Sanjeev Kaushik Ramani
School of Computing and Information Sciences
Sanjeev Kaushik Ramani is a Ph.D. candidate in the School of Computing and Information Sciences (SCIS) at Florida International University (FIU). He is working under the direction of Dr. Alexander Afanasyev in the ISRG Lab and is co-advised by Dr. S.S. Iyengar. His research interests are in the Security, Privacy and Trust aspects of Named Data Networking. He earned his Bachelor’s degree from India and has held various positions at IBM and other companies before starting studies at FIU.
The Named Data Networking architecture mandates cryptographic signatures of packets at the network layer. Traditional RSA and ECDSA public key signatures require obtaining signer’s NDN certificate (and, if needed, the next-level certificates of the trust chain) to validate the signatures. This potentially creates two problems. First, the communication channels must be active in order to retrieve the certificates, which is not always the case in disruptive and ad hoc environments. Second, the certificate identifies the individual producer and thus producer anonymity cannot be guaranteed if necessary.
NDN-ABS is an alternative NDN signatures design based on the attribute-based signatures, to addresses both these problems. With NDN-ABS, data packets can be verified without the need for any network retrieval (provided the trust anchor is pre-configured) and attributes can be designed to only identify application-defined high-level producer anonymity sets, thus ensuring individual producer’s anonymity. The paper uses an illustrative smart-campus environment to define and evaluate the design and highlight how the NDN trust schema can manage the validity of NDN-ABS signatures. The paper also discusses performance limitations of ABS and potential ways they can be overcome in a production environment.