IEEE Access (Jan 2017)
Privacy Preserving Data-Sharing Scheme in Content-Centric Networks Against Collusion Name Guessing Attacks
Abstract
Content-centric networks are designed as potential candidates for future 5G networks and the Internet. In these kinds of networks, contents are queried, searched, and routed on names that people are interested in. Collecting names that a person queries in a content-centric network can violate his/her privacy. As more and more people are concerned about their privacy in daily life, it is desirable to present privacy-preserving protocols for content-centric networks. Currently, many schemes are designed to protect people's privacy but few of them consider the malicious behaviors of the transmitting routers, especially when the routers collude with a certain user. We discuss a kind of attack called collusion name guessing attack where intermediate routers collude with a certain user to perform a name guessing attack in order to expose people's privacy. It is shown that present schemes cannot resist such kind of attack, which will be a new challenge for content-centric networks. A new scheme with anonymous user identity and limited key validation time is designed to fight against the collusion name guessing attack. In the scheme, the users are anonymous and the shared keys are valid within a specified time period so the adversary does not know whose packets should be collected and it is infeasible to precompute the name matching datasets during the valid time period of the key. Moreover, slow matching for all users and all time periods needs enormous storage and will last a long time, which will make the attack cost-ineffective.
Keywords
