Content Protection in Named Data Networking: Challenges and Potential Solutions

Information-Centric Networks (ICN) are promising alternatives to current Internet architecture since the Internet struggles with a number of issues such as scalability, mobility and security. ICN offers a number of potential benefits including reduced congestion and enhanced delivery performance by employing content caching, simpler network configurations and stronger security for the content. Named Data Networking (NDN), an instance of the ICN, enables content delivery instead of host-centric approaches by naming data rather than the host. In order to make NDN practical in the real world, the challenging issues of content security need to be addressed. In this article, we examine the architecture, content security as well as possible solutions to these issues of NDN, with a special focus on content integrity and provenance. We propose a variety of digital signature schemes to achieve the data integrity and origin authentication in NDN for various applications, which include cost-effective signatures, privacy-preserving signatures, network coding signatures, and post-quantum signatures. We also present the speed-up techniques in generating signatures and verifying signatures such as pre-computation, batch verification and server-aided verification to reduce the computational cost of the producers and receivers in NDN. A number of certificate-free trust management approaches and possible adoptions in NDN are investigated.