Research On Named Privacy Protection Mechanism Based On Homomorphic Proxy Re-Encryption For CCN/NDN

With the rapid development of the Internet,the host-centric network architecture has been unable to meet the needs of the new application technology such as content distribution,mobile applications and network security.Therefore,the future Internet architecture centered on content and information was proposed by international and domestic academics.Content Centric-Networking/Named-Data Networking(CCN/NDN)is the most competitive one among the information-centric future Internet architectures nowadays.Although the security mechanism has been introduced into the interest packet and data packet of CCN/NDN,there are still some security problems.In the process of content transmission,the name of content in the interest packet and the data packet is easy to reveal the privacy information such as the identity and interest of the content provider and the content consumer.And the network caching mechanism can lead to the separation of content and content producer.Security content delivery based on traditional end-to-end authentication mechanism is not suitable for CCN/NDN.Aiming at the above problems,this thesis designs a privacy-aware transmission system(PATS_ICN)based on the Paillier homomorphic cryptosystem and the proxy re-encryption mechanism,which can effectively solve the naming privacy problems of CCN/NDN network.In the PATS_ICN system,the content consumer uses the “alias” to subscribe the interesting content.According to the consumer's identity,quadratic function is constructed by content provider for generating consumer interest content “alias”.The content alias in the interest packet and the content name in data packet are blinded by using the Paillier homomorphic cryptosystem blind algorithm.In this way,because the content names in the interest packet and data packet are the alias and name after blinding,the attacker can't infer the privacy information of the content consumers and content providers through the content name.Secondly,after the routing node receiving the interest packet of subscribed content,blind content alias is took from interest packet,which is used to match the content name in cached data package.If matching results and the matching value in data packet are equal,the matching data packet will be transmitted to the content consumers.If not,the matching operation failed and the interest packet will be forwarded to the next hop routing node for subscription.Blind algorithm of Paillier homomorphic cryptosystem used here can not only guarantee the identity,interest and other private information of publisher and the content consumer,but also realize the correct matching of interest packet and data packet in the routing node.In addition,in order to ensure that only legitimate content consumer can get the content on the network and realize the safe transmission,the proxy re-encryption mechanism is adopted to encrypt the data packet in this thesis.Finally,the performance of the PATS_ICN system designed by this thesis is analyzed both in theory and simulation aspects,which shows that the PATS_ICN system neither depends on the server nor discloses the decryption key,and its ciphertext has the advantages like public verifiability.At the same time,the PATS_ICN system realizes naming privacy protection and the secure content transmission.