石佳 ,曾学文 ,李杨

• 1:中国科学院声学研究所国家网络新媒体工程技术研究中心
• 2:中国科学院大学

摘要(Abstract)：

在信息中心网络(ICN)架构中，同IP网络一样，为了实现不可信环境下可靠的信息交换和身份认证，需要依靠公钥技术提供数字签名和数据加密支撑。而随着ICN网络的进一步部署和应用，关于公钥认证的需求也更加多样化。本文分析了现有几种典型ICN架构中的公钥认证方式，分析其原理并指出其局限性和安全性问题，说明设计分布式认证方案的必要性。同时对现有的分布式认证方式进行介绍，给出分布式认证系统研究的进展和方向，并说明ICN网络中部署分布式认证系统需要研究和解决的问题，为后续的ICN分布式公钥认证技术研究提供参考。

关键词(KeyWords)： 信息中心网络;公钥认证;区块链;去中心化

Abstract:

Keywords:

基金项目(Foundation): 中国科学院战略性科技先导专项课题：SEANET技术标准化研究与系统研制(编号：XDC02070100)

作者(Author): 石佳 ,曾学文 ,李杨

DOI: 10.20064/j.cnki.2095-347X.2023.02.001

参考文献(References)：

• [1] Pan J L,Paul S,Jain R.A Survey of the Research on Future Internet Architectures[J].IEEE Communications Magazine,2011,49(7):26-36.
• [2] Xylomenos G,Ververidis C N,Siris V A,et al.A survey of information-centric networking research[J].IEEE communications surveys & tutorials,2013,16(2):1024-1049.
• [3] Zhang L,Afanasyev A,Burke J,et al.Named data networking[J].ACM SIGCOMM Computer Communication Review,2014,44(3):66-73.
• [4] Koponen T,Chawla M,Chun B G,et al.A data-oriented (and beyond) network architecture[C]//Proceedings of the 2007 conference on Applications,technologies,architectures,and protocols for computer communications.2007:181-192.
• [5] Ohlman B,Karl H,Ahlgren B.First Netlnf architecture description [EB/OL].[2009].http://www.4ward-project.eu/.
• [6] Naylor D,Matthew K,Agyapong P,et al.XIA:Architecting a More Trustworthy and Evolvable Internet[J].ACM SIGCOMM Computer Commun.Review,2014,44(3):50-57.
• [7] 王劲林，程钢，尤佳莉，等.SEANet:一种现场、弹性、自治网络架构及技术[J].网络新媒体技术，2020,9(6):1-8.
• [8] Fayazbakhsh SK,Lin Y,Tootoonchian A.Less Pain,Most of the Gain:Incrementally Deployable ICN[J].ACM SIGCOMM Computer Commun.Review,2013,43(4):147-158.
• [9] Muktadir C,Ashlesh G,and Lan W.Anonymous Authentication and Pseudonym-Renewal for VANET in NDN[C]//In Proceedings of ICN’17,Berlin,Germany,2017:26-28.
• [10] Mick.T,Tourani.R,Misra.S,LASeR:Lightweight Authentication and Secured Routing for NDN IoT in Smart Cities[J].IEEE Internet of Things Journal,2018,5(2):755-764.
• [11] Krol M,Marxer C,Grewe D.Open Security Issues for Edge Named Function Environments[J].IEEE Communications Magazine,2018,56(11):69-75.
• [12] Yang R,Yu F R,Si P.Integrated blockchain and edge computing systems:A survey,some research issues and challenges[J].IEEE Commun.Surveys Tuts.,2019,21(2):1508-1532.
• [13] Liao S,Wu J,Li J.Information-Centric Massive IoT based Ubiquitous Connected VR/AR in 6G:A Proposed Caching Consensus Approach[J].IEEE Internet Things,2021,8(7):5172-5184.
• [14] Burke J,Horn A,Marianantoni A.Authenticated lighting control using named data network[R].NDN Technical Report NDN-0011,2012.
• [15] Ahlgren B,Ambrosio M D,Marchisio M,et al.Design considerations for a network of information[C]//Proceedings of the ACM CoNEXT Conference,2008:1-66.
• [16] Abidi A,Gammar B,Kamoun W.Memory Management Optimization for Content Routers in DONA[C]//2015 IEEE 14th International Symposium on Network Computing and Applications,Cambridge,MA,USA,2015:85-89
• [17] García G,Beben A,Ramón F,et al.COMET:Content mediator architecture for content-aware networks[C]//2011 Future Network & Mobile Summit,2011:1-8.
