CertRevoke

Tianyuan Yu, Hongcheng Xie, Siqi Liu, Xinyu Ma, Xiaohua Jia, Lixia Zhang
2022 Proceedings of the 9th ACM Conference on Information-Centric Networking  
Named Data Networking (NDN) secures network communications by requiring all data packets to be signed upon production. This requirement makes usable and efficient NDN certificate issuance and revocation essential for NDN operations. In this paper, we first investigate and clarify core concepts related to NDN certificate revocation, then proceed with the design of CertRevoke, an NDN certificate revocation framework. CertRevoke utilizes naming conventions and trust schema to ensure certificate
more » ... ers and issuers legitimately produce in-network cacheable records for revoked certificates. We evaluate the security properties and performance of CertRevoke through case studies. Our results show that deploying CertRevoke in an operational NDN network is feasible. CCS CONCEPTS • Networks → Security protocols; • Security and privacy → Authentication.
doi:10.1145/3517212.3558079 fatcat:jt6qazny6jampftr2j3776jrji