Mobile Sessions in Content-Centric Networks

Content-centric networking (CCN) is focused on transferring named data from producers to consumers upon request. This shifts security from that of a connection or channel to the content itself. There remains, however, many critical uses for the traditional client-server communication model with secure sessions. For instance, in many CCN applications, producers need a way to transfer key material or secret information to consumers. Not only does caching this content fail to serve multiple consumers, encrypting it under long-term, static keys does not afford them any forward secrecy. Consequently, there is a real and present need for a CCN-friendly protocol whose security properties meet or exceed similar transport security protocols in IP networks. In this paper, we present the design and implementation of the CCNx Key Exchange Protocol CCNxKE the first protocol design for bootstrapping encrypted service- centric sessions in CCN. We compare our design to that of existing IP-based transport security protocols to highlight important differences, discuss several important use cases for CCNxKE and secure sessions in CCN, and present a preliminary performance assessment. Our experiments indicate that session encryption adds, on average, a 30% data transfer latency compared to unencrypted traffic using our prototype implementation.

Citation

Mosko, M.; Uzun, E.; Wood, C. Mobile Sessions in Content-Centric Networks. IEEE/IFIP Networking.; Stockholm, Sweden. Date of Talk: 06/10/2017