• [18] 薛皓月.基于ICN的物联网安全架构及其机制的设计与实现[D].北京：北京邮电大学，2018.
• [19] Hamdane B,Serhrouchni A,Fadlallah A.Named-data security scheme for named data networking[C]//2012 Third International Conference on The Network of the Future (NOF),Tunis,TUNISIA,2012:1-6.
• [20] Arianfar S,Koponen T,Raghavan B.On Preserving Privacy in Content Oriented Networks[C]//ACM SIGCOMM Workshop on Information-Centric Networking (ICN-2011),Toronto,2011:19-24.
• [21] Yu K,Arifuzzaman M,Wen Z.A key management scheme for secure communications of information centric advanced metering infrastructure in smart grid[J].IEEE Trans.Instrum.Meas.,2015,64(8):2072-2085.
• [22] Sanjeev KR and Alexander A.CertCoalesce:Efficient Certificate Pool for NDN-Based Systems[C]//In 7th ACM Conference on Information-Centric Networking (ICN’20).ACM,2020:158-160.
• [23] Yong Y S,Sae H P,Quang T T.Canary:a Scalable Content Integrity Verifying Protocol for ICN[C]//In 6th ACM Conference on Information-Centric Networking (ICN’19).ACM,2019:167-168.
• [24] Charalampos K,Ankush S,and Elisa B.Real-time Digital Signatures for Named Data Networking[C]//In 7th ACM Conference on Information-Centric Networking (ICN’20).ACM,2020:149-151.
• [25] Lou J,Zhang Q,Qi Z.A Blockchain-based key Management Scheme for Named Data Networking[C]//2018 1st IEEE International Conference on Hot Information-Centric Networking (HotICN),2018:141-146.
• [26] Kathleen Nichols.Lessons Learned Building a Secure Network Measurement Framework using Basic NDN[C]//In 6th ACM Conference on InformationCentric Networking (ICN’19),ACM,2019:112-122.
• [27] Pouyan F.T,Luca K,Eric O.NDNSSEC:NamespaceManagement in NDN with DNSSEC[C]//In 6th ACM Conference on InformationCentric Networking (ICN’19),ACM,2019:171-172.
• [28] Yu Y,Afanasyev A,Zhu Z.An Endorsement-based Key Management System for Decentralized NDN Chat Application:Technical Report NDN-0023[R/OL].(2014-07-22).,https://named-data.net/publications/techreports/ndn-tr-23-chronochat-security/.
• [29] Zhiyi Z,Siqi L,Randy K,and Lixia Z.NDN-MPS:Supporting Multiparty Authentication over Named Data Networking[C]// In 8th ACM Conference on Information-Centric Networking (ICN’21),ACM,2021:83-94.
• [30] Nichols,K.M.Trust schemas and ICN:key to secure home IoT[C]//Proceedings of the 8th ACM Conference on Information-Centric Networking (2021),2021:95-106.
• [31] Baugher M,Davie B,Narayanan A.Self-verifying names for read-only named data[C]//2012 Proceedings IEEE INFOCOM Workshops,Orlando,FL,USA,2012:274-279.
• [32] Li R D,Asaeda H,Li J.A distributed authentication and authorization scheme for in-network big data sharing[J].Digital Communications and Networks,2017,3(4):226-235.
• [33] Lu Y,Yue M,Wu Z.Content Security over ICN based Smart Grid:A Cryptographic Solution[C]//2021 IEEE Intl Conf on Parallel & Distributed Processing with Applications,Big Data & Cloud Computing,Sustainable Computing & Communications,Social Computing & Networking (ISPA/BDCloud/SocialCom/SustainCom),2021:785-791.
