论文信息 - A Blockchain-based key Management Scheme for Named Data Networking

A Blockchain-based key Management Scheme for Named Data Networking

Named Data Networking is built with security which requires each named Data object to be digitally signed by its producer. Thus, the NDN project has proposed a key management model on NDN testbed for verification of the Data packet to be immune to distributing poisoned content. However, in practice, this model poses two challenges for verifying fake content: (1) the centralized architecture easily leads to a single point of failure, especially when the root key fails, its difficult to verify the keys across sites due to the lack of trust between them, and (2) excessive overhead of certificate chain traversal when verifying signature. This paper first proposes a blockchain-based key management scheme in NDN to address the problem of lack of mutual trust between sites without trust anchors. Specifically, all site nodes form a permissioned blockchain for storing public key hashes to ensure the authenticity, and the proxy gateway participates in verifying to reduce excessively frequent communication between the router and the blockchain. In addition, the NDN public key content object and the scheme of their storage, verification, and revocation are redesigned. The result of our analysis and evaluation shows that the proposed scheme is capable of supporting less verification numbers and higher verification efficiency.

[1] Xiang Zhang,et al. BlockNDN: A bitcoin blockchain decentralized system over named data networking , 2017, 2017 Ninth International Conference on Ubiquitous and Future Networks (ICUFN).

[2] Dragos Velicanu,et al. CertCoin : A NameCoin Based Decentralized Authentication System 6 . 857 Class Project , 2014 .

[3] Raphael M. Reischuk,et al. IKP: Turning a PKI Around with Decentralized Automated Incentives , 2017, 2017 IEEE Symposium on Security and Privacy (SP).

[4] F. Corella. Backing Rich Credentials with a Blockchain PKI ∗ , 2016 .

[5] Lixia Zhang,et al. Securing building management systems using named data networking , 2014, IEEE Network.

[6] W. Bolt. Bitcoin and Cryptocurrency Technologies : A Comprehensive Introduction , 2017 .

[7] Louise Axon,et al. Privacy-awareness in blockchain-based PKI , 2015 .

[8] Gene Tsudik,et al. Network-Layer Trust in Named-Data Networking , 2014, CCRV.

[9] Haijun Zhang,et al. An NDN IoT Content Distribution Model With Network Coding Enhanced Forwarding Strategy for 5G , 2018, IEEE Transactions on Industrial Informatics.

[10] A. Serhrouchni,et al. Named-Data security scheme for Named Data Networking , 2012, 2012 Third International Conference on The Network of the Future (NOF).