In Content We Trust: Network-Layer Trust in Content-Centric Networking

摘要

Content-Centric Networking (CCN), an instance of information-centric networking, is a candidate next-generation Internet architecture that emphasizes on content distribution by making it directly addressable and routable. By opportunistically caching content within the network, CCN appears to be well-suited for a large-scale content distribution and for meeting the needs of increasingly mobile and bandwidth-hungry applications that dominate today's Internet. To provide content authentication, CCN dictates that each content object must be digitally signed by its respective producer. All entities (consumers and routers) must, in principle, verify the content signature before processing it. However, in practice, this poses two challenges for routers: (1) overhead due to signature verification, key retrieval, and potential certificate chain traversal; and (2) lack of trust context, i.e., determining which public keys are trusted to verify the content signature. This renders signature verification impractical in routers, opening the door for the so-called content poisoning attacks. We study the root causes of the content poisoning attacks and reach the conclusion that meaningful mitigation of content poisoning is contingent upon a network-layer trust management architecture. We propose two approaches: deterministic and probabilistic, that allow routers to detect fake (aka "poisoned") content objects. The usages of each approach depend on the location and role of routers in the network, as well as their computational capabilities.