• [34] Li Y,Yu Y,Lou C.N.Guizani and L.Wang,Decentralized Public Key Infrastructures atop Blockchain[J].IEEE Network,2020:34(6):133-139.
• [35] Matsumoto.S,Reischuk R.M.IKP:Turning a PKI Around with Decentralized Automated Incentives[C]//IEEE Symposium on Security and Privacy (SP),2017:410-426.
• [36] D.Maram et al.CanDID:Can-Do Decentralized Identity with Legacy Compatibility,Sybil-Resistance,and Accountability[C]//2021 IEEE Symposium on Security and Privacy (SP),2021:1348-1366.
• [37] Tangade S,Manvi S S,Lorenz P.Decentralized and Scalable Privacy-Preserving Authentication Scheme in VANETs[J].IEEE Transactions on Vehicular Technology,2018,67(9):8647-8655.
• [38] Szalachowski P.Password-Authenticated Decentralized Identities[J].IEEE Transactions on Information Forensics and Security,2021,16:4801-4810.
• [39] Rao C,Lin Z.VAPKI:A Blockchain-Based Identification System with Validation and Authentication[C]//2021 7th International Conference on Computer and Communications (ICCC),2021:1551-1556.
• [40] Orman H.Blockchain:the emperors new PKI?[J].IEEE Internet Computing,2018,22(2):23-28.
• [41] Kalodner H A,Carlsten M,Ellenbogen P.An Empirical Study of Namecoin and Lessons for Decentralized Namespace Design[M]//14th Workshop on the Economics of Information Security (WEIS),2015.
• [42] Yakubov A,Shbair W.M,State R.BlockPGP:A Blockchainbased Framework for PGP Key Servers[C]//Proceedings of 2018 Sixth International Symposium on Computing and Networking Workships,Takayama,Japan,2018:316-322.
• [43] Manu S,Amy G,Markus S,et al.Decentralized Identifiers (DIDs) v1.0[EB/OL].(2022-07-19).https://www.w3.org/TR/did-core/.
• [44] Manu S,Grant N,Dave L,et al.Verifiable Credentials Data Model v1.1[EB/OL].(2022-03-03).https://www.w3.org/TR/vc-data-model/.
• [45] Nate O,et al.Verifiable Credentials Use Cases[EB/OL].(2019-09).https://www.w3.org/TR/vcuse-cases/.
• [46] 汤凌韬，许敏，金玉荣.基于区块链的身份认证机制的效率优化方法研究[J].计算机应用研究，2019,36(9):2783-2787+2791.
• [47] Kubilay M Y,Kiraz M S,Mantar H A.CertLedger:A new PKI model with Certificate Transparency based on blockchain[J].Computers & Security,2019,85:333-352.
• [48] Xu Y,Huang Y.Segment blockchain:A size reduced storage mechanism for blockchain[J].IEEE Access,2020,8:17434-17441.
• [49] Palai A,Vora M,Shah A.Empowering light nodes in blockchains with block summarization[C]//2018 9th IFIP International Conference on New Technologies,Mobility and Security (NTMS).IEEE,2018:1-5.
• [50] Mei H,Gao Z,Guo Z,et al.Storage mechanism optimization in blockchain system based on residual number system[J].IEEE Access,2019,7:114539-114546.
• [51] 贾大宇，信俊昌，王之琼，等.区块链的存储容量可扩展模型[J].计算机科学与探索，2018,12(4):525-535.
• [52] Dennis R,Owenson G,Aziz B.A temporal blockchain:a formal analysis[C]//2016 International Conference on Collaboration Technologies and Systems (CTS).IEEE,2016:430-437.
• [53] Shi J,Zeng X,Li Y.Reputation-Based Sharding Consensus Model in Information-Centric Networking[J].Electronics.2022;11(5):830.
• [54] Shi J,Zeng X,Li Y.A Register Access Control Scheme for SNR System to Counter CPA Attack Based on Malicious User Blacklist[J].Future Internet.2021;13(10):262.