[Ndn-interest] Securing Data packet.

[Andriana Ioannou]

Dear all,

In my current research I have altered the Data packets to include some
information that will allow the routers on delivery paths to make better
caching decisions. This information may be updated during delivery from the
routers downstream.

I have been looking on the security implications for this, and so far I
understand that the community is mostly focused on the content contained in
a Data packet, and the related fields, e.g. name and key locator, rather
than securing the whole Data packet. My guess is that this would be an
important overhead/cost since each router involved in the process will have
to decrypt each incoming Data packet to ensure its valid.

The only option I could think of would be to "enforce" the publisher to
sign those fields of the Data packet, too. Yet, this would mean that the
signature would not refer only to the content requested by the consumer,
which I guess is fundamentally wrong since you end up delivering "garbage"
to your consumers...

I would appreciate if you could argue on this, since my security background
is a bit limited. I would be happy to be pointed out on some related
literature too - if available.

Kind regards,
Andriana.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.lists.cs.ucla.edu/pipermail/ndn-interest/attachments/20190703/7b44c0e9/attachment.html>