Privacy Preserving Data-Sharing Scheme in Content-Centric Networks Against Collusion Name Guessing Attacks

Content-centric networks are designed as potential candidates for future 5G networks and the Internet. In these kinds of networks, contents are queried, searched, and routed on names that people are interested in. Collecting names that a person queries in a content-centric network can violate his/her privacy. As more and more people are concerned about their privacy in daily life, it is desirable to present privacy-preserving protocols for content-centric networks. Currently, many schemes are designed to protect people’s privacy but few of them consider the malicious behaviors of the transmitting routers, especially when the routers collude with a certain user. We discuss a kind of attack called collusion name guessing attack where intermediate routers collude with a certain user to perform a name guessing attack in order to expose people’s privacy. It is shown that present schemes cannot resist such kind of attack, which will be a new challenge for content-centric networks. A new scheme with anonymous user identity and limited key validation time is designed to fight against the collusion name guessing attack. In the scheme, the users are anonymous and the shared keys are valid within a specified time period so the adversary does not know whose packets should be collected and it is infeasible to precompute the name matching datasets during the valid time period of the key. Moreover, slow matching for all users and all time periods needs enormous storage and will last a long time, which will make the attack cost-ineffective.

[1]  Jörg Kliewer,et al.  Catch Me If You Can: A Practical Framework to Evade Censorship in Information-Centric Networks , 2015, ICN.

[2]  Hassan Artail,et al.  A Pseudonym Management System to Achieve Anonymity in Vehicular Ad Hoc Networks , 2016, IEEE Transactions on Dependable and Secure Computing.

[3]  Taher ElGamal,et al.  A public key cyryptosystem and signature scheme based on discrete logarithms , 1985 .

[4]  Gene Tsudik,et al.  AC3N: Anonymous communication in Content-Centric Networking , 2016, 2016 13th IEEE Annual Consumer Communications & Networking Conference (CCNC).

[5]  Mohammad Reza Aref,et al.  A secure authentication scheme for VANETs with batch verification , 2015, Wirel. Networks.

[6]  Bruno Crispo,et al.  PROTECTOR: Privacy-preserving information lookup in content-centric networks , 2016, 2016 IEEE International Conference on Communications (ICC).

[7]  Xingmin Cui,et al.  Defend against Internet censorship in named data networking , 2016, 2016 18th International Conference on Advanced Communication Technology (ICACT).

[8]  T. Elgamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, CRYPTO 1984.

[9]  Nikos Fotiou,et al.  A Survey of Information-Centric Networking Research , 2014, IEEE Communications Surveys & Tutorials.

[10]  Van Jacobson,et al.  Networking named content , 2009, CoNEXT '09.

[11]  Giannis F. Marias,et al.  Enhancing information lookup privacy through homomorphic encryption , 2014, Secur. Commun. Networks.

[12]  Gene Tsudik,et al.  ANDaNA: Anonymous Named Data Networking Application , 2011, NDSS.

[13]  Emiliano De Cristofaro,et al.  Privacy in content-oriented networking: threats and countermeasures , 2012, CCRV.

[14]  Xuemin Shen,et al.  BAT: A robust signature scheme for vehicular networks using Binary Authentication Tree , 2009, IEEE Transactions on Wireless Communications.

[15]  Fang Hao,et al.  Unreeling netflix: Understanding and improving multi-CDN movie delivery , 2012, 2012 Proceedings IEEE INFOCOM.

[16]  Scott Shenker,et al.  On preserving privacy in content-oriented networks , 2011, ICN '11.

[17]  Gene Tsudik,et al.  (The Futility of) Data Privacy in Content-Centric Networking , 2016, WPES@CCS.