Public Key Infrastructure for Named Data Networks

Abstract

Named Data Networking (NDN) is a proposed Internet architecture which changes the basic model of network communication. Instead of host-centric (IP based) addressing of the present day Internet architecture, NDN is primarily a data-centric design. The main design principle of NDN is securing the data rather than securing the communication channel. In this paper we show some limitations of NDN's Trust based security framework and propose anew public key management scheme. Our design is motivated by the concept of Google's Certificate Transparency. By using a Merkle Patricia Trie to store certificates, we are not only able to perform efficient verification of certificates, but also ensure that certificates are not tampered with. We believe this will prevent dangerous frauds on certificate authorities that have taken place in the recent past.