Name-signature lookup system: a security enhancement to named data networking
Named Data Networking (NDN) is a content-centric networking, where the publisher of the packet signs and encapsulates the data packet with a name-content-signature encryption to verify the authenticity and integrity of itself. This scheme can solve many of the security issues inherently compared to...
| Main Authors: | , |
|---|---|
| Format: | Conference or Workshop Item |
| Language: | English |
| Published: |
2021
|
| Subjects: | |
| Online Access: | https://eprints.nottingham.ac.uk/64773/ |
| _version_ | 1848800163530801152 |
|---|---|
| author | Song, Zhicheng Kar, Pushpendu |
| author_facet | Song, Zhicheng Kar, Pushpendu |
| author_sort | Song, Zhicheng |
| building | Nottingham Research Data Repository |
| collection | Online Access |
| description | Named Data Networking (NDN) is a content-centric networking, where the publisher of the packet signs and encapsulates the data packet with a name-content-signature encryption to verify the authenticity and integrity of itself. This scheme can solve many of the security issues inherently compared to IP networking. NDN also support mobility since it hides the point-to-point connection details. However, an extreme attack takes place when an NDN consumer newly connects to a network. A Man-in-the-middle (MITM) malicious node can block the consumer and keep intercepting the interest packets sent out so as to fake the corresponding data packets signed with its own private key. Without knowledge and trust to the network, the NDN consumer can by no means perceive the attack and thus exposed to severe security and privacy hazard. In this paper, the N ame-Signature Lookup System (NSLS) and corresponding Name-Signature Lookup Protocol (NSLP) is introduced to verify packets with their registered genuine publisher even in an untrusted network with the help of embedded keys inside Network Interface Controller (NIC), by which attacks like MITM is eliminated. A theoretical analysis of comparing NSLS with existing security model is provided. Digest algorithm SHA-256 and signature algorithm RSA are used in the NSLP model without specific preference. |
| first_indexed | 2025-11-14T20:47:12Z |
| format | Conference or Workshop Item |
| id | nottingham-64773 |
| institution | University of Nottingham Malaysia Campus |
| institution_category | Local University |
| language | English |
| last_indexed | 2025-11-14T20:47:12Z |
| publishDate | 2021 |
| recordtype | eprints |
| repository_type | Digital Repository |
| spelling | nottingham-647732021-03-24T02:13:41Z https://eprints.nottingham.ac.uk/64773/ Name-signature lookup system: a security enhancement to named data networking Song, Zhicheng Kar, Pushpendu Named Data Networking (NDN) is a content-centric networking, where the publisher of the packet signs and encapsulates the data packet with a name-content-signature encryption to verify the authenticity and integrity of itself. This scheme can solve many of the security issues inherently compared to IP networking. NDN also support mobility since it hides the point-to-point connection details. However, an extreme attack takes place when an NDN consumer newly connects to a network. A Man-in-the-middle (MITM) malicious node can block the consumer and keep intercepting the interest packets sent out so as to fake the corresponding data packets signed with its own private key. Without knowledge and trust to the network, the NDN consumer can by no means perceive the attack and thus exposed to severe security and privacy hazard. In this paper, the N ame-Signature Lookup System (NSLS) and corresponding Name-Signature Lookup Protocol (NSLP) is introduced to verify packets with their registered genuine publisher even in an untrusted network with the help of embedded keys inside Network Interface Controller (NIC), by which attacks like MITM is eliminated. A theoretical analysis of comparing NSLS with existing security model is provided. Digest algorithm SHA-256 and signature algorithm RSA are used in the NSLP model without specific preference. 2021-02-09 Conference or Workshop Item PeerReviewed application/pdf en cc_by https://eprints.nottingham.ac.uk/64773/1/Name-signature%20lookup%20system%20A%20security%20enhancement%20to%20named%20data%20networking.pdf Song, Zhicheng and Kar, Pushpendu (2021) Name-signature lookup system: a security enhancement to named data networking. In: 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), 29 Dec.-1 Jan. 2021, Guangzhou, China. Named Data Networking; Man-in-the-middle attack; Network Interface Controller |
| spellingShingle | Named Data Networking; Man-in-the-middle attack; Network Interface Controller Song, Zhicheng Kar, Pushpendu Name-signature lookup system: a security enhancement to named data networking |
| title | Name-signature lookup system: a security enhancement to named data networking |
| title_full | Name-signature lookup system: a security enhancement to named data networking |
| title_fullStr | Name-signature lookup system: a security enhancement to named data networking |
| title_full_unstemmed | Name-signature lookup system: a security enhancement to named data networking |
| title_short | Name-signature lookup system: a security enhancement to named data networking |
| title_sort | name-signature lookup system: a security enhancement to named data networking |
| topic | Named Data Networking; Man-in-the-middle attack; Network Interface Controller |
| url | https://eprints.nottingham.ac.uk/64773/ |