gives bad mappings for 1% of it, the probability of detection will be 63%, so it doesn’t need to get a large portion either. This could be compared with BitTorrent’s free pieces, which are used to “bootstrap” the tit-for-tat system…