[Ndn-interest] Security: Privacy of Interest names

GTS gts at ics.uci.EDU
Fri Sep 19 11:48:50 PDT 2014 

Felix:

it is indeed the case that, with cleartext interests, more information 
is leaked
in an NDN interaction than in its IP counterpart.

However, it is quite trivial to encrypt an arbitrary number of name suffix
components. Assuming that Alice (customer) and her bank (Wells Fargo)
share a key (see ** below), Alice can issue interests with names, such as:

\ndn\com\usa\wells-fargo\california\ENCRYPTED-GLOP

The cleartext prefix is rout-able.

This kind of an interest leaks no more than an IP packet sent
by Alice to california.wells-fargo.com with contents of ENCRYPTED-GLOP.
In fact, in NDN/CCNx, it leaks less information since IP also leaks the 
source.

One intuitive use-case for encrypted name suffixes is to implement 
something like a VPN.
E.g., a wells-fargo VPN border router would receive the above interest 
and decrypt
ENCRYPTED-GLOP to produce a name that might be rout-able within the 
wells-fargo
private network, e.g.:

\ndn\wells-fargo-private\orange-county\laguna-beach\retail\Alice\withdrawal\etc. 


This way, both  the bank's internal structure and Alice's request 
details are concealed
from eavesdroppers.

**How Alice and her bank come to share a key is a separate issue.
Alice might begin by issuing an interest for the content corresponding 
to the bank's public key.
Sort of like an SSL Client Hello. The reply would be similar to SSL 
Server Hello. The rest is
left as a homework exercise :-)

Cheers,
Gene

======================
Gene Tsudik
Chancellor's Professor of Computer Science
University of California, Irvine






On 9/19/14, 11:01 AM, Felix Rabe wrote:
> Hi list
>
> Someone at NDNcomm, maybe it was Steven Dale, raised this issue that I 
> wonder about as well:
>
> Using SSL, an eavesdropper can see that I connect to the bank and the 
> amount of information that I exchange, but he cannot see *what* 
> information I access.
>
> Whereas with NDN, to provide at least as much privacy, the Interest 
> names would need to be encrypted as well. Is this assumption correct? 
> If yes, what mechanism does NDN provide for privacy of names in 
> Interests? If no, enlighten me please :)
>
> - Felix
> _______________________________________________
> Ndn-interest mailing list
> Ndn-interest at lists.cs.ucla.edu
> http://www.lists.cs.ucla.edu/mailman/listinfo/ndn-interest
>

More information about the Ndn-interest mailing list