Moderator-Controlled Information Sharing by Identity-Based Aggregate Signatures for Information Centric Networking

Information sharing services have been provided via common servers, which not only relay messages but also sometimes moderate them. A peer can become a moderator and control the distribution of messages belonging to his private message group. However, the physical transfer of a message is usually out of the peer's control. Originator-signed signatures inherent in Information Centric Networking assure the integrity and provenance of messages exchanged among peers, which makes it possible to realize moderator-controlled information sharing in which a peer can become a moderator and control the distribution of his private message group as a trustable server. However, moderated content requires multiple signatures, which increases the size of the exchanged message and is inadequate, especially for short message services. We propose the use of Identity-Based Aggregate Signatures (IBAS) to decrease this overhead, and provide a proof-of-concept IBAS implementation for Named Data Networking (NDN). We also compare the performance of the proposed IBAS implementation with existing RSA signatures. An overhead reduction of approximately 45% to 60% compared to RSA signatures is achieved for an NDN packet in the proposed configuration. Because of the properties of the identity-based signature, this IBAS implementation is robust and works even during a disaster or when a trustable centralized server is not online.

[1]  Mark R. Horton Standard for interchange of USENET messages , 1983, RFC.

[2]  Elaine B. Barker,et al.  Recommendation for key management: , 2019 .

[3]  Tomohiko Yagyu,et al.  Demo overview: reliable contents retrieval in fragmented icns for disaster scenario , 2014, ICN '14.

[4]  Craig Gentry,et al.  Identity-Based Aggregate Signatures , 2006, Public Key Cryptography.

[5]  Patrick Crowley,et al.  Named data networking , 2014, CCRV.

[6]  Yoshihiro Kawahara,et al.  Disaster-tolerant authentication system for NDN using Hierarchical ID-Based Encryption , 2013, 2013 21st IEEE International Conference on Network Protocols (ICNP).

[7]  Douglas Stebila,et al.  Elliptic Curve Algorithm Integration in the Secure Shell Transport Layer , 2009, RFC.

[8]  Adi Shamir,et al.  Identity-Based Cryptosystems and Signature Schemes , 1984, CRYPTO.

[9]  Yonggang Wen,et al.  Towards name-based trust and security for content-centric network , 2011, 2011 19th IEEE International Conference on Network Protocols.

[10]  Jiachen Chen,et al.  COPSS: An Efficient Content Oriented Publish/Subscribe System , 2011, 2011 ACM/IEEE Seventh Symposium on Architectures for Networking and Communications Systems.

[11]  Jung Hee Cheon,et al.  An Identity-Based Signature from Gap Diffie-Hellman Groups , 2003, Public Key Cryptography.

[12]  Benjamin Schiller,et al.  Demo overview: fully decentralised authentication scheme for ICN in disaster scenarios , 2014, ICN '14.

[13]  Jerome A. Solinas,et al.  IKE and IKEv2 Authentication Using the Elliptic Curve Digital Signature Algorithm (ECDSA) , 2007, RFC.

[14]  Masaya Yasuda,et al.  On the Strength Comparison of the ECDLP and the IFP , 2012, SCN.

[15]  Hovav Shacham,et al.  Short Signatures from the Weil Pairing , 2001, J. Cryptol..

[16]  Hovav Shacham,et al.  Aggregate and Verifiably Encrypted Signatures from Bilinear Maps , 2003, EUROCRYPT.