Professional Documents
Culture Documents
Abstract—Various schemes have been proposed for secure con- ubiquitous in-network storage, receiver-driven communication
tent delivery and access control in Information-Centric Networks model, content-oriented security model, etc. [4].
(ICN). However, it is not trivial to compare their performances However, ICN is also faced with new challenges especially
due to the lack of unified service model and consistent implemen-
tation methods. In this paper, a general service model merging in the access control of content and user authorization with-
publish-subscribe pattern with ICN framework is proposed to out predefined secure channel. Specifically, by leveraging in-
enable performance evaluation of different access control schemes network caches, it allows one to get content replications from
or various implementations. In addition, an identity based hybrid closer routers rather than remote origin servers. Therefore,
approach under this model is designed and analyzed, in which the in order to prohibit unauthorized content access, the system
content to be delivered is encrypted using a symmetric secret key,
which is then protected by an identity-based encryption scheme is obliged to guarantee content confidentiality as well as
together with the license to play the content, and later distributed authorize subscribed consumers for fine-grained access, which
to consumers as requested. Finally, this approach and two existing is more complicated than just providing a secure connection
schemes are implemented on a common cryptography library, as in current Internet.
and evaluated. Test results show that the proposed approach Previous work on access control in ICN can be generally
exhibits better performance and higher energy-efficiency in
mobile terminals than those existing ones. classified into two categories, namely the encryption-based
Index Terms—Information-Centric Networks, access control, approach and the content-based one. The former is to provide
identity-based cryptography. end-to-end content security while the latter is to append
new security features by means of both attributes of named
I. I NTRODUCTION Data themselves and features of the underlying ICN. As
56
Proceedings of 2018 1st IEEE International Conference on Hot Information-Centric Networking (HotICN 2018)
3URYLGHU the publisher releases the content on the web, which will be
6XEVFULEHU0DQDJHPHQW
referred to by its content name (step #4). When a consumer
s finds the content, he can obtain it from either the original
6XEVFULEHU storage or in-network caches through the underlying ICN (step
6XEVFULEHU t #5). Note that the content can be retrieved by anyone but
&RQVXPHUV
n cannot be played without the secret key and license. So, the
3URGXFHU n
r consumer has to request for them from the publisher (step #6).
,&1URXWHU
r u The server will securely grant the consumer with the secret
o
key and license which controls how to play the content after
3URYLGHU authenticating the identity of the consumer (step #7). Finally,
&RQWHQW0DQDJHPHQW
with the proper key and license, the consumer can play the
p content (step #8).
q
57
Proceedings of 2018 1st IEEE International Conference on Hot Information-Centric Networking (HotICN 2018)
͗Ĩ/Z
ϭсZ;͕ƌŬϭͿ Dс/;ϭ͕ƐŬϭͿ original one. Therefore, the total running time of this approach
can be estimated by using TA = N · τGenRK + τIBE(M ) +
ƌŬϭс'ĞŶZ<
с/;D͕/ϬͿ Eu Eu
Eu
ƌŬŶс'ĞŶZ< ŶсZ;͕ƌŬŶͿ Dс/;Ŷ͕ƐŬŶͿ N · τRE(M ) + N · τIBD(M ) , where τ represents the one-shot
͗Ś/Z
ƌŬϭс'ĞŶZ< ĐŬϭсZ;ĐŬ͕ƌŬϭͿ /;ĐŬϭ͕ƐŬϭͿ Dс^LJŵ;͕ŬͿ
execution time of the various algorithms, and (M ) indicates
Eu
с^LJŵ;D͕ŬͿ ĐŬс/;Ŭ͕/ϬͿ Eu Eu Eu
that this algorithm is performed toward the message.
ƌŬŶс'ĞŶZ< ĐŬŶсZ;ĐŬ͕ƌŬŶͿ /;ĐŬŶ͕ƐŬŶͿ Dс^LJŵ;͕ŬͿ In Approach B, the provider runs the SymE algorithm once
͗/> Dс^LJŵ;͕ŬͿ
on the content using a symmetric key (k) and the GenRK
ĐŬϭс/;Ŭ͕/ϭͿ Ŭ͗ /;ĐŬϭ͕ƐŬϭͿ
с^LJŵ;D͕ŬͿ
algorithm N times, and then runs the IBE algorithm on the key
Eu Eu Eu
/͗ŝĚĞŶƚŝƚLJŽĨƉƌŽǀŝĚĞƌ
ƌŬŝ͗ƌĞͲĞŶĐƌLJƉƚŝŽŶŬĞLJĨƌŽŵ
ĐŬŶс/;Ŭ͕/ŶͿ Ŭ͗ /;ĐŬŶ͕ƐŬŶͿ Dс^LJŵ;͕ŬͿ
using the identity of the provider. Each consumer executes the
ƉƌŽǀŝĚĞƌƚŽĐŽŶƐƵŵĞƌŝ
ƐŬŝ͗ƉƌŝǀĂƚĞŬĞLJŽĨĐŽŶƐƵŵĞƌŝ RE and IBD algorithms in sequence to retrieve the content key,
/ŝ͗ŝĚĞŶƚŝƚLJŽĨĐŽŶƐƵŵĞƌŝ WƌŽǀŝĚĞƌ ŽŶƐƵŵĞƌ
and then finally runs the SymD algorithm to get the original
Fig. 2. Algorithms in each approach.
