NDN DeLorean: An Authentication System for Data Archives in Named Data Networking

download Download PDF

NDN DeLorean: An Authentication System for Data Archives in Named Data Networking.
by Yingdi Yu, Alexander Afanasyev, Lixia Zhang
NDN, Technical Report NDN-0040, Revision 1, May 24, 2016.

Named Data Networking (NDN) enables data-centric security in network communication by mandating digital signatures on network-layer data packets. This change introduces a new issue with data authentication: the lifetime of data can be longer than the lifetime of the signatures which is limited by the validity periods of the corresponding certificates. In this paper, we introduce a new authentication system for archived NDN data, NDN DeLorean, which uses a look back validation model that authenticates data considering the time point when the data was produced instead of the time it is being retrieved. As long as the archived data received a valid signature at the time of its production, it can stay valid perpetually. We designed NDN DeLorean as a publicly audited timestamp service that maintains a historical evidence of the data’s validity. NDN DeLorean creates permanent existence proofs of data (and certificates) upon request at a time when the original data signatures are valid. With both data and its signing key certificates being time stamped, DeLorean frees data producers from necessity to periodically re-sign archived data in order to keep it valid.