IDEAS home Printed from https://ideas.repec.org/a/gam/jsusta/v12y2020i20p8746-d432533.html
   My bibliography  Save this article

Faster Data Forwarding in Content-Centric Network via Overlaid Packet Authentication Architecture

Author

Listed:
  • Taek-Young Youn

    (Department of Industrial Security, Dankook University, Gyeonggi-do 16889, Korea)

  • Joongheon Kim

    (School of Electrical Engineering, Korea University, Seoul 02841, Korea)

  • David Mohaisen

    (Department of Computer Science, University of Central Florida, Orlando, FL 32816, USA)

  • Seog Chung Seo

    (Department of Financial Information Security, Kookmin University, Seoul 02707, Korea)

Abstract

Content-Centric Networking (CCN) is one of the emerging paradigms for the future Internet, which shifts the communication paradigm from host-centric to data-centric. In CCN, contents are delivered by their unique names, and a public-key-based signature is built into data packets to verify the authenticity and integrity of the contents. To date, research has tried to accelerate the validation of the given data packets, but existing techniques were designed to improve the performance of content verification from the requester’s viewpoint. However, we need to efficiently verify the validity of data packets in each forwarding engine, since the transmission of invalid packets influences not only security but also performance, which can lead to a DDoS (Distributed Denial of Service) attack on CCN. For example, an adversary can inject a number of meaningless packets into CCN to consume the forwarding engines’ cache and network bandwidth. In this paper, a novel authentication architecture is introduced, which can support faster forwarding by accelerating the performance of data validation in forwarding engines. Since all forwarding engines verify data packets, our authentication architecture can eliminate invalid packets before they are injected into other CCN nodes. The architecture utilizes public-key based authentication algorithms to support public verifiability and non-repudiation, but a novel technique is proposed in this paper to reduce the overhead from using PKI for verifying public keys used by forwarding engines and end-users in the architecture. The main merit of this work is in improving the performance of data-forwarding in CCN regardless of the underlying public-key validation mechanism, such as PKI, by reducing the number of accesses to the mechanism. Differently from existing approaches that forgive some useful features of the Naive CCN for higher performance, the proposed technique is the only architecture which can support all useful features given by the Naive CCN.

Suggested Citation

  • Taek-Young Youn & Joongheon Kim & David Mohaisen & Seog Chung Seo, 2020. "Faster Data Forwarding in Content-Centric Network via Overlaid Packet Authentication Architecture," Sustainability, MDPI, vol. 12(20), pages 1-23, October.
    • Handle: RePEc:gam:jsusta:v:12:y:2020:i:20:p:8746-:d:432533
    as

    Download full text from publisher

    File URL: https://www.mdpi.com/2071-1050/12/20/8746/pdf
    Download Restriction: no
    File URL: https://www.mdpi.com/2071-1050/12/20/8746/
    Download Restriction: no
    ---><---

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:gam:jsusta:v:12:y:2020:i:20:p:8746-:d:432533. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    We have no bibliographic references for this item. You can help adding them by using this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: MDPI Indexing Manager (email available below). General contact details of provider: https://www.mdpi.com .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.