content. Therefore, the total running time of this approach
can be evaluated by using TB = N · τGenRK + τSymE(M ) +
τIBE(k) + N · τRE(k) + N · τIBD(k) + N · τSymD(M ) , where
License Decryption. Given the private key, ski , and public (k) indicates that this algorithm is performed toward the key.
parameters, params, the consumer gets out the composite In Approach C, the provider performs the SymE algorithm
license by invoking the IBE decryption algorithm, k ⊕ Li = to the content using a symmetric key (k), and then runs the
IBE.decrypt(CLi , params, ski ) and then retrieves the con- IBE algorithm N times on the key using different identities.
tent key, k, and the license, Li . Each consumer performs the IBD algorithm once to retrieve
Content Decryption. Given the content key, k, the con- the content key, and then runs the SymD algorithm once to
sumer retrieves the original message by performing the sym- obtain the original content. Thus, the total running time of this
metric decryption, M = SymD(C, k). approach can be evaluated by using TC = τSymE(M ) + N ·
Note that although user authentication is not the focus of τIBE(k) + N · τIBD(k) + N · τSymD(M ) .
this paper, it is indispensable to put this approach into practice. For each approach, take the execution time per user (ETPU)
In some security-critical or privacy-sensitive scenarios, two- as the metric, which is defined as the total running time divided
factor authentication mechanism and its improved schemes by the number of consumers, denoted by Exy , where x denotes
[13] [14] may be integrated with this approach, with smart the approach index, x ∈ {A, B, C}; y denotes the provider or
cards storing the public parameters, personal information and the consumer, y ∈ {P, U }. Based on the analysis mentioned
security algorithms. above, ExP and ExU can be obtained as
⎧ τIBE(M )
III. E VALUATION ⎪
⎪ τGenRK + , for x = A
⎪
⎪ N
A. Different Approaches ⎨ τSymE(M ) τIBE(k)
ExP = τGenRK + + , for x = B
For comparison, three different approaches of access control ⎪
⎪ N N
⎪ τSymE(M )
⎪
are analyzed and evaluated. 1) Approach A, called full-IBRE ⎩ + τIBE(k) , for x = C
(abbr. fIBRE), is adopted from [7], in which the content is N
encrypted using publisher’s identity; re-encrypt keys are issued ⎧
for each subscriber; each consumer re-encrypts the content ⎨ τRE(M ) + τIBD(M ) ,
⎪ for x = A
using the re-encrypt key, converting the encrypted content to ExU = τRE(k) + τIBD(k) + τSymD(M ) , for x = B
what can be decrypted using the private key of corresponding ⎪
⎩τ
IBD(k) + τSymD(M ) , for x = C
subscriber. 2) Approach B is called Half-IBRE, denoted by
hIBRE, in which the content is encrypted using a symmetric Consumption of several algorithms is not taken into account
encryption algorithm with a content key protected by an IB- while evaluating the total running time, such as the Setup
PRE method. 3) Approach C is the one proposed in this paper and Extract algorithms of IBE system, the Sign and Verify
and described in Section II under the acronym IBLE, where the algorithms of the IBS system, since they make no difference
content is encrypted using a symmetric encryption algorithm, among all approaches. Additionally, since all consumers per-
whereas the content key is encrypted using an IBE scheme form algorithms in a parallel method, the total running time
rather than the IB-PRE one adopted in Approach B. here is the estimated consumption of computation resources,
Consider the scenario where N subscribers request a con- not exactly the real system latency.
tent, M . The algorithms on both the provider and consumer The aforementioned approaches were all implemented based
sides are listed and compared in Fig. 2. The total running time on a common cryptography library extended by us from
of those algorithms was used as the metric. Charm-Crypto Library [15], a well-known comprehensive
In Approach A, the provider executes the GenRK algorithm framework for rapidly prototyping advanced cryptography sys-
N times to generate re-encryption keys for N subscribers and tems using the Python language. All identity-based algorithms
runs the IBE algorithm once on the content using its identity. were derived from the IB-PRE scheme released in [16]. The
Each consumer performs the RE algorithm, and the IBD popular CTR mode of AES with a 128-bit key was selected
algorithm on the encrypted content in sequence for getting the as the symmetric encryption algorithm. Codes were run on a
58
Proceedings of 2018 1st IEEE International Conference on Hot Information-Centric Networking (HotICN 2018)
0.1 1 10 100 1000 10000 100000 0.1 1 10 100 1000 10000 100000
1000 1000
IBE fIBRE_P
IBD
hIBRE_P
100 IBD (PRE)
symE IBLE_P (proposed)
100
10
hIBRE_U
IBLE_U (proposed)
1
10
0.1
1
0.01
0.1 1 10 100 1000 10000 100000
Message size(kB) 0.1 1 10 100 1000 10000 100000
Message size (kB)
Fig. 3. Execution time of different algorithms regarding message size.
