In practice, unless each mobile contributes bandwidth and storage space to the P2P network, a P2P network will involve computers other than the mobile applications of your use case. And thus susceptible to a security topology beyond your control.
If the network is pure P2P (no central servers other than peer discovery bootstrap) and it is restricted to the mobile application only, then these peers can block external access by encrypting connection and communication with an asymmetric key pair only stored within the mobile application. This is in additional to any other layers of encryption the communication may choose to have or not have.
Of course the application can be reverse engineered to steal the key; so it depends on how motivated people who acquire a copy of your application are to do this. Alternately the network can be little less "pure" P2P and periodically update the global application key pair from a server under your control.
So, security assessment:
- If the P2P network is yours, you can protect it from most security problems. Perhaps even making it a DarkNet to reduce visibility to DoS attack.
- Or if your application uses a P2P network that isn't yours in order to avoid the mobiles having to contribute bandwidth/storage/cpu relative to network size - then security of the P2P network will mostly depend on the specific design trade-offs of that network. You would need to provide the exact existing P2P network for review in that case.
