A Blockchain-based key Management Scheme for Named Data Networking

Abstract

Named Data Networking is built with security which requires each named Data object to be digitally signed by its producer. Thus, the NDN project has proposed a key management model on NDN testbed for verification of the Data packet to be immune to distributing poisoned content. However, in practice, this model poses two challenges for verifying fake content: (1) the centralized architecture easily leads to a single point of failure, especially when the root key fails, its difficult to verify the keys across sites due to the lack of trust between them, and (2) excessive overhead of certificate chain traversal when verifying signature. This paper first proposes a blockchain-based key management scheme in NDN to address the problem of lack of mutual trust between sites without trust anchors. Specifically, all site nodes form a permissioned blockchain for storing public key hashes to ensure the authenticity, and the proxy gateway participates in verifying to reduce excessively frequent communication between the router and the blockchain. In addition, the NDN public key content object and the scheme of their storage, verification, and revocation are redesigned. The result of our analysis and evaluation shows that the proposed scheme is capable of supporting less verification numbers and higher verification efficiency.