Fig. 4. Execution time per User for different schemes regarding message size
with 1000 consumers.
virtual machine (VM) of Ubuntu 16.04 with 2 GB RAM and
a 4-core CPU. All codes have been put on the GitHub.
the consumer count, the increase resulting from the message
B. Efficiency of Encryption/Decryption size is smoothed. On the consumer side, the execution time is
The efficiency of the various encryption/decryption algo- dominated by the decryption algorithm and therefore exhibits a
rithms is investigated first. The one-short execution time of re- rise similar to that shown in Fig. 3 as message size increases.
lated encryption/decryption algorithms regarding the message IV. C ONCLUSION
size are illustrated in Fig. 3, where the IBD (PRE) denotes the In this work, a reference service model merging the publish-
algorithm of identity-based decryption performed after proxy subscribe pattern with the ICN framework has been proposed.
re-encryption in fIBRE. The message size varies from 1 KB In addition, an identity-based license encryption (IBLE) ap-
to 32 MB with a factor of 8. proach for secure content distribution under this model was
As shown in Fig. 3, the running time of all algorithms developed and presented. In this approach, the content to
grows significantly as message size increases, and tends to be delivered is symmetrically ciphered. In the meantime, the
converge when the message size is larger than 4 MB. How- symmetric key together with the license is encrypted using an
ever, significant differences occur for smaller messages. The identity-based encryption (IBE) scheme where the provider or
speed of symmetric encryption algorithms (SymE/SymD) is publisher plays the role of PKG. Based on a common extended
much faster than that of those identity-based ones (IBE/IBD), cryptography library, the IBLE approach was implemented and
especially for short messages. To encrypt a message of 1 KB, executed in comparison with two other IB-PRE approaches.
the time consumed by IBE is about 100 times that of SymE. Test results show that the proposed approach (IBLE) exhibits
Without exceptions, the decryption algorithms run faster than better system performance and more energy-efficiency in con-
the corresponding encryption ones, and the re-encryption will sumer terminals, which makes it more viable for delivering
slow down the speed of decryption, making it close to that of content to mobile subscribers leveraging ICN technologies.
encryption. One can observe that the curve of IBD (PRE) is
very close to the one of the IBE. ACKNOWLEDGMENT
The authors would also like to thank contributors to pro-
C. Workload per Consumer
vide the original implementation of identity-baser proxy re-
The computational burdens on both sides of provider and encryption on GitHub (github.com/nikosft/IB-PRE).
consumer are further investigated. With a fixed number of
consumers, 1000, for each approach, the ETPUs of the algo- R EFERENCES
rithms running on both sides are logged and shown in Fig. 4, [1] T. Koponen, M. Chawla, B.-G. Chun, A. Ermolinskiy, K. H.
where P and U represent the side of the provider and the Kim, S. Shenker, and I. Stoica, “A data-oriented (and beyond)
network architecture,” in Proceedings of the 2007 Conference
consumers, respectively. on Applications, Technologies, Architectures, and Protocols for
According to Fig. 4, the ETPU on the provider side varies Computer Communications, ser. SIGCOMM ’07. New York,
little as message size increases. In marked contrast, the ETPU NY, USA: ACM, 2007, pp. 181–192. [Online]. Available:
http://doi.acm.org/10.1145/1282380.1282402
on the consumer side goes up significantly. On both sides, [2] V. Jacobson, D. K. Smetters, J. D. Thornton, M. F. Plass,
the proposed IBLE approach exhibits the least ETPU. This is N. H. Briggs, and R. L. Braynard, “Networking named content,”
consistent with the analysis of ExP and ExU in Section III-A. in Proceedings of the 5th International Conference on Emerging
Networking Experiments and Technologies, ser. CoNEXT ’09. New
On the provider side, all algorithms toward the message are York, NY, USA: ACM, Dec 2009, pp. 1–12. [Online]. Available:
all run for one time. When the total running time is divided by http://doi.acm.org/10.1145/1658939.1658941
59
Proceedings of 2018 1st IEEE International Conference on Hot Information-Centric Networking (HotICN 2018)
60