Research On Data Privacy Protection Oriented Transmission Mechanism For NDN-IoT

Named Data Networking(NDN)is a typical representative of the next-generation Internet architecture.which adopts the "content-centric" design concept,replaces IP addresses with hierarchical naming,builds a flexible addressing model through named-based routing.And combine it with in-network caching mechanism to achieve improved content distribution performance.For Internet of Things(Io T)application with a large number of devices,NDN has the feature of no address configuration,which solves the problem of configuring addresses for a large number of Internet of Things devices;the named addressing feature of NDN provides better network architecture support for a large category of Io T applications that require active data collection.As a result,NDN is now considered to be a promising future Io T architecture solution.However,while NDN solves the problem of Io T address allocation and dynamic addressing,there is still a need for improvement for the data collection scenario of large-scale Io T nodes: the data transmission of existing NDN adopts the "send-once-receive" mode of "packet of interestpacket" interaction.This mode helps to balance the traffic within the network,but is not efficient for large-scale data collection tasks.To address this problem,this paper introduces the multi-pointto-one-point message propagation concast communication mode into NDN-based Io T(NDN-Io T),and designs a new concast network architecture with caching capability by modifying the interest packet naming and pending interest table structure;Then,to address the privacy leakage problem in in-network data aggregation,we use homomorphic re-encryption technology to achieve secure data aggregation and ensure.The paper then addresses the privacy leakage problem in in-network data aggregation by using homomorphic re-encryption to achieve secure data aggregation and ensure the in-network reusability of ciphertexts,and homomorphic hash to achieve signature aggregation of packets,which improves the efficiency of network data collection while guaranteeing the privacy and security of data.The main innovations of the paper are as follows.(1)Based on the design of NDN concast network architecture and homomorphic encryption technology,this paper proposes a secure NDN concast mechanism based on edge homomorphic re-encryption.Although the design of the concast communication process can solve the inefficiency of the original NDN "send-once-receive" mode,the homomorphic encryption can also guarantee the security of ciphertexts aggregation.However,in the traditional homomorphic aggregation method,multiple ciphertexts to be aggregated are encrypted using the public key of the data requester.For the NDN architecture,if homomorphic encryption is performed with a specific requester's public key,the aggregated data will lose its reusability and cannot take advantage of the caching feature of the NDN network.In view of this,this paper adopts a common public key for each content generator to encrypt the output data,so that the aggregated ciphertext can be reused by different requesters within the network;and a re-encryption key for specific requesters is configured for edge routers to achieve secure data distribution to specific requesters by re-encrypting the aggregated ciphertexts at the edge.The simulation results show that compared with the traditional SDA algorithm of homomorphic encryption with user's public key,the data acquisition delay of this mechanism is smaller and the network performance is significantly improved in the multi-user data acquisition scenario.(2)Since NDN adopts a security design based on the content itself,each packet carries a digital signature to identify its authenticity and integrity.When the secure concast mechanism implements data aggregation,how to aggregate the signatures of multiple aggregated packets and prove that the source of the aggregated data is trusted is a problem that needs to be further addressed.In view of this,this paper proposes a signature aggregation mechanism based on homomorphic hash.The mechanism uses homomorphic hash technology to sign the original data output by the content generator,and implements homomorphic aggregation of multiple signatures at the in-network router.After the requester receives the aggregated data,it can verify the decrypted aggregated data through the aggregated signature to check whether there is in-network forgery or tampering of the received aggregated data.The simulation results show that this mechanism does not have the problem of data privacy leakage by routers and has a low computational overhead compared with existing router re-signature techniques.