Mitigating On-Path Adversaries in Content-Centric Networks

Content-Centric Networking (CCN) is a recently proposed Internet paradigm that focuses on scalable, secure and efficient content distribution. The main abstraction is named and addressable content. A consumer requests desired named content by generating a so-called interest, which is then routed by the network towards an in-network cached copy, or the authoritative producer, of that content. Since all CCN content must be signed by its producer, consumers and routers can cryptographically verify its correctness, authenticity, and integrity. Thus, in principle, attacks that introduce fake (poisoned) content can be detected. However, verifying content signatures is optional for CCN routers, detection of fake content only implies presence of a malicious upstream entity. A major outstanding problem in CCN is how to react to such attacks, determine their source(s), and re-route interests accordingly. In this work, we construct a technique based on efficient per-hop packet integrity checks. Routers share secrets with neighboring routers and use them to verify and generate efficient per-hop packet authenticators. An on-path attacker that tampers with content in transit is quickly detected by downstream routers. Moreover, an on-path attacker that hijacks a namespace is discoverable. Our experimental assessment indicates that the proposed technique incurs very low per-packet overhead. Furthermore, since our approach is not CCN-specific, it can be applied to IP-based networks as well.