BAS-NDN: BlockChain based mobile producer authentication scheme for Named Data Networking

IF 7.7 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Journal of Network and Computer Applications Pub Date : 2025-02-11 DOI:10.1016/j.jnca.2025.104135

Guangquan Xu , Chenghe Dong , Cong Wang , Feng Feng

{"title":"BAS-NDN: BlockChain based mobile producer authentication scheme for Named Data Networking","authors":"Guangquan Xu , Chenghe Dong , Cong Wang , Feng Feng","doi":"10.1016/j.jnca.2025.104135","DOIUrl":null,"url":null,"abstract":"<div><div>Named Data Network (NDN) is a content-centric, name-based communication architecture, with a push-based communication model naturally supports consumer mobility. However, the management of producer prefix authentication during mobility is challenging due to NDN’s name-based mechanism, which facilitates direct interaction between producers and the forwarding plane. The current solutions fail to balance security and efficiency. To address insecure interactions arising from producer mobility, we introduce a protocol for blockchain-based mobile producer authentication (BAS-NDN). Our protocol relies on a novel elliptic curve-based certificateless signcryption scheme, which is easy to deploy, provides both signature and encryption, and avoids complex certificate management and key escrow problems. This makes it suitable for secure and efficient mobile management in NDN. In addition, the proposed scheme efficiently authenticates the producer’s prefixes by enforcing the producer to publish routing updates that use only valid prefixes. This design renders it resistant to prefix hijacking attacks. Through analyzing under the random oracle model, it is also resistant to both Type I and Type II adversaries present in certificateless signcryption. Finally, experimental analysis indicates that our scheme provides significant performance benefits.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"237 ","pages":"Article 104135"},"PeriodicalIF":7.7000,"publicationDate":"2025-02-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Network and Computer Applications","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S1084804525000323","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}

引用次数: 0

Abstract

Named Data Network (NDN) is a content-centric, name-based communication architecture, with a push-based communication model naturally supports consumer mobility. However, the management of producer prefix authentication during mobility is challenging due to NDN’s name-based mechanism, which facilitates direct interaction between producers and the forwarding plane. The current solutions fail to balance security and efficiency. To address insecure interactions arising from producer mobility, we introduce a protocol for blockchain-based mobile producer authentication (BAS-NDN). Our protocol relies on a novel elliptic curve-based certificateless signcryption scheme, which is easy to deploy, provides both signature and encryption, and avoids complex certificate management and key escrow problems. This makes it suitable for secure and efficient mobile management in NDN. In addition, the proposed scheme efficiently authenticates the producer’s prefixes by enforcing the producer to publish routing updates that use only valid prefixes. This design renders it resistant to prefix hijacking attacks. Through analyzing under the random oracle model, it is also resistant to both Type I and Type II adversaries present in certificateless signcryption. Finally, experimental analysis indicates that our scheme provides significant performance benefits.

查看原文本刊更多论文

命名数据网络（NDN）是一种以内容为中心、基于名称的通信架构，其基于推送的通信模式自然支持消费者的移动性。然而，由于 NDN 基于名称的机制有利于生产者和转发平面之间的直接交互，因此在移动过程中管理生产者前缀认证具有挑战性。目前的解决方案无法在安全性和效率之间取得平衡。为了解决生产者移动性带来的不安全交互问题，我们推出了基于区块链的移动生产者认证协议（BAS-NDN）。我们的协议依赖于一种新颖的基于椭圆曲线的无证书签名加密方案，该方案易于部署，既能提供签名又能提供加密，还能避免复杂的证书管理和密钥托管问题。这使它适用于 NDN 中安全高效的移动管理。此外，建议的方案通过强制生产者发布只使用有效前缀的路由更新，有效地验证了生产者的前缀。这种设计使其能够抵御前缀劫持攻击。通过在随机甲骨文模型下进行分析，它还能抵御无证书签名加密中存在的第一类和第二类对手。最后，实验分析表明，我们的方案具有显著的性能优势。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Journal of Network and Computer Applications 工程技术-计算机：跨学科应用

CiteScore

21.50

自引率

3.40%

发文量

142

审稿时长

37 days

期刊介绍： The Journal of Network and Computer Applications welcomes research contributions, surveys, and notes in all areas relating to computer networks and applications thereof. Sample topics include new design techniques, interesting or novel applications, components or standards; computer networks with tools such as WWW; emerging standards for internet protocols; Wireless networks; Mobile Computing; emerging computing models such as cloud computing, grid computing; applications of networked systems for remote collaboration and telemedicine, etc. The journal is abstracted and indexed in Scopus, Engineering Index, Web of Science, Science Citation Index Expanded and INSPEC.